track.aditserve.com/sl?id=61b9db328bff280d95069d29&pid=1106&sub1=63be70cf316bbe59ed5d907f&sub2=101.888.ys_22.22.930_c1a9c8a3_101.465513.us.
302 Found 0 B URL HTTP/1.1 track.aditserve.com/sl?id=61b9db328bff280d95069d29&pid=1106&sub1=63be70cf316bbe59ed5d907f&sub2=101.888.ys_22.22.930_c1a9c8a3_101.465513.us.
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=61b9db328bff280d95069d29&pid=1106&sub1=63be70cf316bbe59ed5d907f&sub2=101.888.ys_22.22.930_c1a9c8a3_101.465513.us. HTTP/1.1
Host: track.aditserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 11 Jan 2023 08:18:43 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://kixa.jukminung.com/rc/19aff8b744?affclick=63be70e3620f10000164bdd8&pubid=1106_101.888.ys_22.22.930_c1a9c8a3_101.465513.us.
Set-Cookie: afclick=63be70e3620f10000164bdd8; expires=Thu, 11 Jan 2024 08:18:43 GMT; secure; SameSite=None
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Wed, 11 Jan 2023 14:18:30 GMT
Date: Wed, 11 Jan 2023 08:18:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18799
Expires: Wed, 11 Jan 2023 13:32:02 GMT
Date: Wed, 11 Jan 2023 08:18:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d8ccb7b2b89aec333fabc04d37337892
c2a13a42c1bd0cf7ce68d9c13b3d6ba1044b5283
75fcc3ea090454e3489a131b70ab50798fec6a08664745027d7a1cf62c6aba28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FCC3EA090454E3489A131B70AB50798FEC6A08664745027D7A1CF62C6ABA28"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21150
Expires: Wed, 11 Jan 2023 14:11:13 GMT
Date: Wed, 11 Jan 2023 08:18:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 07:41:47 GMT
content-type: application/json
age: 2216
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pMLb6nOyfQCrdGp2T4URVa+bHlN2ZIaww9Nf2/5QiHkGQukIoViFQUxsCxg4/gdiUiWDAodsJAQ=
x-amz-request-id: 7VBXEWYF2XQGXFF6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 08:16:58 GMT
age: 105
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 08:18:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash da8ff788462308448730e2af0d574c85
68afdec092f7c2121ec251bde1dd3b0641cb5020
5d57d1553a81cdcfd69c5d022ffd2ab9071d8be9e373f3805a165cff7206ea8d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D57D1553A81CDCFD69C5D022FFD2AB9071D8BE9E373F3805A165CFF7206EA8D"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 11 Jan 2023 14:18:43 GMT
Date: Wed, 11 Jan 2023 08:18:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash da8ff788462308448730e2af0d574c85
68afdec092f7c2121ec251bde1dd3b0641cb5020
5d57d1553a81cdcfd69c5d022ffd2ab9071d8be9e373f3805a165cff7206ea8d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D57D1553A81CDCFD69C5D022FFD2AB9071D8BE9E373F3805A165CFF7206EA8D"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 11 Jan 2023 14:18:43 GMT
Date: Wed, 11 Jan 2023 08:18:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 07:33:45 GMT
age: 2698
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:44 GMT
Last-Modified: Wed, 11 Jan 2023 06:34:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 280 B IP
Hash a3f6f570ba56464b5c4e2b8c40c2df75
3d480a47066c97095465b7ce01414b97ae59cf5d
24a4201b2558947b1b9ecf76b55d431098cc89952788b9f9426188325b757acd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:44 GMT
Etag: "63bcfdbb-118"
Server: ECS (amb/6B8C)
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash a3f6f570ba56464b5c4e2b8c40c2df75
3d480a47066c97095465b7ce01414b97ae59cf5d
24a4201b2558947b1b9ecf76b55d431098cc89952788b9f9426188325b757acd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5202
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:44 GMT
Last-Modified: Wed, 11 Jan 2023 06:52:02 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fp5k/fG4Ua2SYyP01xVDoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VBgKLNqwwMh8ge9AfcLW555uEvk=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4143131b13944b0b44333d805e65799c
79c0821ba443c2458e612ac4370928b0e078891c
50823241ea3ae7ef7292df2ca9ed44856e318604e754e61c196c337d0aca11d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50823241EA3AE7EF7292DF2CA9ED44856E318604E754E61C196C337D0ACA11D5"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18888
Expires: Wed, 11 Jan 2023 13:33:32 GMT
Date: Wed, 11 Jan 2023 08:18:44 GMT
Connection: keep-alive
t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pub9fd24b123d3b48b08600b4c897ffe550&s=039ae99a
302 Found 0 B URL HTTP/1.1 t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pub9fd24b123d3b48b08600b4c897ffe550&s=039ae99a
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pub9fd24b123d3b48b08600b4c897ffe550&s=039ae99a HTTP/1.1
Host: t3.hightid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kixa.jukminung.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 11 Jan 2023 08:18:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 1217p3t0dz
Raund: 1jh
Location: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c3a1343cd13f60af706b890f02fe582e
5e147ee4f95ae55bf5910c3ee7ad50dcda5230b3
719d9385e7d5a201b18fc970c8d3f5ca7ebea6466184cf7e25fada0ff4ed028a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "719D9385E7D5A201B18FC970C8D3F5CA7EBEA6466184CF7E25FADA0FF4ED028A"
Last-Modified: Wed, 11 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16867
Expires: Wed, 11 Jan 2023 12:59:51 GMT
Date: Wed, 11 Jan 2023 08:18:44 GMT
Connection: keep-alive
ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a
302 Found 0 B URL HTTP/1.1 ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a HTTP/1.1
Host: ron.trffclb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kixa.jukminung.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 11 Jan 2023 08:18:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 119cdtswvl
Raund: 12uf2w0vxv-2v5
Location: https://popcash.net/world/go/134600/317194
ocsp.digicert.com/
200 OK 279 B IP
Hash 6e99c6f65e1e6fbdbb0f663f83039eac
e8dc4ce519a415867eae013fa0a6a8b408c5762f
9e014f87f008019d19654e8538b3b3c781bdb2c4142029f9a1abd60b2d4965f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6139
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:45 GMT
Last-Modified: Wed, 11 Jan 2023 06:36:27 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
popcash.net/world/go/134600/317194
301 Moved Permanently 162 B URL HTTP/2 popcash.net/world/go/134600/317194
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /world/go/134600/317194 HTTP/1.1
Host: popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kixa.jukminung.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 11 Jan 2023 08:18:45 GMT
content-type: text/html
content-length: 162
location: http://ps.popcash.net/go/134600/317194
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEo8bMWFYwniE%2BPXlmyu6yeNwqLQboMkuLRhWQVccgwKCM43z5Xy9pJ6E18LaqUNDdUETfsItI%2Fawv9aFZ51%2BnVJxMBpyxx7ZU05ebuIC%2FktdnncMVTZmepLVvZ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787c393778ddb4f9-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Wed, 11 Jan 2023 10:23:10 GMT
Date: Wed, 11 Jan 2023 08:18:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Wed, 11 Jan 2023 10:23:10 GMT
Date: Wed, 11 Jan 2023 08:18:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Wed, 11 Jan 2023 10:23:10 GMT
Date: Wed, 11 Jan 2023 08:18:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mYQfpwVDSCnen6utBvdBBOmlxS0gGhOqIg8YZ1D0Bt2Ii9O07L9G9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:56:16 GMT
age: 1349
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pURlX7y10G8YZmmDErWlZPJoW6evZ716B3NVZXafQRDpZ3Ei1ixeWA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:26 GMT
age: 38119
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29a4e5f8-90d2-4932-b687-e827f7b75a6b.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29a4e5f8-90d2-4932-b687-e827f7b75a6b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82b10434cd29773d0f2f05a9904bd8d7
254f8d0a30d61afe871b7d603d4f0669bfb59808
5955b48e68572fd477fbb1bf172c3d590320b7408668a7fc586022362dd7447d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29a4e5f8-90d2-4932-b687-e827f7b75a6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8395
x-amzn-requestid: 13f52de6-c624-4005-8c98-b8299ce3d156
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei75DGBwIAMFU3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d3-278ee7ad4b30336e2ada7970;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2pOcdK8bVXyEoZvhn6X6jYWBA53UY_zuNExfPEMaVxuPuWeNyEGjCA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:47:53 GMT
age: 37852
etag: "254f8d0a30d61afe871b7d603d4f0669bfb59808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d11194f94b91e55e976fc5d704afa55
eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b
66b01e33e1bc18d18e187632738f8ff49ef58a2d054367173c0570b7caa76260
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4116
x-amzn-requestid: 64c7b71c-74a5-4304-bab5-305de0e4c9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eON3PHCaoAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5902e-72ada40c0419baa7763c2441;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 14:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wrpetZbXyS3pCR4ZBK2XXJRHbg652psant3gpl9ALVEZcfPE1ez8xw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 04:19:34 GMT
age: 14351
etag: "eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68af9d9acdc08345ac38ae59f83a9a24
d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee
1ae2e194f6bb20166d326002b39a4e3f44a9a97046e77ffd2a186eae384b7ce1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10640
x-amzn-requestid: 0b0b6732-7692-4b35-9625-154dc39386dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei745GEooAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d2-314dad90600e9d8c737adf05;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZR6BWnywdcRk5KkmuuMtlIgFKqD_IHiv9jSum7TsjPo5US-gkn7Z-w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:43 GMT
etag: "d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee"
content-type: image/jpeg
age: 38102
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35ee3a36f2d56adfa27324f734f8f7fc
6ec36e85e464004c5e6255739e962e6dcc4c24c6
6cedd3770eb8879c837799d36ebca9d631789d972d3631d730829fc5d64abb25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8024
x-amzn-requestid: b331ee66-c166-4fa6-b950-287134d07fa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ6EM0oAMFQFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-39ff669b44e3dd9339daa56b;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7zCIruOrf5jJueIqE6Z96QIjSPsQLEzcePndU89BTMpN9Uw6Arhc3w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:47:33 GMT
age: 1872
etag: "6ec36e85e464004c5e6255739e962e6dcc4c24c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ps.popcash.net/go/134600/317194
200 OK 272 B URL HTTP/1.1 ps.popcash.net/go/134600/317194
IP
File type HTML document, ASCII text
Hash 5c7be88ae180cac6a2110677251162cd
702fdebe2ba1d243c7eaff4225c92ba42c46db45
c5915b1296d396ccae56548a2ba0cc51ba87f4a10d5a33ca2a80df28db832cec
Analyzer Verdict Alert fortinet Malware
GET /go/134600/317194 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 11 Jan 2023 08:18:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
ps.popcash.net/ad/ad?p=134600&w=317194&t=96cf84bc74ed8782&r=&vw=1280&vh=0
303 See Other 0 B URL HTTP/1.1 ps.popcash.net/ad/ad?p=134600&w=317194&t=96cf84bc74ed8782&r=&vw=1280&vh=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=134600&w=317194&t=96cf84bc74ed8782&r=&vw=1280&vh=0 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Wed, 11 Jan 2023 08:18:45 GMT
Location: http://leont-pfd.com/zcvisitor/915092f3-9188-11ed-a3c6-0ad2af265803/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=7d7c3280-6dab-11ed-9d23-12beee04f19b#pc151445
Server: nginx
Content-Length: 0
Connection: keep-alive
leont-pfd.com/zcvisitor/915092f3-9188-11ed-a3c6-0ad2af265803/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=7d7c3280-6dab-11ed-9d23-12beee04f19b
302 0 B URL HTTP/1.1 leont-pfd.com/zcvisitor/915092f3-9188-11ed-a3c6-0ad2af265803/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=7d7c3280-6dab-11ed-9d23-12beee04f19b
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/915092f3-9188-11ed-a3c6-0ad2af265803/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=7d7c3280-6dab-11ed-9d23-12beee04f19b HTTP/1.1
Host: leont-pfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Wed, 11 Jan 2023 08:18:46 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://bnr.thedataclicks.com/get/Y2x1uwhzCQUWsRki19S5Fpdr?target=whiskey-ria-ss9gkru3z&source=vitellary-lion&keyword=mainstream&match=&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&trafficType=POPUP&visitorType=NON-ADULT&campaignId=1998166&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&campaignName=NEW+-+ZP5+-+NO&cost=0.000190
Server: uFPJvBTI
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d5316ed4524bd1d474163b8c9d385138
aaf1dcb32f13a0775d0540aa504a518e0a22cc6b
1bc36fc34ff794807692e1d48bf491ef958015aa9909163604a1fd651f3aadcc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 08:18:46 GMT
Etag: "63bd04a5-1d7"
Last-Modified: Wed, 11 Jan 2023 08:16:29 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iUnMOGSVgsFh8L_WSowA_C8KB3GI5albZ7By0OFIoUAHx1VcZtLdZg==
Age: 137
bnr.thedataclicks.com/get/Y2x1uwhzCQUWsRki19S5Fpdr?target=whiskey-ria-ss9gkru3z&source=vitellary-lion&keyword=mainstream&match=&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&trafficType=POPUP&visitorType=NON-ADULT&campaignId=1998166&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&campaignName=NEW+-+ZP5+-+NO&cost=0.000190
200 OK 1.6 kB URL HTTP/2 bnr.thedataclicks.com/get/Y2x1uwhzCQUWsRki19S5Fpdr?target=whiskey-ria-ss9gkru3z&source=vitellary-lion&keyword=mainstream&match=&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&trafficType=POPUP&visitorType=NON-ADULT&campaignId=1998166&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&campaignName=NEW+-+ZP5+-+NO&cost=0.000190
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (793)
Hash c9e7fa9d4a4c25d699dc3b40724850e2
281e82710935429607cdc9aefb5a40d8cfb64527
025158d62a66dfa73ef8704a62f12f8550032945c6dd2948fe8dd24ec0c66b80
GET /get/Y2x1uwhzCQUWsRki19S5Fpdr?target=whiskey-ria-ss9gkru3z&source=vitellary-lion&keyword=mainstream&match=&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&trafficType=POPUP&visitorType=NON-ADULT&campaignId=1998166&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&campaignName=NEW+-+ZP5+-+NO&cost=0.000190 HTTP/1.1
Host: bnr.thedataclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Wed, 11 Jan 2023 08:18:46 GMT
content-type: text/html
content-length: 1571
X-Firefox-Spdy: h2
d1aaucsx2ftut2.cloudfront.net/jcm-mm/dbf22d50eb3f9d835a7399371403565c.jpg
200 OK 184 kB URL HTTP/2 d1aaucsx2ftut2.cloudfront.net/jcm-mm/dbf22d50eb3f9d835a7399371403565c.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 800x575, components 3\012- data
Size 184 kB (184529 bytes)
Hash ef60018c5db320c478ea0738b33966e5
9dd467554cf4b76fc7df3eaac3766d29bdb2b543
9789121067d1f5aa7eeb3267b926014932e6d089fa6053ff05289875f9b262e5
GET /jcm-mm/dbf22d50eb3f9d835a7399371403565c.jpg HTTP/1.1
Host: d1aaucsx2ftut2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bnr.thedataclicks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 184529
last-modified: Wed, 15 Apr 2020 16:57:11 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 11 Jan 2023 00:44:53 GMT
etag: "ef60018c5db320c478ea0738b33966e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dTfZk4KyGm0tZMgIvuFCs3D4tW29eRzqFIjymNDeKXmcPROWkprjuw==
age: 29630
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a6d044e1382779906ab306d9b96d4e92
3630f066ffd92de6482577f56623bfdee025f1bb
753e673ec18cbe2933821b2e1df3f7d0ddbb0a1daf708fd43a7fa35ee5e4087c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101965
Date: Wed, 11 Jan 2023 08:18:47 GMT
Etag: "63bd46f3-1d7"
Expires: Thu, 12 Jan 2023 12:38:12 GMT
Last-Modified: Tue, 10 Jan 2023 11:07:31 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3mWkqOjTRlKy6EpSi8BglCsF4XacZvFVDiH7MSL2f2Dtq79VK1sz1w==
Age: 5441
lnk.clickadsolutions.com/js/c.js
200 OK 7.8 kB URL HTTP/2 lnk.clickadsolutions.com/js/c.js
IP
Hash 28f147c32edde42fcfabfc9cfa93edcd
4540d4c6db74de7651a1fe723ea0aa563b4c0678
e762d6ca1ddd7dab2fa0db7702efdbd3bc10e6f7f3be7b0f8818d45d5bcb96d7
GET /js/c.js HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024
Cookie: v=t; cas=3451:1836:1836:1; rls=290870:1836:1836:1|290838:1836:1836:1|290848:1836:1836:1|265458:1836:1836:1|291100:1836:1836:1; com=162:92:NO:1836:1836:1|16571:166:NO:1836:1836:1|3833:142:NO:1836:1836:1|162:37:NO:1836:1836:1|9424:166:NO:1836:1836:1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:47 GMT
content-type: application/javascript
content-length: 7804
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 10 Jan 2023 16:34:39 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
lnk.clickadsolutions.com/?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fcubus.com%2526b%253D63be70e793093b6e0c0fe2a1-RL-290870&log=false&type=ROTATOR_LINK&linkId=290870&clickId=63be70e793093b6e0c0fe2a1&br=false
200 OK 1.6 kB URL HTTP/2 lnk.clickadsolutions.com/?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fcubus.com%2526b%253D63be70e793093b6e0c0fe2a1-RL-290870&log=false&type=ROTATOR_LINK&linkId=290870&clickId=63be70e793093b6e0c0fe2a1&br=false
IP
Hash b74a940965c3a846a27fc2517c5abb38
59901ac42615a0d794fdb8f0bc118e70745e6e46
cfd96cfdbe77cb6425b7a8875908f83eecc7ebca46cbd7bf57b050c7db55eb11
GET /?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fcubus.com%2526b%253D63be70e793093b6e0c0fe2a1-RL-290870&log=false&type=ROTATOR_LINK&linkId=290870&clickId=63be70e793093b6e0c0fe2a1&br=false HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024
Cookie: v=t; cas=3451:1836:1836:1; rls=290870:1836:1836:1|290838:1836:1836:1|290848:1836:1836:1|265458:1836:1836:1|291100:1836:1836:1; com=162:92:NO:1836:1836:1|16571:166:NO:1836:1836:1|3833:142:NO:1836:1836:1|162:37:NO:1836:1836:1|9424:166:NO:1836:1836:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:47 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39e74fee23bd195e2926cf5241f2fca5
a3361a128141f84053b85994e1a3b2f3e9c9d979
aaa2168872731f90ab7c5d5e98dc17660973582d1b157f4e4a3be4939e99b7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39e74fee23bd195e2926cf5241f2fca5
a3361a128141f84053b85994e1a3b2f3e9c9d979
aaa2168872731f90ab7c5d5e98dc17660973582d1b157f4e4a3be4939e99b7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39e74fee23bd195e2926cf5241f2fca5
a3361a128141f84053b85994e1a3b2f3e9c9d979
aaa2168872731f90ab7c5d5e98dc17660973582d1b157f4e4a3be4939e99b7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lnk.clickadsolutions.com/?bt=lnk.performance-click.com&ref=https%3A%2F%2Fwww.abcnyheter.no%2F&friend=&u=perf.af.funneldrivers.com%252Fts%252Fi5046892%252Ftsc%253Ftyp%253Dr%2526amc%253Daff.eficads.373016.506668.CRTiPbMtM2-%2526smc1%253D63be70e793093b6e0c0fe2a1-RL-291100%2526smc5%253Dlnk.performance-click.com%25252Fref%25252Fwww.abcnyheter.no%25252F&log=false&type=ROTATOR_LINK&linkId=291100&clickId=63be70e793093b6e0c0fe2a1&br=false
200 OK 1.9 kB URL HTTP/2 lnk.clickadsolutions.com/?bt=lnk.performance-click.com&ref=https%3A%2F%2Fwww.abcnyheter.no%2F&friend=&u=perf.af.funneldrivers.com%252Fts%252Fi5046892%252Ftsc%253Ftyp%253Dr%2526amc%253Daff.eficads.373016.506668.CRTiPbMtM2-%2526smc1%253D63be70e793093b6e0c0fe2a1-RL-291100%2526smc5%253Dlnk.performance-click.com%25252Fref%25252Fwww.abcnyheter.no%25252F&log=false&type=ROTATOR_LINK&linkId=291100&clickId=63be70e793093b6e0c0fe2a1&br=false
IP
Hash 7c71e67c297518d43306714b88a1d16e
52c59e23307398052340470641212dc84ef3c4db
cacdca665149f94e9b2d20269b2dd0b807acf6f2773b54831bea6cdee1f8ef6b
GET /?bt=lnk.performance-click.com&ref=https%3A%2F%2Fwww.abcnyheter.no%2F&friend=&u=perf.af.funneldrivers.com%252Fts%252Fi5046892%252Ftsc%253Ftyp%253Dr%2526amc%253Daff.eficads.373016.506668.CRTiPbMtM2-%2526smc1%253D63be70e793093b6e0c0fe2a1-RL-291100%2526smc5%253Dlnk.performance-click.com%25252Fref%25252Fwww.abcnyheter.no%25252F&log=false&type=ROTATOR_LINK&linkId=291100&clickId=63be70e793093b6e0c0fe2a1&br=false HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024
Cookie: v=t; cas=3451:1836:1836:1; rls=290870:1836:1836:1|290838:1836:1836:1|290848:1836:1836:1|265458:1836:1836:1|291100:1836:1836:1; com=162:92:NO:1836:1836:1|16571:166:NO:1836:1836:1|3833:142:NO:1836:1836:1|162:37:NO:1836:1836:1|9424:166:NO:1836:1836:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:47 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=Eficads+Media+Group+S.L.&cm=affiliate&cn=1995957&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.performance-click.com%2Fref%2Fhttps%3A%2F%2Fwww.abcnyheter.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1814736496.1224748639
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=Eficads+Media+Group+S.L.&cm=affiliate&cn=1995957&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.performance-click.com%2Fref%2Fhttps%3A%2F%2Fwww.abcnyheter.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1814736496.1224748639
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=Eficads+Media+Group+S.L.&cm=affiliate&cn=1995957&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.performance-click.com%2Fref%2Fhttps%3A%2F%2Fwww.abcnyheter.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1814736496.1224748639 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1234027596.1114421884
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1234027596.1114421884
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1234027596.1114421884 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=Tredia&cc=290838&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1585577977.1110133195
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=Tredia&cc=290838&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1585577977.1110133195
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=Tredia&cc=290838&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1585577977.1110133195 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=Tredia&cc=265458&ck=42259&cm=Brandreward&cn=Cewe&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1342174550.1946043048
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=Tredia&cc=265458&ck=42259&cm=Brandreward&cn=Cewe&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1342174550.1946043048
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=Tredia&cc=265458&ck=42259&cm=Brandreward&cn=Cewe&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1342174550.1946043048 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&tid=UA-6627226-3&t=pageview&ds=web&aip=1&cs=referral&cm=4242&cn=%28not+set%29&cc=%28not+set%29&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1627947293.1400193996
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-6627226-3&t=pageview&ds=web&aip=1&cs=referral&cm=4242&cn=%28not+set%29&cc=%28not+set%29&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1627947293.1400193996
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-6627226-3&t=pageview&ds=web&aip=1&cs=referral&cm=4242&cn=%28not+set%29&cc=%28not+set%29&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1627947293.1400193996 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=Tredia&cc=290848&ck=42259&cm=Advanced+Store&cn=bangerhead&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1943251550.1681705626
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=Tredia&cc=290848&ck=42259&cm=Advanced+Store&cn=bangerhead&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1943251550.1681705626
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=Tredia&cc=290848&ck=42259&cm=Advanced+Store&cn=bangerhead&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1943251550.1681705626 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=JustClick+Media&cc=291100&ck=42259&cm=Eficads&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.performance-click.com%2Fref%2Fhttps%3A%2F%2Fwww.abcnyheter.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1111919223.1661006284
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=JustClick+Media&cc=291100&ck=42259&cm=Eficads&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.performance-click.com%2Fref%2Fhttps%3A%2F%2Fwww.abcnyheter.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1111919223.1661006284
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=JustClick+Media&cc=291100&ck=42259&cm=Eficads&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.performance-click.com%2Fref%2Fhttps%3A%2F%2Fwww.abcnyheter.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1111919223.1661006284 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&tid=UA-2922176-15&t=pageview&ds=web&aip=1&cs=tradetracker&cm=cpa&cn=no&cc=%28not+set%29&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=172994222.184777576
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-2922176-15&t=pageview&ds=web&aip=1&cs=tradetracker&cm=cpa&cn=no&cc=%28not+set%29&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=172994222.184777576
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-2922176-15&t=pageview&ds=web&aip=1&cs=tradetracker&cm=cpa&cn=no&cc=%28not+set%29&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=172994222.184777576 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51077
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39e74fee23bd195e2926cf5241f2fca5
a3361a128141f84053b85994e1a3b2f3e9c9d979
aaa2168872731f90ab7c5d5e98dc17660973582d1b157f4e4a3be4939e99b7e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 923750ec3f3b667c7018cc7dd066d8c2
14ac7787dbd2293145dc1d02b60590d14db50715
1e102b5fabaef2a16e9aa8f120773910c7f3fec7b05df071c2ba944a1a6ddb94
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 11 Jan 2023 08:18:47 GMT
Last-Modified: Wed, 11 Jan 2023 07:21:18 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UsWh68DgvvJg8cYr6IblFptT5M7lvqwC6xQEicZuw7P1JWKbz6sKVQ==
Age: 3449
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d7bd53fde85c7660eeea2259fcc211b3
938d758c1f1004302266f5f1885d6d4cad2bdac6
f2c71f3b15bb4a0476b0140bf17c4190da121f3d4b53e74783ae606d5e26fd59
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157089
Date: Wed, 11 Jan 2023 08:18:48 GMT
Etag: "63be31af-1d7"
Expires: Fri, 13 Jan 2023 03:56:57 GMT
Last-Modified: Wed, 11 Jan 2023 03:49:03 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bDB7KYE4HU0sdn_qjEjRnuG3zoK1vTHW8XBR-fcK9ujypgIqw-0CVw==
Age: 474
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash ae2f960a96a201977ffc52ef027f0218
5c18d28edcd30a895bfb1ec434a085b9d61687eb
c01084ef953928c7475d43b5f8713621f166e4ef61a36d5e99cd34d4b276d31a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139093
Date: Wed, 11 Jan 2023 08:18:48 GMT
Etag: "63bde188-1d7"
Expires: Thu, 12 Jan 2023 22:57:01 GMT
Last-Modified: Tue, 10 Jan 2023 22:07:04 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p_Cf9SOtk-M4N6q6sj_Xnw2ZOlWRy649DDe2ymOuUjZCca0S44tTgA==
Age: 2997
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 0ee599e79ab6c85f7ecdb1545f177653
7174cacdc151e5ef24f17367a1befa23603f9d6d
d8894089e06efb21f30b8fb7d1170645059fe9ba37cd08c5c4880e7f661844c2
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142650
Date: Wed, 11 Jan 2023 08:18:48 GMT
Etag: "63bdf105-1d7"
Expires: Thu, 12 Jan 2023 23:56:18 GMT
Last-Modified: Tue, 10 Jan 2023 23:13:09 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: boGChW-F7y46cw17R_Ntv0NhUT5uoy-OznJfqhYHqrbyRggoXVGy3g==
Age: 2589
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 0ee599e79ab6c85f7ecdb1545f177653
7174cacdc151e5ef24f17367a1befa23603f9d6d
d8894089e06efb21f30b8fb7d1170645059fe9ba37cd08c5c4880e7f661844c2
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141680
Date: Wed, 11 Jan 2023 08:18:48 GMT
Etag: "63bdf105-1d7"
Expires: Thu, 12 Jan 2023 23:40:08 GMT
Last-Modified: Tue, 10 Jan 2023 23:13:09 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tDJoJv7py8BGMNXjdAdukv2l5pBTk9aYNCu2YMkO1WPaPY6qY-sndw==
Age: 1620
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash de9469f64eecd0c1fdba930665c302bb
bf486966e9be3c334ec006660eca782f385f74d4
b0f54da1bced9d5b4f64a2b2af5b043a3a899a0dd60835a28c65c8720b9abe35
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137139
Date: Wed, 11 Jan 2023 08:18:48 GMT
Etag: "63bde59b-1d7"
Expires: Thu, 12 Jan 2023 22:24:27 GMT
Last-Modified: Tue, 10 Jan 2023 22:24:27 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P53WftLnLd-6RUcBAAzosypGfodOXtFymE_-a4hi6xEuskVfWMt2yA==
ticketmaster-no.tm8215.net/3PYq4d?SubId1=63be70e793093b6e0c0fe2a1-RL-290838&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F
302 Found 417 B URL HTTP/2 ticketmaster-no.tm8215.net/3PYq4d?SubId1=63be70e793093b6e0c0fe2a1-RL-290838&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F
IP
File type HTML document, ASCII text, with very long lines (416)
Hash 91e776685d9dcaa563e1aa58a70db754
331f197dbe75c71fc8558b1749f227430d810cad
bb28c0d7eb0f80cf8a59792e73b8e5547de017c2c878401d94297d8c98f104bc
GET /3PYq4d?SubId1=63be70e793093b6e0c0fe2a1-RL-290838&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F HTTP/1.1
Host: ticketmaster-no.tm8215.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.thebigadsstore.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 11 Jan 2023 08:18:48 GMT
content-type: text/html; charset=utf-8
content-length: 417
location: https://www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D63be70e793093b6e0c0fe2a1-RL-290838%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes
set-cookie: AWSALB=1vqLadirXQksiB9/W0PjpT7Q60ZAYn19ux+rJ//4oZz9ACg3VBOCPdmE1kYDFMfDiBMqBKoe0xmlDWLsUj3YoBuKwbH290JtR/GHahfmz57UhAhvPr+GqEzVzypF; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/
AWSALBCORS=1vqLadirXQksiB9/W0PjpT7Q60ZAYn19ux+rJ//4oZz9ACg3VBOCPdmE1kYDFMfDiBMqBKoe0xmlDWLsUj3YoBuKwbH290JtR/GHahfmz57UhAhvPr+GqEzVzypF; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/; SameSite=None; Secure
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 11 Jan 2023 08:18:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash abd69ca85d37288945ce7da2e3f7ad71
04c428e0ea42a7f52d05ca6ba64f3213c869bb7a
fff28d99193e9ddda79351df181cf317560035c3b59edfc23eaebf65b3b08bf5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: max-age=149290
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:48 GMT
Etag: "63bdfc36-117"
Expires: Fri, 13 Jan 2023 01:46:58 GMT
Last-Modified: Wed, 11 Jan 2023 00:00:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash abd69ca85d37288945ce7da2e3f7ad71
04c428e0ea42a7f52d05ca6ba64f3213c869bb7a
fff28d99193e9ddda79351df181cf317560035c3b59edfc23eaebf65b3b08bf5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5371
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:48 GMT
Last-Modified: Wed, 11 Jan 2023 06:49:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
jib.rtbtrack.site/
200 OK 993 B IP
Hash 03406fb5fac4a214c32e89549ce0a73c
4942306a307be974b791e6cc5234e5024f9d105c
f89b07bb860c82e8338c7ee97295e71ad7a7a13e3c66a3c453480745806c35a2
POST / HTTP/1.1
Host: jib.rtbtrack.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 230
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:48 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 2f32b8975f314dc139c7100d80ad83b1
bf633344c3f53680cb47e6414c44f43e9b31905a
d4b251a3a028c428de81bc7dc3f7689ecc31d4145d86117910633fedeb7efcf8
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 08:18:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 15 Jan 2023 04:38:14 GMT
ETag: "bf633344c3f53680cb47e6414c44f43e9b31905a"
Last-Modified: Wed, 11 Jan 2023 04:38:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2995
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c394dcb080b4d-OSL
perf.af.funneldrivers.com/ts/i5046892/tsc?typ=r&amc=aff.eficads.373016.506668.CRTiPbMtM2-&smc1=63be70e793093b6e0c0fe2a1-RL-291100&smc5=lnk.performance-click.com%2Fref%2Fwww.abcnyheter.no%2F
302 Found 0 B URL HTTP/2 perf.af.funneldrivers.com/ts/i5046892/tsc?typ=r&amc=aff.eficads.373016.506668.CRTiPbMtM2-&smc1=63be70e793093b6e0c0fe2a1-RL-291100&smc5=lnk.performance-click.com%2Fref%2Fwww.abcnyheter.no%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ts/i5046892/tsc?typ=r&amc=aff.eficads.373016.506668.CRTiPbMtM2-&smc1=63be70e793093b6e0c0fe2a1-RL-291100&smc5=lnk.performance-click.com%2Fref%2Fwww.abcnyheter.no%2F HTTP/1.1
Host: perf.af.funneldrivers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.performance-click.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 11 Jan 2023 08:18:48 GMT
content-length: 0
location: https://ticketmaster-no.tm8215.net/9WnnKQ?subId1=2301110818486450717&subId2=i5046892
set-cookie: tsc=kCE!H-8wGPyxeh0!AQ|C3LA!A!Mw!~Lw9guSA*2DIFjATUX0s0*3MQW; Max-Age=31536000; Expires=Thu, 11-Jan-2024 08:18:48 GMT; Domain=af.funneldrivers.com; Path=/
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 11 Jan 2023 08:18:48 GMT
x-xss-protection: 0
X-Firefox-Spdy: h2
ticketmaster-no.tm8215.net/9WnnKQ?subId1=2301110818486450717&subId2=i5046892
302 Found 303 B URL HTTP/2 ticketmaster-no.tm8215.net/9WnnKQ?subId1=2301110818486450717&subId2=i5046892
IP
File type HTML document, ASCII text, with very long lines (302)
Hash 60cd0b15f585eb60a4aff6c919d8b904
3e49e647308da586cf900c4520e8ec9080eb930a
42a6843e539037fcb44b2c9e1e55c24869501e65aa0a4be096980a1c254a765b
GET /9WnnKQ?subId1=2301110818486450717&subId2=i5046892 HTTP/1.1
Host: ticketmaster-no.tm8215.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.performance-click.com/
Connection: keep-alive
Cookie: AWSALBCORS=1vqLadirXQksiB9/W0PjpT7Q60ZAYn19ux+rJ//4oZz9ACg3VBOCPdmE1kYDFMfDiBMqBKoe0xmlDWLsUj3YoBuKwbH290JtR/GHahfmz57UhAhvPr+GqEzVzypF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 11 Jan 2023 08:18:48 GMT
content-type: text/html; charset=utf-8
content-length: 303
location: https://www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F1995957%2F462382%2F8215%3FsubId1%3D2301110818486450717%26subId2%3Di5046892%26svlink%3D4795048%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.performance-click.com%252F&cid=8215&tpsync=yes
set-cookie: AWSALB=7lRZjao+SFYX7XzJ2UKany+6zKOteRWtR04dadyDgF/MLM2XN5n3dGTYtKPArWTAzgHmQiWX95fnR+uU1nk/ybNCXhtRmo+QFSNI4O78T5Gv3lOqY0pMdoyzKEJf; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/
AWSALBCORS=7lRZjao+SFYX7XzJ2UKany+6zKOteRWtR04dadyDgF/MLM2XN5n3dGTYtKPArWTAzgHmQiWX95fnR+uU1nk/ybNCXhtRmo+QFSNI4O78T5Gv3lOqY0pMdoyzKEJf; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/; SameSite=None; Secure
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 11 Jan 2023 08:18:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash f73bf32a1dd02c4883602b8b12b1fe8d
bf88275a53a9c11041453a769b9418c1b10fb29b
696b8ae6263546c93b0a9d6f19655a00299123addef1e6164417f1cb1bcd487d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 08:18:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 19:07:57 GMT
Expires: Tue, 17 Jan 2023 19:07:56 GMT
Etag: "bf88275a53a9c11041453a769b9418c1b10fb29b"
Cache-Control: max-age=556747,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787c394d6d04b50c-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash f73bf32a1dd02c4883602b8b12b1fe8d
bf88275a53a9c11041453a769b9418c1b10fb29b
696b8ae6263546c93b0a9d6f19655a00299123addef1e6164417f1cb1bcd487d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 08:18:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 19:07:57 GMT
Expires: Tue, 17 Jan 2023 19:07:56 GMT
Etag: "bf88275a53a9c11041453a769b9418c1b10fb29b"
Cache-Control: max-age=556747,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787c394e98c91c0e-OSL
www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D63be70e793093b6e0c0fe2a1-RL-290838%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes
302 Found 0 B URL HTTP/2 www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D63be70e793093b6e0c0fe2a1-RL-290838%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D63be70e793093b6e0c0fe2a1-RL-290838%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes HTTP/1.1
Host: www.ojrq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.thebigadsstore.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 11 Jan 2023 08:18:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
set-cookie: brwsr=931b8f90-9188-11ed-b3f5-1fb4dbc425b7; Domain=.ojrq.net; Path=/; Secure; Max-Age=62208000; Expires=Tue, 31 Dec 2024 08:18:48 GMT; HttpOnly; SameSite=None
location: https://ticketmaster-no.tm8215.net/c/3029083/462382/8215?SubId1=63be70e793093b6e0c0fe2a1-RL-290838&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=931b8f90-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=XJKSuJU9sXg6UmUx1YVVKzEh0sGXax
content-length: 0
date: Wed, 11 Jan 2023 08:18:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F1995957%2F462382%2F8215%3FsubId1%3D2301110818486450717%26subId2%3Di5046892%26svlink%3D4795048%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.performance-click.com%252F&cid=8215&tpsync=yes
302 Found 0 B URL HTTP/2 www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F1995957%2F462382%2F8215%3FsubId1%3D2301110818486450717%26subId2%3Di5046892%26svlink%3D4795048%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.performance-click.com%252F&cid=8215&tpsync=yes
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F1995957%2F462382%2F8215%3FsubId1%3D2301110818486450717%26subId2%3Di5046892%26svlink%3D4795048%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.performance-click.com%252F&cid=8215&tpsync=yes HTTP/1.1
Host: www.ojrq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.performance-click.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 11 Jan 2023 08:18:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
set-cookie: brwsr=931c2bd1-9188-11ed-b3f5-1fb4dbc425b7; Domain=.ojrq.net; Path=/; Secure; Max-Age=62208000; Expires=Tue, 31 Dec 2024 08:18:48 GMT; HttpOnly; SameSite=None
location: https://ticketmaster-no.tm8215.net/c/1995957/462382/8215?subId1=2301110818486450717&subId2=i5046892&svlink=4795048&level=1&srcref=https%3A%2F%2Flnk.performance-click.com%2F&brwsr=931c2bd1-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=QwLyxew7g0gVUsd3e81O83-mUJyUEG
content-length: 0
date: Wed, 11 Jan 2023 08:18:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ticketmaster-no.tm8215.net/c/3029083/462382/8215?SubId1=63be70e793093b6e0c0fe2a1-RL-290838&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=931b8f90-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=XJKSuJU9sXg6UmUx1YVVKzEh0sGXax
301 Moved Permanently 0 B URL HTTP/2 ticketmaster-no.tm8215.net/c/3029083/462382/8215?SubId1=63be70e793093b6e0c0fe2a1-RL-290838&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=931b8f90-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=XJKSuJU9sXg6UmUx1YVVKzEh0sGXax
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/3029083/462382/8215?SubId1=63be70e793093b6e0c0fe2a1-RL-290838&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=931b8f90-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=XJKSuJU9sXg6UmUx1YVVKzEh0sGXax HTTP/1.1
Host: ticketmaster-no.tm8215.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.thebigadsstore.com/
Connection: keep-alive
Cookie: AWSALBCORS=7lRZjao+SFYX7XzJ2UKany+6zKOteRWtR04dadyDgF/MLM2XN5n3dGTYtKPArWTAzgHmQiWX95fnR+uU1nk/ybNCXhtRmo+QFSNI4O78T5Gv3lOqY0pMdoyzKEJf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 11 Jan 2023 08:18:48 GMT
content-length: 0
location: https://www.ticketmaster.no/?clickId=RQDU-kR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215
set-cookie: AWSALB=F+GSv9x8pyOeHE8aMn3YVlbM4zJj1PYlVmjHugttp3Ngej+QRhAJ+BLVsOqrwwH+9ktEG5MELPIPIPL2XhAhrgV3dWFRYHe9HOKInWvYhBY33veGOGZSMA++g/Vb; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/
AWSALBCORS=F+GSv9x8pyOeHE8aMn3YVlbM4zJj1PYlVmjHugttp3Ngej+QRhAJ+BLVsOqrwwH+9ktEG5MELPIPIPL2XhAhrgV3dWFRYHe9HOKInWvYhBY33veGOGZSMA++g/Vb; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/; SameSite=None; Secure
brwsr=931b8f90-9188-11ed-b3f5-1fb4dbc425b7; Domain=.tm8215.net; Path=/; Secure; Max-Age=62208000; Expires=Tue, 31 Dec 2024 08:18:48 GMT; HttpOnly; SameSite=None
irld=LWQiww0xpUQ6gUh92gz2bmXHbSz3SZi00j2ioRpTWmpysn3SR; Path=/; Secure; Max-Age=15552000; Expires=Mon, 10 Jul 2023 08:18:48 GMT; HttpOnly; SameSite=None
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 11 Jan 2023 08:18:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ticketmaster-no.tm8215.net/c/1995957/462382/8215?subId1=2301110818486450717&subId2=i5046892&svlink=4795048&level=1&srcref=https%3A%2F%2Flnk.performance-click.com%2F&brwsr=931c2bd1-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=QwLyxew7g0gVUsd3e81O83-mUJyUEG
301 Moved Permanently 0 B URL HTTP/2 ticketmaster-no.tm8215.net/c/1995957/462382/8215?subId1=2301110818486450717&subId2=i5046892&svlink=4795048&level=1&srcref=https%3A%2F%2Flnk.performance-click.com%2F&brwsr=931c2bd1-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=QwLyxew7g0gVUsd3e81O83-mUJyUEG
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/1995957/462382/8215?subId1=2301110818486450717&subId2=i5046892&svlink=4795048&level=1&srcref=https%3A%2F%2Flnk.performance-click.com%2F&brwsr=931c2bd1-9188-11ed-b3f5-1fb4dbc425b7&brwsrsig=QwLyxew7g0gVUsd3e81O83-mUJyUEG HTTP/1.1
Host: ticketmaster-no.tm8215.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.performance-click.com/
Connection: keep-alive
Cookie: AWSALBCORS=7lRZjao+SFYX7XzJ2UKany+6zKOteRWtR04dadyDgF/MLM2XN5n3dGTYtKPArWTAzgHmQiWX95fnR+uU1nk/ybNCXhtRmo+QFSNI4O78T5Gv3lOqY0pMdoyzKEJf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 11 Jan 2023 08:18:48 GMT
content-length: 0
location: https://www.ticketmaster.no?clickId=RQA2KhR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=Eficads%20Media%20Group%20S.L.&utm_medium=affiliate&utm_campaign=1995957&utm_content=1220128_8215
set-cookie: AWSALB=n7tKlji3pnfWQmxB0exdhSiWvGbaf4vtj+BIjMlQm6i6WaihMbzG4eJKFLopd5JZs7hRoNVnEcdu+f0vxdPr5m5puRFw05uz1yxqUYZrCEV3IqowAai1tYMioj74; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/
AWSALBCORS=n7tKlji3pnfWQmxB0exdhSiWvGbaf4vtj+BIjMlQm6i6WaihMbzG4eJKFLopd5JZs7hRoNVnEcdu+f0vxdPr5m5puRFw05uz1yxqUYZrCEV3IqowAai1tYMioj74; Expires=Wed, 18 Jan 2023 08:18:48 GMT; Path=/; SameSite=None; Secure
brwsr=931c2bd1-9188-11ed-b3f5-1fb4dbc425b7; Domain=.tm8215.net; Path=/; Secure; Max-Age=62208000; Expires=Tue, 31 Dec 2024 08:18:48 GMT; HttpOnly; SameSite=None
irld=L3EnQj5znfVIPyeiUj0w8y1jrUBEQvv3YcXHDxSzxaX0upwQI; Path=/; Secure; Max-Age=15552000; Expires=Mon, 10 Jul 2023 08:18:48 GMT; HttpOnly; SameSite=None
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 11 Jan 2023 08:18:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash f73bf32a1dd02c4883602b8b12b1fe8d
bf88275a53a9c11041453a769b9418c1b10fb29b
696b8ae6263546c93b0a9d6f19655a00299123addef1e6164417f1cb1bcd487d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 08:18:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 19:07:57 GMT
Expires: Tue, 17 Jan 2023 19:07:56 GMT
Etag: "bf88275a53a9c11041453a769b9418c1b10fb29b"
Cache-Control: max-age=556747,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787c394f5f7fb50c-OSL
as.ad4m.at/ad/tur?a=916&c=https%3A%2F%2Fbangerhead.no&b=63be70e793093b6e0c0fe2a1-RL-290848
307 Temporary Redirect 471 B URL HTTP/2 as.ad4m.at/ad/tur?a=916&c=https%3A%2F%2Fbangerhead.no&b=63be70e793093b6e0c0fe2a1-RL-290848
IP
Hash f46da1128432dbd85b24bc0f4fbc1282
5f7dfb48d29838acc63aa72b054eb730066150d4
4708cb9e3d41f401e9c8da27286ba0c414609bd8f2e54bba1cfca52cc4dd50bc
GET /ad/tur?a=916&c=https%3A%2F%2Fbangerhead.no&b=63be70e793093b6e0c0fe2a1-RL-290848 HTTP/1.1
Host: as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://srw.bannerwidget.tech/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Wed, 11 Jan 2023 08:18:48 GMT
location: https://www.smartredirect.de/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_63be70e793093b6e0c0fe2a1-RL-290848
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
x-download-options: noopen
surrogate-control: no-store
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
pragma: no-cache
strict-transport-security: max-age=86400; includeSubDomains; preload
cross-origin-opener-policy: unsafe-none
referrer-policy: no-referrer-when-downgrade
expires: 0
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cross-origin-resource-policy: cross-origin
vary: accept-encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 787c394d48acb503-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f46da1128432dbd85b24bc0f4fbc1282
5f7dfb48d29838acc63aa72b054eb730066150d4
4708cb9e3d41f401e9c8da27286ba0c414609bd8f2e54bba1cfca52cc4dd50bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112132
Date: Wed, 11 Jan 2023 08:18:48 GMT
Etag: "63bd6b64-1d7"
Expires: Thu, 12 Jan 2023 15:27:40 GMT
Last-Modified: Tue, 10 Jan 2023 13:43:00 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qlIqDzK2D8gV80T6L1AeN0AnEBgeCqHdlEEtdROPfFI9h8K07SVD3w==
Age: 6280
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7456fab89be975b16f585d0e0c21ca0
95d338abe188ae92147fef5c6132e1083470d759
321aec944559e5827ad89c3175158f335f40f7e8ae6319c2689d45175defdc84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321AEC944559E5827AD89C3175158F335F40F7E8AE6319C2689D45175DEFDC84"
Last-Modified: Mon, 09 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Wed, 11 Jan 2023 09:35:12 GMT
Date: Wed, 11 Jan 2023 08:18:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash 135852c9ebb314df6e7204392fd032fb
6d058c22b4a8d137e92142d005c62b7271667449
d9f31642c70cbfb1813d1fa4dd031fd30ef80dcbee60fd52f8b879108827df8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2562
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:49 GMT
Etag: "63bd724e-116"
Last-Modified: Wed, 11 Jan 2023 07:36:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
www.cubus.com/
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.cubus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://srw.bannerwidget.tech/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 11 Jan 2023 08:18:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://www.cubus.com/no/
set-cookie: __cf_bm=15pc9dM7I_PekDdLkKZb94hlHCCXYVpGs6YtTCahahU-1673425129-0-AZ2SvLbQe+INd8zMAChhD/hTt3KPLh9Nckhc3Bu15InEGuu3x7DNKYw3kSLWU0kLvrumf1N92N6BOFbNPlEAOhjbamN5isJlVCoFg/+Y3l4h; path=/; expires=Wed, 11-Jan-23 08:48:49 GMT; domain=.cubus.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 787c3950fd35b503-OSL
X-Firefox-Spdy: h2
r.brandreward.com/?key=c5cd2aed04ceb28d7f5083426c8b658f&url=http%3A%2F%2Fcewe.no&id=63be70e793093b6e0c0fe2a1-RL-265458
200 OK 255 B URL HTTP/1.1 r.brandreward.com/?key=c5cd2aed04ceb28d7f5083426c8b658f&url=http%3A%2F%2Fcewe.no&id=63be70e793093b6e0c0fe2a1-RL-265458
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385), with no line terminators
Hash a0c8fff2597aee1ceb8a99679b0842ee
880df67583c40f516e7e55e61d294f575a1a5c1b
aa38f2ae309be78279a5d2d8ee115fd5fd6b9441c0f93d7fcf75575441c75520
GET /?key=c5cd2aed04ceb28d7f5083426c8b658f&url=http%3A%2F%2Fcewe.no&id=63be70e793093b6e0c0fe2a1-RL-265458 HTTP/1.1
Host: r.brandreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jib.rtbtrack.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 08:18:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: _bd=29188f6b38b7bc21c12687809c2c3c40
Referer:
Content-Encoding: gzip
analytics.ticketmaster.no/api/reports
200 OK 4 B URL HTTP/2 analytics.ticketmaster.no/api/reports
IP
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
POST /api/reports HTTP/1.1
Host: analytics.ticketmaster.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 7426
Origin: https://www.ticketmaster.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-store, private, s-maxage=0
accept-ranges: bytes
date: Wed, 11 Jan 2023 08:18:49 GMT
via: 1.1 varnish
x-robots-tag: none
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673425129.338113,VS0,VE42
access-control-allow-origin: https://www.ticketmaster.co.uk https://www.ticketmaster.ie https://www.ticketmaster.com.au https://www.ticketmaster.co.nz https://www.ticketmaster.no https://www.ticketmaster.mx https://www.ticketmaster.pl https://www.ticketmaster.it https://www.ticketmaster.fr https://www.livenation.com https://www.ticketmaster.com https://www.ticketmaster.ae https://www.ticketmaster.de https://www.ticketmaster.se https://www.ticketmaster.ch https://www.ticketmaster.dk https://www.ticketmaster.be https://www.ticketmaster.fi https://www.ticketmaster.ae https://www.ticketmaster.at https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.com.au https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.co.za
content-length: 4
X-Firefox-Spdy: h2
analytics.ticketmaster.no/api/reports
200 OK 4 B URL HTTP/2 analytics.ticketmaster.no/api/reports
IP
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
POST /api/reports HTTP/1.1
Host: analytics.ticketmaster.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 7399
Origin: https://www.ticketmaster.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-store, private, s-maxage=0
accept-ranges: bytes
date: Wed, 11 Jan 2023 08:18:49 GMT
via: 1.1 varnish
x-robots-tag: none
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673425129.345669,VS0,VE40
access-control-allow-origin: https://www.ticketmaster.co.uk https://www.ticketmaster.ie https://www.ticketmaster.com.au https://www.ticketmaster.co.nz https://www.ticketmaster.no https://www.ticketmaster.mx https://www.ticketmaster.pl https://www.ticketmaster.it https://www.ticketmaster.fr https://www.livenation.com https://www.ticketmaster.com https://www.ticketmaster.ae https://www.ticketmaster.de https://www.ticketmaster.se https://www.ticketmaster.ch https://www.ticketmaster.dk https://www.ticketmaster.be https://www.ticketmaster.fi https://www.ticketmaster.ae https://www.ticketmaster.at https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.com.au https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.co.za
content-length: 4
X-Firefox-Spdy: h2
analytics.ticketmaster.no/api/reports
200 OK 4 B URL HTTP/2 analytics.ticketmaster.no/api/reports
IP
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
POST /api/reports HTTP/1.1
Host: analytics.ticketmaster.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 7426
Origin: https://www.ticketmaster.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-store, private, s-maxage=0
accept-ranges: bytes
date: Wed, 11 Jan 2023 08:18:49 GMT
via: 1.1 varnish
x-robots-tag: none
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673425129.345846,VS0,VE83
access-control-allow-origin: https://www.ticketmaster.co.uk https://www.ticketmaster.ie https://www.ticketmaster.com.au https://www.ticketmaster.co.nz https://www.ticketmaster.no https://www.ticketmaster.mx https://www.ticketmaster.pl https://www.ticketmaster.it https://www.ticketmaster.fr https://www.livenation.com https://www.ticketmaster.com https://www.ticketmaster.ae https://www.ticketmaster.de https://www.ticketmaster.se https://www.ticketmaster.ch https://www.ticketmaster.dk https://www.ticketmaster.be https://www.ticketmaster.fi https://www.ticketmaster.ae https://www.ticketmaster.at https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.com.au https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.co.za
content-length: 4
X-Firefox-Spdy: h2
lnk.performance-click.com/ref/www.abcnyheter.no/
200 OK 793 B URL HTTP/2 lnk.performance-click.com/ref/www.abcnyheter.no/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1b0446b8b38eebd9644088ca335696ec
23e87871757f85a724a82ff2a13a4b39127d6207
244d20f7774ab3e0c71dcd08720931929d379388b1ef015e5126005cc53ab2d2
POST /ref/www.abcnyheter.no/ HTTP/1.1
Host: lnk.performance-click.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 317
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:48 GMT
content-type: text/html;charset=UTF-8
referrer-policy: no-referrer-when-downgrade
content-language: en-US
X-Firefox-Spdy: h2
tc.tradetracker.net/?c=22226&m=0&a=354047&r=23011166c9519b7346e560&u=
301 Moved Permanently 41 kB URL HTTP/2 tc.tradetracker.net/?c=22226&m=0&a=354047&r=23011166c9519b7346e560&u=
IP
File type gzip compressed data, from Unix\012- data
Hash 1df437fab90796c58e1f41b624c8f9c9
ab403306ba5533adad7d4e8b036f7bb2c39651cf
2783587c87f3f4b362fa588464d9298f94db8d3662870e6fa698ffc7f7e3dae3
GET /?c=22226&m=0&a=354047&r=23011166c9519b7346e560&u= HTTP/1.1
Host: tc.tradetracker.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.brandreward.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 11 Jan 2023 08:18:49 GMT
content-type: text/html; charset=UTF-8
location: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
server: nginx
cache-control: no-cache, must-revalidate
set-cookie: uf=ANb0JG23b00KeIux6yopV3o5a3o5NUIrY29sQWJqSHlxdjhLdzhudEIvT3BCbzJEekpMNWFFb3VkbUtobEMzVm1YN0VPWUR0bFdtU0JLbWozanFSQ3RqYlF1Rzh0RDhPSzRPZ3VRPT0%3D; expires=Thu, 11-Jan-2024 08:18:49 GMT; Max-Age=31536000; path=/; domain=.tradetracker.net; secure; SameSite=None
__tdat22226=MTY3MzQyNTEyOTo6MDo6MzU0MDQ3OjoyMzAxMTE2NmM5NTE5YjczNDZlNTYwOjpmOjplNWM4Mzk2YzY3ZmIzZGRlMWYwY2NkMDMxMzQwYmM2ZQ%3D%3D; expires=Fri, 21-Apr-2023 07:18:49 GMT; Max-Age=8636400; path=/; domain=.tradetracker.net; secure; SameSite=None
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
date: Wed, 11 Jan 2023 04:04:59 GMT
last-modified: Mon, 30 May 2022 14:38:02 GMT
etag: "5add60196e5f96a414fb4b9586764e5d"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vVGPseE9LUKOWYVHQiMDZfOPv5QU1zeFzZlW0h2htR-5qj5qBk5Gdg==
age: 15232
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/fonts/CEWEIcons/cewe-icons.woff2
200 OK 29 kB URL HTTP/2 www.cewe.no/asset/assets/fonts/CEWEIcons/cewe-icons.woff2
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Web Open Font Format (Version 2), TrueType, length 28792, version 1.0\012- data
Hash 63431de153a09c2182615b5acd66b2cd
3f64488e8d615e43100bcb1a010f0bac2821e3a5
fb1b607f70c1b9354d7b89daa1ba70e508c2c0d01e765025537e441ca770f29b
GET /asset/assets/fonts/CEWEIcons/cewe-icons.woff2 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Mon, 19 Sep 2022 09:00:24 GMT
accept-ranges: bytes
content-length: 28792
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
access-control-allow-origin: *
content-type: font/woff2
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&tid=UA-2922176-15&t=pageview&ds=web&aip=1&cs=tradetracker&cm=cpa&cn=no&cc=%28not+set%29&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=172994222.184777576
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-2922176-15&t=pageview&ds=web&aip=1&cs=tradetracker&cm=cpa&cn=no&cc=%28not+set%29&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=172994222.184777576
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-2922176-15&t=pageview&ds=web&aip=1&cs=tradetracker&cm=cpa&cn=no&cc=%28not+set%29&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=172994222.184777576 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51080
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=Tredia&cc=265458&ck=42259&cm=Brandreward&cn=Cewe&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1342174550.1946043048
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=Tredia&cc=265458&ck=42259&cm=Brandreward&cn=Cewe&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1342174550.1946043048
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=Tredia&cc=265458&ck=42259&cm=Brandreward&cn=Cewe&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.cewe.no&dp=%2F&dt=Fotoprodukter+av+h%C3%B8yeste+kvalitet+%7C+CEWE&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1342174550.1946043048 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Tue, 10 Jan 2023 18:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 51080
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/fonts/CEWEHead/CEWEHead-Regular.woff2
200 OK 27 kB URL HTTP/2 www.cewe.no/asset/assets/fonts/CEWEHead/CEWEHead-Regular.woff2
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Web Open Font Format (Version 2), TrueType, length 26628, version 1.0\012- data
Hash 1a81d5fecdfa38ed125d351d8d70d1ef
45828ba0e1f54fe82f5a22270c74aa3f5d5d2f8a
0b9811d3e99fcde06be1be229d7195c1d7503462980f08f3d27389a3d0c08183
GET /asset/assets/fonts/CEWEHead/CEWEHead-Regular.woff2 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 21 Oct 2021 07:35:15 GMT
accept-ranges: bytes
content-length: 26628
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
access-control-allow-origin: *
content-type: font/woff2
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/styles/css-variables.css?v=1672913287
200 OK 85 B URL HTTP/2 www.cewe.no/asset/assets/styles/css-variables.css?v=1672913287
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with no line terminators
Hash 31704247b2f5c733d0c2d6c4932aa6b4
85f9d93aca34a530fa22ec6542b23e8eebacd45e
adf8478c8f755f644d94ef7e413db7d1bc48e53bc0137c9ab884833571e3d4d6
GET /asset/assets/styles/css-variables.css?v=1672913287 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 08 Sep 2022 06:50:17 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 85
content-type: text/css
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/styles/css-variables-default-styleeditor.css?v=1667485581
200 OK 1.9 kB URL HTTP/2 www.cewe.no/asset/assets/styles/css-variables-default-styleeditor.css?v=1667485581
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (4598), with no line terminators
Hash 1bcef7cb22119c7a61145202903a9d84
5e61d92bc3ae6c51e04fb6febf04b1b5ad629dae
65a353242c49d4c55512f5394c73a3a9f6d53bcc132979855c22b7ca2cd32637
GET /asset/assets/styles/css-variables-default-styleeditor.css?v=1667485581 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Tue, 08 Nov 2022 07:38:20 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1946
content-type: text/css
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/styles/variables.css?v=1672913287
200 OK 195 B URL HTTP/2 www.cewe.no/styles/variables.css?v=1672913287
IP
ASN #49494 CEWE Stiftung & Co. KGaA
Hash e6465414551478aab8fad87474476547
0c3b834f47ea9b8d09f0a4f3e0f02f427368b38b
a6f8f68c4d4c6f5525f60fb7a4969503531f549b0f27bb7e81057790a2d03df2
GET /styles/variables.css?v=1672913287 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 12:49:28 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 195
content-type: text/css
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/styles/css-fonts.css?v=1672913287
200 OK 85 B URL HTTP/2 www.cewe.no/asset/assets/styles/css-fonts.css?v=1672913287
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with no line terminators
Hash 31704247b2f5c733d0c2d6c4932aa6b4
85f9d93aca34a530fa22ec6542b23e8eebacd45e
adf8478c8f755f644d94ef7e413db7d1bc48e53bc0137c9ab884833571e3d4d6
GET /asset/assets/styles/css-fonts.css?v=1672913287 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 08 Sep 2022 06:50:17 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 85
content-type: text/css
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/mk/vt/MkVTQ0R4UWt5b0k3SXlDQkJhOUlkQVNHR3ZuMVVSZEpMZmJJNnRSMEJUMkduNERpRmUxUmVGU0pYQk4zc09XT01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 218 B URL HTTP/2 www.cewe.no/cdn/mk/vt/MkVTQ0R4UWt5b0k3SXlDQkJhOUlkQVNHR3ZuMVVSZEpMZmJJNnRSMEJUMkduNERpRmUxUmVGU0pYQk4zc09XT01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1098c656c6f8802e84df872abe09d39b
9127b95db45f1a9a6ecb6c4667130266a4518c25
925e09e9ae33c23285c73d051191eb3bd00e1c260273556be955068a94ed0539
GET /cdn/mk/vt/MkVTQ0R4UWt5b0k3SXlDQkJhOUlkQVNHR3ZuMVVSZEpMZmJJNnRSMEJUMkduNERpRmUxUmVGU0pYQk4zc09XT01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:11 GMT
accept-ranges: bytes
content-length: 218
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/eu/4w/eU4wdHJ5VWFKa0NlY1ZBd0xWU0lhRU82MlRCa0ZwSHdBRXluNXVVMkI2eEcrSU1UUTJqajN4UzhEcWNwYVpPbk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 172 B URL HTTP/2 www.cewe.no/cdn/eu/4w/eU4wdHJ5VWFKa0NlY1ZBd0xWU0lhRU82MlRCa0ZwSHdBRXluNXVVMkI2eEcrSU1UUTJqajN4UzhEcWNwYVpPbk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 347a00542fb7841006f08f0bb27f93df
5aaa65ca743c255246c39a958a0625fe6ef07f5d
50d1d6a245a4cb8c08fb22376914452fbbe51c812c7a43a8e2e67c08b67dd85a
GET /cdn/eu/4w/eU4wdHJ5VWFKa0NlY1ZBd0xWU0lhRU82MlRCa0ZwSHdBRXluNXVVMkI2eEcrSU1UUTJqajN4UzhEcWNwYVpPbk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:11 GMT
accept-ranges: bytes
content-length: 172
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/su/02/SU02VUJDOFZRZ1J0aXprUERHNEFJa3pGcHY1SnJ5NnM5VTZaZ1VqbVhwMm9aRms2WVo4blUyZGlBL29wYnE0eE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 312 B URL HTTP/2 www.cewe.no/cdn/su/02/SU02VUJDOFZRZ1J0aXprUERHNEFJa3pGcHY1SnJ5NnM5VTZaZ1VqbVhwMm9aRms2WVo4blUyZGlBL29wYnE0eE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image\012- data
Hash bf9fdc10efd46bea59365a050e07c473
745fd44f67c89fb37d4d634cafc99f95f6f2d043
00b4d730560a9852ffd72b28de6036e9b0862d5b6480fc21b5dc2edf44fa78f5
GET /cdn/su/02/SU02VUJDOFZRZ1J0aXprUERHNEFJa3pGcHY1SnJ5NnM5VTZaZ1VqbVhwMm9aRms2WVo4blUyZGlBL29wYnE0eE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 24 Nov 2022 14:31:03 GMT
accept-ranges: bytes
content-length: 312
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/mx/rg/MXRGYndDVGZWZjd2Wms1eWF1ZVZnWDFFY0hMVTFqWUlMcFg4djRtZHhNMFFwRU1POTFqYjRJa1JDOGVqUzVja01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 306 B URL HTTP/2 www.cewe.no/cdn/mx/rg/MXRGYndDVGZWZjd2Wms1eWF1ZVZnWDFFY0hMVTFqWUlMcFg4djRtZHhNMFFwRU1POTFqYjRJa1JDOGVqUzVja01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0859f66b0ff56c5c3a2b924471a7b9bf
0b96d4c6da7797b31be082f715b03d659422c3c8
a2c84966f8301c4bbd880bebcada2bba299152bb764c80a0fe5df1330d61a5c5
GET /cdn/mx/rg/MXRGYndDVGZWZjd2Wms1eWF1ZVZnWDFFY0hMVTFqWUlMcFg4djRtZHhNMFFwRU1POTFqYjRJa1JDOGVqUzVja01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 24 Nov 2022 14:31:03 GMT
accept-ranges: bytes
content-length: 306
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/sl/vw/SlVwN1FmZGZzRzlROW1WRWpybG9tY2ZjZXZIcnJ0cFljSjhPSlRtUjMzaERHa1RjUnBQK2V1enBrRnladFVLZk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 196 B URL HTTP/2 www.cewe.no/cdn/sl/vw/SlVwN1FmZGZzRzlROW1WRWpybG9tY2ZjZXZIcnJ0cFljSjhPSlRtUjMzaERHa1RjUnBQK2V1enBrRnladFVLZk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 28a14bbc50c2765999ba9d458b93c213
f8934ca40bf3a0461c6cb272cb55231670c235f7
6f07af49b2481bf5a09953d07c3038ee14e5297808ed164771f56bb9e8ca9015
GET /cdn/sl/vw/SlVwN1FmZGZzRzlROW1WRWpybG9tY2ZjZXZIcnJ0cFljSjhPSlRtUjMzaERHa1RjUnBQK2V1enBrRnladFVLZk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 196
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/q1/lt/Q1ltYy9BRjd1dFNIMVgybUZmeXZmejdJK2pqUmlwN2lwbUJWS1QzNWEwSHYxSkRnek85ZlpFVm5sbG5TdHFCWU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 242 B URL HTTP/2 www.cewe.no/cdn/q1/lt/Q1ltYy9BRjd1dFNIMVgybUZmeXZmejdJK2pqUmlwN2lwbUJWS1QzNWEwSHYxSkRnek85ZlpFVm5sbG5TdHFCWU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d563750ddedc0e6cddc9bf4cd7a19648
d096fef19cd06603be98eb761e4f43c69b58478d
e2a39161ad0d6f424834b37943a41eb8aeaa847edf7b705375c5328b8500efc8
GET /cdn/q1/lt/Q1ltYy9BRjd1dFNIMVgybUZmeXZmejdJK2pqUmlwN2lwbUJWS1QzNWEwSHYxSkRnek85ZlpFVm5sbG5TdHFCWU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 242
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.ticketmaster.no/?clickId=RQDU-kR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215
200 OK 8.6 kB URL HTTP/2 www.ticketmaster.no/?clickId=RQDU-kR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215
IP
Hash 8ab8e01bcc329152356726ec4204f444
f292da450ee56faa77377a1d846d6308fb6e119a
1361c7c8e2ff691360d060a8a749a93d5302654bc55f636a892fc3437bc3413b
GET /?clickId=RQDU-kR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215 HTTP/1.1
Host: www.ticketmaster.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.thebigadsstore.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-tmsite: TM_NO
x-build-version: production-9-394-0-4743903
cache-control: max-age=15
x-powered-by: Next.js
content-type: text/html; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
age: 0
tmps-correlation-id: aecb8fda-3058-489e-b4e9-8e9106970685
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1
x-frame-options: Deny
content-security-policy: frame-ancestors 'none'; default-src https://*.safeframe.googlesyndication.com https://tpc.googlesyndication.com https://uk.tmconst.com; font-src 'self' https://uk.tmconst.com https://fonts.gstatic.com https://marketer.monetate.net/ https://cdn.smooch.io; connect-src 'self' wss://api.smooch.io wss://marketplace.prod.pub-tmaws.io https://*.ticketmaster.co.uk https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.siteintercept.qualtrics.com https://*.permutive.com https://*.prmutv.co https://*.config.smooch.io https://epsf.ticketmaster.net https://uk.tmconst.com https://checkout.ticketmaster.com https://venueview.io-virtualvenue.com https://pubads.g.doubleclick.net https://securepubads.g.doubleclick.net https://siteintercept.qualtrics.com https://stats.g.doubleclick.net https://pagead2.googlesyndication.com https://d2v54wjmlooyi.cloudfront.net https://csi.gstatic.com https://venue.tmol.co https://adservice.google.com https://www.google.com https://analytics.tiktok.com https://ib.adnxs.com https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://api.smooch.io https://app.ticketmaster.com https://mapsapi.tmol.co https://availability.ticketmaster.eu https://www.ticketmaster.no https://analytics.ticketmaster.no https://identity.ticketmaster.no https://app.ticketmaster.eu https://pubapi.ticketmaster.com; prefetch-src https://uk.tmconst.com https://pubapi.ticketmaster.com/sdk/ras-sdk-v0.js; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googletagmanager.com https://*.siteintercept.qualtrics.com https://*.collect.igodigital.com https://epsf.ticketmaster.net https://uk.tmconst.com https://venueview.io-virtualvenue.com https://polyfill.io https://af.monetate.net https://f.monetate.net https://se.monetate.net https://sb.monetate.net https://marketer.monetate.net/ https://www.googletagservices.com https://www.google-analytics.com https://pagead2.googlesyndication.com https://siteintercept.qualtrics.com https://d2v54wjmlooyi.cloudfront.net/ssp/libs/prod/fanbuilder/v2/fanbuilder.js https://cdn.smooch.io https://api.smooch.io https://cdn.distiltag.com https://widget.ticketmaster.eu https://securepubads.g.doubleclick.net https://adservice.google.ae https://adservice.google.at https://adservice.google.be https://adservice.google.ca https://adservice.google.ch https://adservice.google.co.il https://adservice.google.co.jp https://adservice.google.co.uk https://adservice.google.co.nz https://adservice.google.com https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.mx https://adservice.google.com.ph https://adservice.google.com.sa https://adservice.google.com.ua https://adservice.google.cz https://adservice.google.de https://adservice.google.dk https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ie https://adservice.google.it https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.se https://analytics.twitter.com https://analytics.tiktok.com https://connect.facebook.net https://googleads.g.doubleclick.net https://media.ticketmaster.co.uk https://static.ads-twitter.com https://www.googleadservices.com https://cdn.ampproject.org https://tpc.googlesyndication.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com/pagead/conversion_async.js https://api.permutive.com https://cdn.permutive.com https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://s1.ticketm.net/tm/en-us/img/static/tmcore/web-vitals.umd.js https://s.adroll.com/ https://d.adroll.com/ https://s.pinimg.com/ https://swrap.tradedoubler.com https://www.sc.pages06.net https://identity.ticketmaster.no https://my.ticketmaster.com https://secure-entry.ticketmaster.com https://pubapi.ticketmaster.com/sdk/ras-sdk-v0.js; style-src 'unsafe-inline' https://marketer.monetate.net/ https://fonts.googleapis.com/ https://cdn.smooch.io/; frame-src https://*.safeframe.googlesyndication.com https://*.siteintercept.qualtrics.com https://*.fls.doubleclick.net https://player.vimeo.com https://tpc.googlesyndication.com https://sb.monetate.net https://www.google.com/recaptcha/ https://www.youtube.com https://media.ticketmaster.co.uk https://cookies.onetrust.mgr.consensu.org/ https://bid.g.doubleclick.net https://securepubads.g.doubleclick.net https://identity.ticketmaster.no https://www.ticketmaster.no https://my.ticketmaster.com; img-src data: 'self' http://track.adform.net/ http://s0.2mdn.net/ https://*.googletagmanager.com https://*.google-analytics.com https://*.fls.doubleclick.net https://*.googleusercontent.com https://uk.tmconst.com https://cbt-assets.tmconst.com https://media.ticketmaster.eu https://media-staging.mfol.eu-west-1.pci.public.tmaws.eu https://s1.ticketm.net https://www.facebook.com https://nova.collect.igodigital.com https://eu.qualtrics.com https://af.monetate.net https://f.monetate.net https://marketer.monetate.net/ https://tpc.googlesyndication.com https://www.google.ae https://www.google.at https://www.google.be https://www.google.ca https://www.google.ch https://www.google.cl https://www.google.co.in https://www.google.co.jp https://www.google.co.uk https://www.google.co.nz https://www.google.co.za https://www.google.com https://www.google.com.au https://www.google.com.br https://www.google.com.co https://www.google.com.ec https://www.google.com.eg https://www.google.com.gt https://www.google.com.mx https://www.google.com.ph https://www.google.com.sa https://www.google.com.ua https://www.google.cz https://www.google.de https://www.google.dk https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ie https://www.google.it https://www.google.nl https://www.google.no https://www.google.pl https://www.google.rs https://www.google.ru https://www.google.se https://ad.doubleclick.net https://cm.g.doubleclick.net https://securepubads.g.doubleclick.net https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://prismic-images.tmol.io https://i.ytimg.com/ https://i.vimeocdn.com/ https://media.ticketmaster.co.uk https://s3.eu-west-2.amazonaws.com/onsale-img/tmimages/TM_GenCatImgs_Generic.jpg https://s3.eu-west-2.amazonaws.com/onsale-img/tmimages/TM_GenCatImgs_Music.jpg https://s3.eu-west-1.amazonaws.com/ https://cx.atdmt.com https://venueview.io-virtualvenue.com https://secure.adnxs.com https://t.co https://analytics.twitter.com https://ads.avocet.io https://ads.avct.cloud https://googlesync.permutive.com/ https://cdn.cookielaw.org/ https://pixel.quantserve.com https://www.gstatic.com/ https://image.mailing.ticketmaster.com/ https://cdn.smooch.io https://media.smooch.io https://ct.pinterest.com/ https://sp.analytics.yahoo.com/ https://www.pages06.net/ https://identity.ticketmaster.no https://mapsapi.tmol.co; media-src https://uk.tmconst.com/; object-src 'none'; base-uri 'self'; worker-src 'self' blob: https://www.google.com/recaptcha/; child-src blob: https://*.siteintercept.qualtrics.com; report-uri https://analytics.ticketmaster.no/api/reports
x-fastly: ICCP-GLOBAL-PROD
fastly-restarts: 1
x-origin-name: 1GUugFzYescHPg4UVycAKL--F_iccp
date: Wed, 11 Jan 2023 08:18:49 GMT
x-served-by: cache-bma1645-BMA, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
content-length: 71311
X-Firefox-Spdy: h2
www.cewe.no/cdn/l1/ox/L1oxL0h6OGorRGFyOEJrV0dSL1RjZ0ZmbFdQS2VweFA1Vk12OHV5VXRDSGc4Q0xzUFRWdlJCZ2V1NTgzRkRJQk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 200 B URL HTTP/2 www.cewe.no/cdn/l1/ox/L1oxL0h6OGorRGFyOEJrV0dSL1RjZ0ZmbFdQS2VweFA1Vk12OHV5VXRDSGc4Q0xzUFRWdlJCZ2V1NTgzRkRJQk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cad9910b9c8ad4ea5b07ed4960d3f2d8
e2f25d678b2a596b202956c2290b4e3a3e63d0f3
de28d3c6f013f3406e0ae1c131fd7c401d5a1a75176ab7c22773fbae124da029
GET /cdn/l1/ox/L1oxL0h6OGorRGFyOEJrV0dSL1RjZ0ZmbFdQS2VweFA1Vk12OHV5VXRDSGc4Q0xzUFRWdlJCZ2V1NTgzRkRJQk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 200
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
srw.bannerwidget.tech/
200 OK 866 B IP
Hash 9d870be9f5c6210f1794a26487c4cfc5
8315baf690f85e6c0f3224edbad8c08f9b28434b
c11ba12c795de01298e357069b49dcd45fe2479255f97389dbdeb32fa4b7e5ed
POST / HTTP/1.1
Host: srw.bannerwidget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 202
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:48 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
www.cewe.no/cdn/yn/hv/YnhVbitCWXJVSVdhV21KTDBiVXo2RGdMTUtGVGMwWFNaRHMwVDQydHhXQ1g1Vm5CdzNVWEdIS25ycC9YQXB4K01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 230 B URL HTTP/2 www.cewe.no/cdn/yn/hv/YnhVbitCWXJVSVdhV21KTDBiVXo2RGdMTUtGVGMwWFNaRHMwVDQydHhXQ1g1Vm5CdzNVWEdIS25ycC9YQXB4K01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 33566cfb0ee9de98eba3c8c44bc64d0e
ccf0b0f74c0ef85103b07d5dd88abb3f42a4f01c
09d9ccf53a90f669d1879cf4f378840d5ae0e99100c271212dbd753ac485d625
GET /cdn/yn/hv/YnhVbitCWXJVSVdhV21KTDBiVXo2RGdMTUtGVGMwWFNaRHMwVDQydHhXQ1g1Vm5CdzNVWEdIS25ycC9YQXB4K01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 230
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/ek/le/eklENmg3eUZmTmlxZlpzSnR3T2l6SDBjV3VmYmd5TklRVFMzMXVxYUZpdDNkNGJXa1FsWmpRNElWMGVuSjRXb01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 208 B URL HTTP/2 www.cewe.no/cdn/ek/le/eklENmg3eUZmTmlxZlpzSnR3T2l6SDBjV3VmYmd5TklRVFMzMXVxYUZpdDNkNGJXa1FsWmpRNElWMGVuSjRXb01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash de80d4d5ccbbe0739212961b6178261a
ed1eafed9b1727cf4e466fd8e9120d32336671e3
5dcbb07e0b00f0829a333aff235d61638c623f593b3444212c080ace52bade36
GET /cdn/ek/le/eklENmg3eUZmTmlxZlpzSnR3T2l6SDBjV3VmYmd5TklRVFMzMXVxYUZpdDNkNGJXa1FsWmpRNElWMGVuSjRXb01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 208
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/de/i2/dEI2M2o0R2hwU2pmalZSQW5DanZTWldjRGNrcjN0YUVnSjJkVmQrUFordUl4WTJWRTZnRjdOZ1RNcU16QjA3N01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 226 B URL HTTP/2 www.cewe.no/cdn/de/i2/dEI2M2o0R2hwU2pmalZSQW5DanZTWldjRGNrcjN0YUVnSjJkVmQrUFordUl4WTJWRTZnRjdOZ1RNcU16QjA3N01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0262849b562d679a4343264af8fdf83
1f1af0e7574e7241c10f66277e4fd14f10381640
8223fd0a85c067438fa00bbf22955571a468d03ca3dded9db20bc31e1efdb89a
GET /cdn/de/i2/dEI2M2o0R2hwU2pmalZSQW5DanZTWldjRGNrcjN0YUVnSjJkVmQrUFordUl4WTJWRTZnRjdOZ1RNcU16QjA3N01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 226
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/d3/ri/d3RISlk3bnFnS1N1L3B2Z0c2b2FvRWMwUzhQa2NkNmdxZEx0Y3RoSkdHdjBOQ0piUUVSM1d2cWU4TE5mb0gzbk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 196 B URL HTTP/2 www.cewe.no/cdn/d3/ri/d3RISlk3bnFnS1N1L3B2Z0c2b2FvRWMwUzhQa2NkNmdxZEx0Y3RoSkdHdjBOQ0piUUVSM1d2cWU4TE5mb0gzbk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5a210d77dda1c39a02f3c1413dfa56bb
3596539ba231904628ae626a8b3b535c97ffabd3
c2b515923c01f51573a8ac87a181cf3c7b548aa3f887d4d07d59eeb4e38f8d0d
GET /cdn/d3/ri/d3RISlk3bnFnS1N1L3B2Z0c2b2FvRWMwUzhQa2NkNmdxZEx0Y3RoSkdHdjBOQ0piUUVSM1d2cWU4TE5mb0gzbk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 196
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/ox/jp/OXJPNEJBS2pZRS9JSS9VSXEzK1R2NDhIamVxTE9Ra3FCWDFoMHE5ODNmVmF0a3IyRm4zR3RmYWFFMk45YkVPeU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 232 B URL HTTP/2 www.cewe.no/cdn/ox/jp/OXJPNEJBS2pZRS9JSS9VSXEzK1R2NDhIamVxTE9Ra3FCWDFoMHE5ODNmVmF0a3IyRm4zR3RmYWFFMk45YkVPeU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14ba135cb910829e422e44b12287f10a
515d44df5127d4df4c93ab4d743adda8b76cd67d
748e55d0bd7b6ed2fdf600c0f165149446da821143cfad2d698b2103ac6b4d13
GET /cdn/ox/jp/OXJPNEJBS2pZRS9JSS9VSXEzK1R2NDhIamVxTE9Ra3FCWDFoMHE5ODNmVmF0a3IyRm4zR3RmYWFFMk45YkVPeU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 232
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/zn/jy/ZnJYOFByd1ZMSVcwWHBtVjd2b2ZTbUR1T2syLzYrc1M4R2F5b1dacFZZT21RN1F0QVFST0h0VmNWekszTGd5bk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 192 B URL HTTP/2 www.cewe.no/cdn/zn/jy/ZnJYOFByd1ZMSVcwWHBtVjd2b2ZTbUR1T2syLzYrc1M4R2F5b1dacFZZT21RN1F0QVFST0h0VmNWekszTGd5bk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef3fede6b5710bb84a08c673650693fa
686feac4fe0f125e81b1676d62950872314a293b
e69a02f3aed7d6c3ca6a962c67be6ee0bac7555ad5219230c639cfa5bffddb9a
GET /cdn/zn/jy/ZnJYOFByd1ZMSVcwWHBtVjd2b2ZTbUR1T2syLzYrc1M4R2F5b1dacFZZT21RN1F0QVFST0h0VmNWekszTGd5bk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 192
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/vu/hc/VUhCU0NYSXhHUlMzNFZaWm45WUpLUDJvREVValQ2cUhoRkx5ekpya2R3Vi9PUGlxOSthNnRnYWorcDNiTVpIQk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 222 B URL HTTP/2 www.cewe.no/cdn/vu/hc/VUhCU0NYSXhHUlMzNFZaWm45WUpLUDJvREVValQ2cUhoRkx5ekpya2R3Vi9PUGlxOSthNnRnYWorcDNiTVpIQk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb789792a01d3d25e9c30fe63e1d0744
c3615f4a74677ad8045598685a85a13e49b11f40
c41ab2a0fd9d95a88855a04c708913bd92f307231778f482d32144a7daaca52e
GET /cdn/vu/hc/VUhCU0NYSXhHUlMzNFZaWm45WUpLUDJvREVValQ2cUhoRkx5ekpya2R3Vi9PUGlxOSthNnRnYWorcDNiTVpIQk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:06 GMT
accept-ranges: bytes
content-length: 222
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/y2/hk/Y2hKNU9jdXhsamRxekhnYUdEOVB6ZjB2SEhWYk0wR0MzVW9iV1RWempGb0FLU0llRTVhbnFhVzNTeGtBOEUrU01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 226 B URL HTTP/2 www.cewe.no/cdn/y2/hk/Y2hKNU9jdXhsamRxekhnYUdEOVB6ZjB2SEhWYk0wR0MzVW9iV1RWempGb0FLU0llRTVhbnFhVzNTeGtBOEUrU01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fde525b9168c049d5c20f322ea285a56
6b96996d443e6e332fbfe030f281e9c90f212d9a
d60d5ab593b01d89b20dbc92bfb878581dca9f47eda27113cffdab3b5f8afbe9
GET /cdn/y2/hk/Y2hKNU9jdXhsamRxekhnYUdEOVB6ZjB2SEhWYk0wR0MzVW9iV1RWempGb0FLU0llRTVhbnFhVzNTeGtBOEUrU01TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 12:49:24 GMT
accept-ranges: bytes
content-length: 226
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/wh/ux/WHUxaCs5KzBYbGwyZDd4dGphbE9vakZBQUdOSng3WEpINnp6SnVCclhTSFRISDhNVmdidTM3Q0NyWHFOWnplOE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 172 B URL HTTP/2 www.cewe.no/cdn/wh/ux/WHUxaCs5KzBYbGwyZDd4dGphbE9vakZBQUdOSng3WEpINnp6SnVCclhTSFRISDhNVmdidTM3Q0NyWHFOWnplOE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x7, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 12b201fe1f1c6fdfa2ad6829560ca6e5
1707581e14326215d826d94e83bdea9784e7ded4
1acf9e35b3bb20ad52d54f907b0b895b66c7828d8790bcc72bb8682a7268c54b
GET /cdn/wh/ux/WHUxaCs5KzBYbGwyZDd4dGphbE9vakZBQUdOSng3WEpINnp6SnVCclhTSFRISDhNVmdidTM3Q0NyWHFOWnplOE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 12:49:24 GMT
accept-ranges: bytes
content-length: 172
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/lz/d1/Lzd1NFVVNjVjKzRxRnhrRXM5ODJMOUsrM1d6Qmpqay9BRE1uRE9mdUxTODh1TUp3Rm9zNXR1VDgrbXQxVGJLdk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 236 B URL HTTP/2 www.cewe.no/cdn/lz/d1/Lzd1NFVVNjVjKzRxRnhrRXM5ODJMOUsrM1d6Qmpqay9BRE1uRE9mdUxTODh1TUp3Rm9zNXR1VDgrbXQxVGJLdk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 16dd4223be6902704db9240bda2c6040
6b11dff4dd27ee6480b51cb29df91e78c772e520
4a61289a58a1b335a7d5e350446e6ed8edf4819a9f44df292162c159d5855bff
GET /cdn/lz/d1/Lzd1NFVVNjVjKzRxRnhrRXM5ODJMOUsrM1d6Qmpqay9BRE1uRE9mdUxTODh1TUp3Rm9zNXR1VDgrbXQxVGJLdk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 12:49:24 GMT
accept-ranges: bytes
content-length: 236
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/ru/dz/RUdZeGczNm0yUEdTSUlBK0ZqOW1ZQUhxRWtUTWpMQ2xFaHRhMUEyazc5L0g2YXErdW1nM1N2WDdBQmZJNENFQU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 262 B URL HTTP/2 www.cewe.no/cdn/ru/dz/RUdZeGczNm0yUEdTSUlBK0ZqOW1ZQUhxRWtUTWpMQ2xFaHRhMUEyazc5L0g2YXErdW1nM1N2WDdBQmZJNENFQU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a692731607aa59e5e70bcd8f3427fdf
571eac79244c0df85b0e93eac2a9c39bab349702
4652a9b4ed0f91e84f069293895c827dce6fca00cd10f3db07787fa19ee9694f
GET /cdn/ru/dz/RUdZeGczNm0yUEdTSUlBK0ZqOW1ZQUhxRWtUTWpMQ2xFaHRhMUEyazc5L0g2YXErdW1nM1N2WDdBQmZJNENFQU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 12:49:24 GMT
accept-ranges: bytes
content-length: 262
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/qj/qw/QjQwN2xzczQyaUZtdHZTMnZNV1paVzdBM1ZoV2NYNnM3cWxVbFZSVzVScUQzMmlMVjBLZVovT1NFenhscWdZUk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 204 B URL HTTP/2 www.cewe.no/cdn/qj/qw/QjQwN2xzczQyaUZtdHZTMnZNV1paVzdBM1ZoV2NYNnM3cWxVbFZSVzVScUQzMmlMVjBLZVovT1NFenhscWdZUk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8f96e25b29fe7c937c65cd9294517d7
9b5bf2a57204f546e1f8bd7bd0e1b74d55116b4e
87fb18f04b6e8ce0c26e42cbf0cd9e4a15754414d884653874b154194c48d077
GET /cdn/qj/qw/QjQwN2xzczQyaUZtdHZTMnZNV1paVzdBM1ZoV2NYNnM3cWxVbFZSVzVScUQzMmlMVjBLZVovT1NFenhscWdZUk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 12:49:24 GMT
accept-ranges: bytes
content-length: 204
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/vf/lu/VFlUaEJnTllNcC9CcVk1cWpzeENCRzZuUEkzM0d0Q2ZQZ2xOMVZUMElnT295eXVTc0pUUE41ZDYwMU1YUkEzWU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 248 B URL HTTP/2 www.cewe.no/cdn/vf/lu/VFlUaEJnTllNcC9CcVk1cWpzeENCRzZuUEkzM0d0Q2ZQZ2xOMVZUMElnT295eXVTc0pUUE41ZDYwMU1YUkEzWU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8425d5aad24acee3d428fed5fdd05500
fe09f897b8ebf6d512292853a86a72d74341324d
be3357cd3b3746d84fec4ea833943ebe65ea935a20eb8c6769b23d4785c8d5d1
GET /cdn/vf/lu/VFlUaEJnTllNcC9CcVk1cWpzeENCRzZuUEkzM0d0Q2ZQZ2xOMVZUMElnT295eXVTc0pUUE41ZDYwMU1YUkEzWU1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 12:49:24 GMT
accept-ranges: bytes
content-length: 248
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/wf/hq/WFhqZVBqMkhPbm1KRWpNb1RxdWdaWVRib3VBNXoxeVIvdkEyMGtqeHpqSlpiMjN5M25ONDBjRjZrWTVBS0pJRk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 210 B URL HTTP/2 www.cewe.no/cdn/wf/hq/WFhqZVBqMkhPbm1KRWpNb1RxdWdaWVRib3VBNXoxeVIvdkEyMGtqeHpqSlpiMjN5M25ONDBjRjZrWTVBS0pJRk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8af0a46d13e589e74d75089800f73a18
61a1a15cbe97bca2a5850282ee134988446c817e
c703c5d354761abe7a3a5a62b83888ed3497bb2c807da05b61f4f0ae3a6c47e0
GET /cdn/wf/hq/WFhqZVBqMkhPbm1KRWpNb1RxdWdaWVRib3VBNXoxeVIvdkEyMGtqeHpqSlpiMjN5M25ONDBjRjZrWTVBS0pJRk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Mon, 20 Jun 2022 10:22:41 GMT
accept-ranges: bytes
content-length: 210
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/v2/dy/V2dyU3Rrc2NTY1VsV0pOdjR3cHBEK09JMCszMlFRK0haRWptd1Z6Qzg5a2dQVXlZWDZweFpUVjV4TDFMcVBLUE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 188 B URL HTTP/2 www.cewe.no/cdn/v2/dy/V2dyU3Rrc2NTY1VsV0pOdjR3cHBEK09JMCszMlFRK0haRWptd1Z6Qzg5a2dQVXlZWDZweFpUVjV4TDFMcVBLUE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 70fd12cb6d1ccb37d8069e15c3c5ea4e
75f9c59c32c08bf72054637008648b39e4604bc8
fad8fe8a032f0c4b8f64ff351e50fbd0d2ef203cfb11b23d1a648b6a235dc169
GET /cdn/v2/dy/V2dyU3Rrc2NTY1VsV0pOdjR3cHBEK09JMCszMlFRK0haRWptd1Z6Qzg5a2dQVXlZWDZweFpUVjV4TDFMcVBLUE1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Mon, 20 Jun 2022 10:22:41 GMT
accept-ranges: bytes
content-length: 188
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/dt/vx/dTVxRVpINE1xMTFoekRZVEowZzRyaXVVSkJMT0NnTm15R0dpWkJqY2RZZU8zV3Vhc2hMeS9HZlJFWnduVy91bk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
200 OK 198 B URL HTTP/2 www.cewe.no/cdn/dt/vx/dTVxRVpINE1xMTFoekRZVEowZzRyaXVVSkJMT0NnTm15R0dpWkJqY2RZZU8zV3Vhc2hMeS9HZlJFWnduVy91bk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x13, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 944834239913d61f9ff0340b3ae86366
8a41a4b3af2bdbc10f69a7855b231eb0565fe791
a7a64fcff19b4be0c4f35b8e61b6744ca46746671e816710a211666ba4284011
GET /cdn/dt/vx/dTVxRVpINE1xMTFoekRZVEowZzRyaXVVSkJMT0NnTm15R0dpWkJqY2RZZU8zV3Vhc2hMeS9HZlJFWnduVy91bk1TY0FmUldlOGNFTVo2a2txR1NrZTFxSklmOHB1ZCt4L3B0bm5GZjlBREU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Mon, 20 Jun 2022 10:22:39 GMT
accept-ranges: bytes
content-length: 198
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
200 OK 3.3 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (7656)
Hash d2ce6e96ad7a7d2c2aaad21426c441e6
4aa273c28a94d8f7c101eb8ef50fd9f6d346b019
bcf20fb0a69f386f1101887f5d20a4c364eeeffce1e66d0af3d9dedb45a78503
GET /asset/assets/cds/cwc/cwc.esm.js?v=1670944928 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 14 Dec 2022 11:30:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3271
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/eh/pr/eHprazBwbzByVnB2MVhXMkRmOHcrTWRRbERWT3QyVWtsUFRDeWh3UFZXK0g0R2FMYXFaUWFUbHNiQnhrV0VhWkxlR1k3aWpJdEtiZWNhc1p0RTArQU85QjM5NXNFNjdxNDVhTHlOc1lUa0k9
200 OK 7.2 kB URL HTTP/2 www.cewe.no/cdn/eh/pr/eHprazBwbzByVnB2MVhXMkRmOHcrTWRRbERWT3QyVWtsUFRDeWh3UFZXK0g0R2FMYXFaUWFUbHNiQnhrV0VhWkxlR1k3aWpJdEtiZWNhc1p0RTArQU85QjM5NXNFNjdxNDVhTHlOc1lUa0k9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cb7acc8bcefdc5f11236e21710174132
4ea4f1d77b48f61575f5c78a3027210b29263d0f
1cd72690184e04f8290a7b92ff95ce34c3bbee41d9091093b6b459b47d407bf4
GET /cdn/eh/pr/eHprazBwbzByVnB2MVhXMkRmOHcrTWRRbERWT3QyVWtsUFRDeWh3UFZXK0g0R2FMYXFaUWFUbHNiQnhrV0VhWkxlR1k3aWpJdEtiZWNhc1p0RTArQU85QjM5NXNFNjdxNDVhTHlOc1lUa0k9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Mon, 24 Oct 2022 07:19:16 GMT
accept-ranges: bytes
content-length: 7200
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/vx/dk/VXdkcGVjWW9TS2tpNUMvQUN5ZkZXZGYzdWpVVS9lZ05Oa3MrbnVwTGtvMndPSjR4bmNKYStFWVo4YXIzNEVxcTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 100 B URL HTTP/2 www.cewe.no/cdn/vx/dk/VXdkcGVjWW9TS2tpNUMvQUN5ZkZXZGYzdWpVVS9lZ05Oa3MrbnVwTGtvMndPSjR4bmNKYStFWVo4YXIzNEVxcTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2159119ce4d755f47e822d4922c576b7
f252acf4a92f185a95322e0c18ae7bf62732c2c7
6b0fc1c0d8e218611764d6c994e3b4217be5b47dc97384471dfbfcdb37c8f8e3
GET /cdn/vx/dk/VXdkcGVjWW9TS2tpNUMvQUN5ZkZXZGYzdWpVVS9lZ05Oa3MrbnVwTGtvMndPSjR4bmNKYStFWVo4YXIzNEVxcTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 100
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/m0/t4/M0t4VmlXcVBkR1ZrdmtYbzJKbHVaVVBVTzU1YmJKNkttU21mWWVZZU5TVGo2c0ZnYit0aDNZbVNZMkRQbG9kSk1GWWtRdlJmdmtRVFJKSUNLYzZQNmpmeXpNdWswOFNEeVU2djk1SFNHMzg9
200 OK 11 kB URL HTTP/2 www.cewe.no/cdn/m0/t4/M0t4VmlXcVBkR1ZrdmtYbzJKbHVaVVBVTzU1YmJKNkttU21mWWVZZU5TVGo2c0ZnYit0aDNZbVNZMkRQbG9kSk1GWWtRdlJmdmtRVFJKSUNLYzZQNmpmeXpNdWswOFNEeVU2djk1SFNHMzg9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 1413ae8d5208c8273c5678d75384fd86
aa47a6714e3d54510e801b0d049874e529fb4546
7c4564743e41fe59ad573db5f13d554f7993cf42aa01fbbafe7771084213cdb0
GET /cdn/m0/t4/M0t4VmlXcVBkR1ZrdmtYbzJKbHVaVVBVTzU1YmJKNkttU21mWWVZZU5TVGo2c0ZnYit0aDNZbVNZMkRQbG9kSk1GWWtRdlJmdmtRVFJKSUNLYzZQNmpmeXpNdWswOFNEeVU2djk1SFNHMzg9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Tue, 01 Feb 2022 19:49:16 GMT
accept-ranges: bytes
content-length: 10710
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/ww/fy/WWFYemxGL0JNUGJWL3cvTDlmbzIxOWhFN2lJelM3blA1L0NwbGREOElFczY1SnZvd2x0RGhuejMxSThvQ2ZkR01GWWtRdlJmdmtRVFJKSUNLYzZQNmpmeXpNdWswOFNEeVU2djk1SFNHMzg9
200 OK 9.8 kB URL HTTP/2 www.cewe.no/cdn/ww/fy/WWFYemxGL0JNUGJWL3cvTDlmbzIxOWhFN2lJelM3blA1L0NwbGREOElFczY1SnZvd2x0RGhuejMxSThvQ2ZkR01GWWtRdlJmdmtRVFJKSUNLYzZQNmpmeXpNdWswOFNEeVU2djk1SFNHMzg9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 480079590bed93a4bd059afe043fa5da
38dafab3300cf1cd1b1fc1e22160445304f3e790
afcce8660cc2dae9491e9fbc9bf7988c70385376ebdc3acbc2d5dd36e80d589b
GET /cdn/ww/fy/WWFYemxGL0JNUGJWL3cvTDlmbzIxOWhFN2lJelM3blA1L0NwbGREOElFczY1SnZvd2x0RGhuejMxSThvQ2ZkR01GWWtRdlJmdmtRVFJKSUNLYzZQNmpmeXpNdWswOFNEeVU2djk1SFNHMzg9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Tue, 01 Feb 2022 19:49:26 GMT
accept-ranges: bytes
content-length: 9809
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/ak/rz/akRzL1pBOGgxaVJnUXJKdUdjMDlmTTlqWGd1bnl3MFJQV3djU01OWHI3YlJlZFFXN2QzbE12RzU1QWIxVElLbjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 126 B URL HTTP/2 www.cewe.no/cdn/ak/rz/akRzL1pBOGgxaVJnUXJKdUdjMDlmTTlqWGd1bnl3MFJQV3djU01OWHI3YlJlZFFXN2QzbE12RzU1QWIxVElLbjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c6a904899d2b285c4255cb75a29ff5f6
79cd4556fe8f003ef2f20da733ecb9e7ef5a5417
373995af669a5896969e092dc54475acfb8e1b5c183472d265a26655c19596cf
GET /cdn/ak/rz/akRzL1pBOGgxaVJnUXJKdUdjMDlmTTlqWGd1bnl3MFJQV3djU01OWHI3YlJlZFFXN2QzbE12RzU1QWIxVElLbjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 126
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/uf/zv/UFZVVkR5WW5DdTdlaE5vUmNkcGhKT1lubWdHeXpsdFhqVzRjNlBZVGQ5M1F1WDRCd1NVV2N3VkZyMjQzaFBPajc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 132 B URL HTTP/2 www.cewe.no/cdn/uf/zv/UFZVVkR5WW5DdTdlaE5vUmNkcGhKT1lubWdHeXpsdFhqVzRjNlBZVGQ5M1F1WDRCd1NVV2N3VkZyMjQzaFBPajc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44fc1a9b901448a69f4634a6c8c00791
53f8eaf7d8997d963d45cb0f4fd7cf6325707459
8271b3f2175feaad12eea6e9e1b877597f2ddd6ac79fb7b4d6f621279aeb900c
GET /cdn/uf/zv/UFZVVkR5WW5DdTdlaE5vUmNkcGhKT1lubWdHeXpsdFhqVzRjNlBZVGQ5M1F1WDRCd1NVV2N3VkZyMjQzaFBPajc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 14:39:02 GMT
accept-ranges: bytes
content-length: 132
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/v1/jm/V1JmUGU2YTBpVlJlL21VaVhMTjlHZ2pFZGdZOW5YSHNoS2FrNkZEOXRKZ0ZXemx3Z0FtdCtsTmNQbURvSkxFYTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 84 B URL HTTP/2 www.cewe.no/cdn/v1/jm/V1JmUGU2YTBpVlJlL21VaVhMTjlHZ2pFZGdZOW5YSHNoS2FrNkZEOXRKZ0ZXemx3Z0FtdCtsTmNQbURvSkxFYTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 194c389a36929de1646242d2cf8c4795
db945b862f28b2d36b5db5ef8bb86a3b80efc796
9ce9c305c2e2dd44924c2c91acebfc0569895ba6203c6338f413d972bf6f3739
GET /cdn/v1/jm/V1JmUGU2YTBpVlJlL21VaVhMTjlHZ2pFZGdZOW5YSHNoS2FrNkZEOXRKZ0ZXemx3Z0FtdCtsTmNQbURvSkxFYTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 14:39:02 GMT
accept-ranges: bytes
content-length: 84
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/sf/zt/SFZTSWdCRHdBbFh2RDhCRnhCVG15SzhMVUovQ0VRSnlkQ1dnb24yeEdudzc1STRUWWR6YW9MSEgxM1NEdlRyQzc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 78 B URL HTTP/2 www.cewe.no/cdn/sf/zt/SFZTSWdCRHdBbFh2RDhCRnhCVG15SzhMVUovQ0VRSnlkQ1dnb24yeEdudzc1STRUWWR6YW9MSEgxM1NEdlRyQzc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cdd385928d7b71157bf3c7a37a69d5d8
d485766e3a2b71b365fc15266827a5f8ef312fc9
a5cc37971606331e62373832e653df1dc03da8e25858cfbd6168c940bbf07389
GET /cdn/sf/zt/SFZTSWdCRHdBbFh2RDhCRnhCVG15SzhMVUovQ0VRSnlkQ1dnb24yeEdudzc1STRUWWR6YW9MSEgxM1NEdlRyQzc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 14:37:00 GMT
accept-ranges: bytes
content-length: 78
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/uk/zp/UkZPMzNseDdlOGg0VjE2RU9xM0VENzc0Q3Y1ZFJWbTdEN3FHbS9manNiWWgyTk94R1c2Y1lMQ0VQWjRBYTBkajc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 82 B URL HTTP/2 www.cewe.no/cdn/uk/zp/UkZPMzNseDdlOGg0VjE2RU9xM0VENzc0Q3Y1ZFJWbTdEN3FHbS9manNiWWgyTk94R1c2Y1lMQ0VQWjRBYTBkajc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd667b175a64fc18af931479d0cf2790
f46383af7b008d6c2cab091b49f4f7c25bfcf48e
e081c6f719b087882e2928121c5809e2acfb38aa73f6df02d69689e27faf27c1
GET /cdn/uk/zp/UkZPMzNseDdlOGg0VjE2RU9xM0VENzc0Q3Y1ZFJWbTdEN3FHbS9manNiWWgyTk94R1c2Y1lMQ0VQWjRBYTBkajc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 82
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/th/r2/THR2cmtoeXFhWlZWcFM1VmZtUjFyUmxNSFQzS2E2aDU0MWxGajd0ZytZK0VEZHA0WmRMUFd0YkNSV2R4VHhRcDc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 96 B URL HTTP/2 www.cewe.no/cdn/th/r2/THR2cmtoeXFhWlZWcFM1VmZtUjFyUmxNSFQzS2E2aDU0MWxGajd0ZytZK0VEZHA0WmRMUFd0YkNSV2R4VHhRcDc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9488948c13d87e211d03f6ca46a05c48
628eb6f23f528ccabb424878c146ee698c28da9c
cd0067f724d78137dff465d6269fe8a089572b8e67c548e83f56372278884ff4
GET /cdn/th/r2/THR2cmtoeXFhWlZWcFM1VmZtUjFyUmxNSFQzS2E2aDU0MWxGajd0ZytZK0VEZHA0WmRMUFd0YkNSV2R4VHhRcDc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 14:27:39 GMT
accept-ranges: bytes
content-length: 96
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/un/hv/UnhVT3FtY2hFRkN0d3g3aVRRUHNqbzBuUWJBa0VIajRYQVQzanhmeEhScUtLMWtqSmZEUmtDYjhMVVp4c1lJSTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 106 B URL HTTP/2 www.cewe.no/cdn/un/hv/UnhVT3FtY2hFRkN0d3g3aVRRUHNqbzBuUWJBa0VIajRYQVQzanhmeEhScUtLMWtqSmZEUmtDYjhMVVp4c1lJSTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ca55792135f02394f31848c70703749
024eec2329b461b684964a8a71f1ab80361a34bf
8b7f9b147683f0940f3329d8fa2aea5705586079e47121a2208fca2f9a6d934f
GET /cdn/un/hv/UnhVT3FtY2hFRkN0d3g3aVRRUHNqbzBuUWJBa0VIajRYQVQzanhmeEhScUtLMWtqSmZEUmtDYjhMVVp4c1lJSTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 106
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/m2/l1/M2l1ZWd2cllxYis1UVRuTjZiZFNwM2Q3VFU0WXVodEJJcEdFdEVtVnl2RjkxdXZsVXJ0TmNyeUJab1BlUFluMjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 130 B URL HTTP/2 www.cewe.no/cdn/m2/l1/M2l1ZWd2cllxYis1UVRuTjZiZFNwM2Q3VFU0WXVodEJJcEdFdEVtVnl2RjkxdXZsVXJ0TmNyeUJab1BlUFluMjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 42b27a43a80b4c09f11620d321554715
870c387f894f9bb92569babc02099d21a5617b2b
d906ab72cf30d6c48a15dc877e51bf5b74b372cd359dcc0f9be00439741c590b
GET /cdn/m2/l1/M2l1ZWd2cllxYis1UVRuTjZiZFNwM2Q3VFU0WXVodEJJcEdFdEVtVnl2RjkxdXZsVXJ0TmNyeUJab1BlUFluMjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 130
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/uy/th/UytHdEdpY2F1ZXgwV3hDS3lnUDhEbU51WkVlUHUxRkxmRCtwMk45VjBvSGI4OUpXY1VKR0xCS3pPc1hZR0NldTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 136 B URL HTTP/2 www.cewe.no/cdn/uy/th/UytHdEdpY2F1ZXgwV3hDS3lnUDhEbU51WkVlUHUxRkxmRCtwMk45VjBvSGI4OUpXY1VKR0xCS3pPc1hZR0NldTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5790027e42dacf12e6e9317809b157e
7e2398608e6c582eb6f9063d63626b4c1687e5bc
96253b655a91c37933cb25fea372f99864b975a93d5de57a2700bec7311e2a30
GET /cdn/uy/th/UytHdEdpY2F1ZXgwV3hDS3lnUDhEbU51WkVlUHUxRkxmRCtwMk45VjBvSGI4OUpXY1VKR0xCS3pPc1hZR0NldTc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 136
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/mw/x3/MWx3bXdlRGpwR1AzcTVkTkJOdFpKTmFleHlRZFBNYTEyWjlSb1hYZjlmTVV0TmhGbW5UV2ltRmt2RUZ0SXlmVjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 88 B URL HTTP/2 www.cewe.no/cdn/mw/x3/MWx3bXdlRGpwR1AzcTVkTkJOdFpKTmFleHlRZFBNYTEyWjlSb1hYZjlmTVV0TmhGbW5UV2ltRmt2RUZ0SXlmVjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bc60077283e1a3e3a8581c516b1d1d16
3ff2cdd09d44a523651a53cfa89185ad4f1d9405
49dc6f59bd162c6b4801c79287264a33b239acf3ef3ae92a7c351165bc4b11ea
GET /cdn/mw/x3/MWx3bXdlRGpwR1AzcTVkTkJOdFpKTmFleHlRZFBNYTEyWjlSb1hYZjlmTVV0TmhGbW5UV2ltRmt2RUZ0SXlmVjc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 88
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/a3/zu/a3ZUTjZhaUFKbkRUdDlDVjd4TzBtWXhNMXN2Q2dVUnNjQ20vNnBLVllxd1lRUXJCb0NiU0EyK1BjVWFhVkplVDc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
200 OK 132 B URL HTTP/2 www.cewe.no/cdn/a3/zu/a3ZUTjZhaUFKbkRUdDlDVjd4TzBtWXhNMXN2Q2dVUnNjQ20vNnBLVllxd1lRUXJCb0NiU0EyK1BjVWFhVkplVDc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x8, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 20c3aa5dd530e96702ae2ced16e72de6
6058f9ac6877f20d95884e1657b0fd899f258a6e
0bc367b1142a2173d5b2153279e5a659e644cb007f940299f63b9614754ec48b
GET /cdn/a3/zu/a3ZUTjZhaUFKbkRUdDlDVjd4TzBtWXhNMXN2Q2dVUnNjQ20vNnBLVllxd1lRUXJCb0NiU0EyK1BjVWFhVkplVDc1Y3c0cDV0eDd1QmxlbFBhRTBqMHVhbG14YmRUTXkrbUhsdEJCMkY3TkU9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 29 Sep 2022 10:23:13 GMT
accept-ranges: bytes
content-length: 132
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/fonts/CEWEText/CEWEText-Regular.woff2
200 OK 27 kB URL HTTP/2 www.cewe.no/asset/assets/fonts/CEWEText/CEWEText-Regular.woff2
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Web Open Font Format (Version 2), TrueType, length 26716, version 1.0\012- data
Hash a98714a3b89f3b964089f753d477cf37
86a2b6909e818b213c284388f84b490fab20c8bd
056d0c671bf232157ccc83208f9fcbcc72b763a35d7ff0bf5c983740234720ae
GET /asset/assets/fonts/CEWEText/CEWEText-Regular.woff2 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 21 Oct 2021 07:35:15 GMT
accept-ranges: bytes
content-length: 26716
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
access-control-allow-origin: *
content-type: font/woff2
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/cdn/bu/fc/bUFCbTJ6V0ttTll5cUpYQitISE5FRTJvTzhzZWxaSC94MU1DdFczZGUwcXVydldlblFOUVZjOEpXK1RjLzUybm1wOFA5K1llRFYrYmxQa1BqcE5rdU1RRWlVZi9YdHVaeXJ2VFVyME1ETms9
200 OK 40 kB URL HTTP/2 www.cewe.no/cdn/bu/fc/bUFCbTJ6V0ttTll5cUpYQitISE5FRTJvTzhzZWxaSC94MU1DdFczZGUwcXVydldlblFOUVZjOEpXK1RjLzUybm1wOFA5K1llRFYrYmxQa1BqcE5rdU1RRWlVZi9YdHVaeXJ2VFVyME1ETms9
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x384, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 04b4194711697f138d187c48835c8ce3
6281d00a716d9efd009a9203405e38e754ff5450
a4fbf99741188d0ff9701e895c945ead822a02ec4938ed8a645599d124c376e1
GET /cdn/bu/fc/bUFCbTJ6V0ttTll5cUpYQitISE5FRTJvTzhzZWxaSC94MU1DdFczZGUwcXVydldlblFOUVZjOEpXK1RjLzUybm1wOFA5K1llRFYrYmxQa1BqcE5rdU1RRWlVZi9YdHVaeXJ2VFVyME1ETms9 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Tue, 20 Dec 2022 09:43:40 GMT
accept-ranges: bytes
content-length: 40478
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/styles/early-styleeditor.css?v=1668016077
200 OK 41 kB URL HTTP/2 www.cewe.no/asset/assets/styles/early-styleeditor.css?v=1668016077
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Unicode text, UTF-8 text, with very long lines (65150), with no line terminators
Hash 3306c1763ddf0797e6ef66c18b21dea5
7f734ea2d83481c5cc31b3c7168c409bb76ea025
731f89c58c6f8a9bbd22a2d6ffcfe0e536738fe3335c48c0b26914b1186eae4e
GET /asset/assets/styles/early-styleeditor.css?v=1668016077 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Mon, 14 Nov 2022 13:57:16 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 41377
content-type: text/css
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/fonts/LatoLatin/LatoLatin-Regular.woff2
200 OK 44 kB URL HTTP/2 www.cewe.no/asset/assets/fonts/LatoLatin/LatoLatin-Regular.woff2
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Web Open Font Format (Version 2), TrueType, length 43760, version 2.983\012- data
Hash 3cd36578026d6c12eddf9a5c671a251d
5702cb2005766b9cfc3b2affd73d1bfe3f4f6c1e
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
GET /asset/assets/fonts/LatoLatin/LatoLatin-Regular.woff2 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 21 Oct 2021 07:35:15 GMT
accept-ranges: bytes
content-length: 43760
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
access-control-allow-origin: *
content-type: font/woff2
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-7117b8fa.js
200 OK 6.1 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-7117b8fa.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (12846)
Hash 564947c5b4022fd85591dadcb4fe985e
681e41b1e4bda8174b33f119fd2a0d2ab2dcf687
59e7e7876140f16274a73121ca7b4e3d46cab697dc9b451f58f524cb7e2e6d2f
GET /asset/assets/cds/cwc/p-7117b8fa.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6127
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/jEa5WN7607o
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jEa5WN7607o
IP
Hash 7e787fcd5076550f91871918aa83071b
4e637f9bc2d8757a170a9d6f18cba4be6f9c2d77
e04d089f3844e31b586dbd99c7f995b8b6edae8083f626728e4ff770bf30b21f
POST /s/gts1d4/jEa5WN7607o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WTDHS4
200 OK 102 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WTDHS4
IP
File type Unicode text, UTF-8 text, with very long lines (56536)
Size 102 kB (102274 bytes)
Hash 8b7d9d12ef2efd9e50af1e419aa3f2bf
cfb77b027c5cba63599edc56b2289401c6fa910a
83e28971efb44fd89b745d79e085a90a160aafa97efc90ae27eeac3e4170572a
GET /gtm.js?id=GTM-WTDHS4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 11 Jan 2023 08:18:50 GMT
expires: Wed, 11 Jan 2023 08:18:50 GMT
cache-control: private, max-age=900
last-modified: Wed, 11 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.usercentrics.eu/browser-ui/latest/loader.js
200 OK 21 kB URL HTTP/2 app.usercentrics.eu/browser-ui/latest/loader.js
IP
File type Unicode text, UTF-8 text, with very long lines (63068)
Hash c665b569bbe04be9338583c20d162234
9570872fe37d8a740152c2c76e3a6fdd5e449248
24b3e37410b6781d5b30aca7595e5dd2eb95d741330f30b6c8902e8166964ad0
GET /browser-ui/latest/loader.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtT5HVP9TYPeTGeq1NTTr5Q1eEmggiCoVjZWTLjbeZG4_l30jVbPI3zB_gHog15X6X7bttO-APnrEuQqpINZmpgFmFQNcf1
x-goog-generation: 1673270178845255
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 21129
content-encoding: gzip
x-goog-hash: crc32c=hnNeow==, md5=xmW1abvgS+kzhYPCDRYiNA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 21129
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
server: UploadServer
date: Wed, 11 Jan 2023 07:45:13 GMT
expires: Wed, 11 Jan 2023 08:45:13 GMT
cache-control: public, max-age=3600, no-transform
age: 2017
last-modified: Mon, 09 Jan 2023 13:16:18 GMT
etag: "c665b569bbe04be9338583c20d162234"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/fonts/CEWEText/CEWEText-Bold.woff2
200 OK 27 kB URL HTTP/2 www.cewe.no/asset/assets/fonts/CEWEText/CEWEText-Bold.woff2
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Web Open Font Format (Version 2), TrueType, length 26644, version 1.0\012- data
Hash dab2c4678fe229d64f0fe644ef6b4a0d
dbaa2d262185c33519e687496d6a2a49dd08ad28
8e1ef883f341e3992b5533c85084ee4efd008e23001c3b75f9902134cf509be3
GET /asset/assets/fonts/CEWEText/CEWEText-Bold.woff2 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/styles/early-styleeditor.css?v=1668016077
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 21 Oct 2021 07:35:15 GMT
accept-ranges: bytes
content-length: 26644
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
access-control-allow-origin: *
content-type: font/woff2
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/fonts/CEWEHead/CEWEHead-Medium.woff2
200 OK 26 kB URL HTTP/2 www.cewe.no/asset/assets/fonts/CEWEHead/CEWEHead-Medium.woff2
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Web Open Font Format (Version 2), TrueType, length 26412, version 1.0\012- data
Hash d287fa803a8ac4ca18af441f82958627
73a8f9c7de5f976808923e1f738cdcf331c213ac
7f922d053b0d46310a8c14446b81fbdbd8916d94eb1c2988a99720936e52165c
GET /asset/assets/fonts/CEWEHead/CEWEHead-Medium.woff2 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/styles/main-styleeditor.css?v=1670944929
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 21 Oct 2021 07:35:15 GMT
accept-ranges: bytes
content-length: 26412
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
access-control-allow-origin: *
content-type: font/woff2
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-492608b1.entry.js
200 OK 873 B URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-492608b1.entry.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (1854)
Hash b8efbd8790eb7543e6c86e4136e8dfc3
9f56fc695dc23ad04c33f6a1e0e576a38f4eeb17
8254f6b9bbae8db4dd5597731a43efe873711c3c599e40ea1e0311009f203dac
GET /asset/assets/cds/cwc/p-492608b1.entry.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 873
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-aff25be0.entry.js
200 OK 517 B URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-aff25be0.entry.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (897)
Hash f112f309b6efe8408d6ad779c869990e
7ba0bbc3f9f20b36160c89f64508abceed4ab0e6
1c40ae47c33f03ca1ccea696188ece879304c36db87fb9506a91493de35f097b
GET /asset/assets/cds/cwc/p-aff25be0.entry.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 517
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-10a54edb.entry.js
200 OK 4.5 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-10a54edb.entry.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (19361)
Hash 53c8fda4e3a2b3f12674992fc48e619c
c1fa6f2dd6aad796e8fa0690ded7234cfe001fef
1552c36247cdc96dadbdf22320d896ae40b5834e62aba8c6358bba2f011f769c
GET /asset/assets/cds/cwc/p-10a54edb.entry.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4507
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-c0a62666.entry.js
200 OK 1.6 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-c0a62666.entry.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (5894)
Hash 97e23329783a19e4530cd6a84dd15424
35179f39b3aca404f59b21815016e10db5efa42a
0d3f56fdedd1c147b241c60c3d67a0e29b6ce9df14745d24220993396ef16d38
GET /asset/assets/cds/cwc/p-c0a62666.entry.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 14 Dec 2022 11:30:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1595
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-f87a5dca.entry.js
200 OK 4.1 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-f87a5dca.entry.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Unicode text, UTF-8 text, with very long lines (17768)
Hash 470cbe94ba24a237ae3b706d46914f0c
6b7865bd867704c304f497205a61eef30875acae
0949a98ad067b5b23101adc37c351d65f463b216839ae15e3fed581e7a54f663
GET /asset/assets/cds/cwc/p-f87a5dca.entry.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4118
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/mjs/npm.es5.097239.js
200 OK 5.8 kB URL HTTP/2 www.cewe.no/asset/assets/mjs/npm.es5.097239.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (25914), with no line terminators
Hash 7034490235045242c2986e116f5d94da
b08459c4ae5c5696a087d88f6a9859f7f4971b1d
95b16f4d40a76c6386e0b321d0983627481bb8ba18f51e3956132af0ee45c42f
GET /asset/assets/mjs/npm.es5.097239.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Mon, 24 Oct 2022 07:19:23 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5771
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/mjs/module-tracking.982f35.js
200 OK 4.8 kB URL HTTP/2 www.cewe.no/asset/assets/mjs/module-tracking.982f35.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (14197), with no line terminators
Hash 353d7985cdd9b0df941ea828834dd688
a5d3ade2814f97a135e8550678cfc525a02e5bed
935c83eb5c9a8dfa6fc9ec7b6480e9708cd79d8fdcc735b81e4fed8a7bb07d09
GET /asset/assets/mjs/module-tracking.982f35.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Tue, 15 Nov 2022 08:30:58 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4827
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/mjs/npm.mobile-detect.078b69.js
200 OK 16 kB URL HTTP/2 www.cewe.no/asset/assets/mjs/npm.mobile-detect.078b69.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (39378)
Hash 579e1a3b14e70d04a171edf0df20dafd
58a0aaee701ac1b587f878c418b4857a0d439d14
6f656e7395b3e212b3e3e191c6b04c094e4e394fc2faebae7b5af91e166ed97d
GET /asset/assets/mjs/npm.mobile-detect.078b69.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Fri, 30 Jul 2021 06:58:18 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 16449
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5268f9da00006400057717eb
200 OK 3.3 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5268f9da00006400057717eb
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12963)
Hash 2922a85ce6caf46f828c097bf7aa1036
afedbac8e6480a8c59cc6ca3359381731f75795b
12d369c3d585d564678ed15f99b53dad29faa1e05475825ccd0e8f4c50cfb779
GET /trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5268f9da00006400057717eb HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 3267
last-modified: Tue, 04 Oct 2022 10:24:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 10 Jan 2023 20:43:20 GMT
cache-control: max-age=86400
etag: "2922a85ce6caf46f828c097bf7aa1036"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6ORkBcECz1Lo2_sNpdkYy-2Kdk3-uwqtCqgMbUxV4n9EpLaz_GYpbQ==
age: 41731
X-Firefox-Spdy: h2
lnk.clickadsolutions.com/?bt=jib.rtbtrack.site&ref=&friend=&u=r.brandreward.com%252F%253Fkey%253Dc5cd2aed04ceb28d7f5083426c8b658f%2526url%253Dhttp%25253A%25252F%25252Fcewe.no%2526id%253D63be70e793093b6e0c0fe2a1-RL-265458&log=false&type=ROTATOR_LINK&linkId=265458&clickId=63be70e793093b6e0c0fe2a1&br=false
200 OK 1.6 kB URL HTTP/2 lnk.clickadsolutions.com/?bt=jib.rtbtrack.site&ref=&friend=&u=r.brandreward.com%252F%253Fkey%253Dc5cd2aed04ceb28d7f5083426c8b658f%2526url%253Dhttp%25253A%25252F%25252Fcewe.no%2526id%253D63be70e793093b6e0c0fe2a1-RL-265458&log=false&type=ROTATOR_LINK&linkId=265458&clickId=63be70e793093b6e0c0fe2a1&br=false
IP
Hash 0361d4e75d8a2013422ab21aae4eaf71
6cac42b0734dd4389cdf06f7c036bb74ba1ca79f
cb1a98080fa1453832fcc06201fbc3a7c85bf74a886dcb0cde639af8beee27f4
GET /?bt=jib.rtbtrack.site&ref=&friend=&u=r.brandreward.com%252F%253Fkey%253Dc5cd2aed04ceb28d7f5083426c8b658f%2526url%253Dhttp%25253A%25252F%25252Fcewe.no%2526id%253D63be70e793093b6e0c0fe2a1-RL-265458&log=false&type=ROTATOR_LINK&linkId=265458&clickId=63be70e793093b6e0c0fe2a1&br=false HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024
Cookie: v=t; cas=3451:1836:1836:1; rls=290870:1836:1836:1|290838:1836:1836:1|290848:1836:1836:1|265458:1836:1836:1|291100:1836:1836:1; com=162:92:NO:1836:1836:1|16571:166:NO:1836:1836:1|3833:142:NO:1836:1836:1|162:37:NO:1836:1836:1|9424:166:NO:1836:1836:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:47 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
Hash c4954ac2d979ac326518dd03fb0e9955
ad99963583e25ebac0bf1116e7e29a6583cf7321
46dd26b6223dc85d45847f8e4ea333a5fb87498e00ad49472f94aa4346cb4789
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cewe.no/asset/assets/cds/cwc/p-457a9ac7.js
200 OK 3.1 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-457a9ac7.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (15096)
Hash c46a683fac2c95185f8566a539f0aac8
75ddc8dbec0ca1279bddce4b690a067c676b4f28
5095032d7f8340164c8d23faa2664d9971b5328e94f35b10fdfef5b2a23dcf36
GET /asset/assets/cds/cwc/p-457a9ac7.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-492608b1.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3067
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/mjs/main.esm.js?v=1671561020
200 OK 80 kB URL HTTP/2 www.cewe.no/asset/assets/mjs/main.esm.js?v=1671561020
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type Unicode text, UTF-8 text, with very long lines (36710), with LF, NEL line terminators
Hash df629dbd20caadaf8cb4fb236f4b25d6
798db60b5566e83b2cc2a11eb9fe9e604b2700d2
10070f2153a74b3aa29e60f17cf451117a1b11e6aefe7995bf86224da28d32df
GET /asset/assets/mjs/main.esm.js?v=1671561020 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 22 Dec 2022 10:37:23 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-9ac499b5.js
200 OK 9.5 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-9ac499b5.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (27554)
Hash e83aa7e6b587c5c840574cf025ff8702
384751be7fe142047c126bd17c64ba85e7df2cad
32f05d5fbb5ddde4a9baeb113dbc4fd6af137ae0a1c717d6d1195547d6ea8e3a
GET /asset/assets/cds/cwc/p-9ac499b5.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-492608b1.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 9455
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-8ccd3638.js
200 OK 696 B URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-8ccd3638.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (2058)
Hash 0a1330092a3c59d19e543e1b6a41593c
bbe104cd3b7cfebe5f12e0aed397460412f7b022
1850f78521a6082018db13deaadfbd9e44dc02c3f558ce2d2012cf1ad4432942
GET /asset/assets/cds/cwc/p-8ccd3638.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-aff25be0.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 696
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-151467ae.js
200 OK 431 B URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-151467ae.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (751)
Hash c2013b25e472e9f3353480b571e2857c
f68580a3144500ca4269f9c6fe5f6b8296cbefea
88ed1d7e1b9cea6714971c1b67e32b72e9293108e608057362e8502df8e82710
GET /asset/assets/cds/cwc/p-151467ae.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-aff25be0.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 431
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
api.usercentrics.eu/settings/08NTPuv5-/latest/languages.json
200 OK 0 B URL HTTP/2 api.usercentrics.eu/settings/08NTPuv5-/latest/languages.json
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /settings/08NTPuv5-/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.cewe.no/
Origin: https://www.cewe.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtWJfsIJC5gr2uI0R73wFflf7IJ_2FV0QPatkOKR7QeZ9NtGdg7Ryd1LhPe2CR9bPXv9GXu5ec81wy1Hx_qE2lTDbbkvuio
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Wed, 11 Jan 2023 08:18:51 GMT
expires: Wed, 11 Jan 2023 08:18:51 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-b1c7cb43.js
200 OK 23 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-b1c7cb43.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (39610)
Hash acf993806cb8b964246604ce22ea6dc8
8ccefb68080f844bc10ecf271dc4d014c35b3817
f1f041db40d1d45fb054391df5d72a598b1f2ce61541033b6a9756586a7c0128
GET /asset/assets/cds/cwc/p-b1c7cb43.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-aff25be0.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 22662
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
api.usercentrics.eu/settings/08NTPuv5-/latest/languages.json
200 OK 66 B URL HTTP/2 api.usercentrics.eu/settings/08NTPuv5-/latest/languages.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 755fdcca345af33135369d6575d5da99
dfbf29679e17287af9e63113bb08cf5668e6b614
f65af9234d86099637960546af3363b56a582960ba4f5b8f9f58090d20fcd150
GET /settings/08NTPuv5-/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cewe.no/
content-type: application/json
Origin: https://www.cewe.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv1EVQn3RUS-78mLUYsqr7PMf84qhqSXG_K7VxCxpMVy-gipoXRJWOGs4vJxpG7hvMXclLQx8FOdbRgjLWQlokjqhDkRZ1S
x-goog-generation: 1669300340595662
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 66
content-encoding: gzip
x-goog-hash: crc32c=E78oew==, md5=dV/cyjRa8zE1Np1lddXamQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 66
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 11 Jan 2023 08:18:51 GMT
expires: Wed, 11 Jan 2023 08:19:01 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Mon, 02 Jan 2023 11:16:27 GMT
etag: "755fdcca345af33135369d6575d5da99"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-29084d96.js
200 OK 341 B URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-29084d96.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (475)
Hash f450265adcfb765a14bfa6935edf6e90
74dedb4479c8359a29066d0b143d8985fb59173a
faa4cc8d7ca389e681d7e346a3386637d0a7aca0c7bc1369dc882bee3544e165
GET /asset/assets/cds/cwc/p-29084d96.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-10a54edb.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Thu, 09 Dec 2021 11:35:32 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 341
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP
Hash c4954ac2d979ac326518dd03fb0e9955
ad99963583e25ebac0bf1116e7e29a6583cf7321
46dd26b6223dc85d45847f8e4ea333a5fb87498e00ad49472f94aa4346cb4789
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
200 OK 30 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64281), with no line terminators
Hash 5b76b943a9533254775b33e002b1c884
4c884b91ed0762c5380da136c5d09edb9b4fbd14
003b5a563be7a0444ca3be97ace94a5b4ec478009ffa159767c5873ee61e5bdb
GET /trustboxes/53aa8912dec7e10d38f59f36/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5268f9da00006400057717eb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 29756
date: Wed, 11 Jan 2023 01:15:32 GMT
last-modified: Tue, 04 Oct 2022 10:24:58 GMT
etag: "5b76b943a9533254775b33e002b1c884"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Psni4CAfVwhdVmUHh7uaLkEqdWb91RtJDPlbK4MbxQJMAnK0eh7R-Q==
age: 25400
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-819d0776.js
200 OK 1.3 kB URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-819d0776.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (3081)
Hash 327976b4e33c7e33dadadd36d597f23d
82550cba54bfb3be1c2ab53c0cdcf74d833ff8fe
5fa2091a944e227ea0db1f22c0a2531a208933df1264aacf7b6132c0be464656
GET /asset/assets/cds/cwc/p-819d0776.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-10a54edb.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Mon, 31 Oct 2022 07:27:41 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1277
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/cds/cwc/p-9e101cec.js
200 OK 637 B URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-9e101cec.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (1738)
Hash 9c7b8fbc1aadc1a5a84edeccb1d1be25
5bb0d0e9d1b7be42a4cd4995ca47c4e0faed4094
13bc070d0440a5066c5b632894de57d844429f0824d174c70ea21f742283a6a2
GET /asset/assets/cds/cwc/p-9e101cec.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/p-c0a62666.entry.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Thu, 09 Dec 2021 11:35:32 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 637
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
api.usercentrics.eu/settings/08NTPuv5-/latest/no.json
200 OK 0 B URL HTTP/2 api.usercentrics.eu/settings/08NTPuv5-/latest/no.json
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /settings/08NTPuv5-/latest/no.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.cewe.no/
Origin: https://www.cewe.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycds12PE2OaFUkJrfrpPUw-GKbijo2tt_V7hwe6uIfqgZVTWrI61PoewiTd3fyCO0kx-Zya9xMXoNFLgzHnl5J0R74Ng1mtTy
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Wed, 11 Jan 2023 08:18:51 GMT
expires: Wed, 11 Jan 2023 08:18:51 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=no-NO&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&url=https%3A%2F%2Fwww.cewe.no%2F%3Futm_source%3Dtradetracker%26utm_medium%3Dcpa%26utm_campaign%3Dno&referrer=https%3A%2F%2Fr.brandreward.com%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5268f9da00006400057717eb&widgetId=53aa8912dec7e10d38f59f36
204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=no-NO&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&url=https%3A%2F%2Fwww.cewe.no%2F%3Futm_source%3Dtradetracker%26utm_medium%3Dcpa%26utm_campaign%3Dno&referrer=https%3A%2F%2Fr.brandreward.com%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5268f9da00006400057717eb&widgetId=53aa8912dec7e10d38f59f36
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=no-NO&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&url=https%3A%2F%2Fwww.cewe.no%2F%3Futm_source%3Dtradetracker%26utm_medium%3Dcpa%26utm_campaign%3Dno&referrer=https%3A%2F%2Fr.brandreward.com%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5268f9da00006400057717eb&widgetId=53aa8912dec7e10d38f59f36 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5268f9da00006400057717eb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 11 Jan 2023 08:18:51 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Mc1efrWnAk4bh4LitJG8IK_oSNmw6x5Fl48qGfibtsi_SZBYx1AZPg==
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/mjs/sg.bundle.c6a2ac.js
200 OK 22 kB URL HTTP/2 www.cewe.no/asset/assets/mjs/sg.bundle.c6a2ac.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2bd1b66d2339b509b85fe95e2bae7db6
7991953ffd44ef9baf27236995f65f3e97248a2a
7e3489336c0f0a2f741692c4d5658203f2617a12af928491d79ccfe65c70d3bd
GET /asset/assets/mjs/sg.bundle.c6a2ac.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Mon, 24 Oct 2022 07:19:23 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 21705
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=17168906.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5268f9da00006400057717eb&locale=no-NO&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15
200 OK 6.0 kB URL HTTP/2 widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5268f9da00006400057717eb&locale=no-NO&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (19113), with no line terminators
Hash 3e967b58a25c0349356976bb11311c74
76f6123ab9e7b8383cf1a49e4e953de8b6087540
542ea98c2072c109b5e440d7c69854053ec4730ac29f33d9482da0a2b328ad1a
GET /trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5268f9da00006400057717eb&locale=no-NO&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5268f9da00006400057717eb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
content-encoding: gzip
date: Wed, 11 Jan 2023 08:09:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: "aff51bd98263955f8c78001391de6b3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tbauIktzLcUtZXv76EdwwPCCG6gGJqdGOZeVRwq8CaoMrLHwgolo4g==
age: 582
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/mjs/sg.wizard.b0de17.js
200 OK 4.5 kB URL HTTP/2 www.cewe.no/asset/assets/mjs/sg.wizard.b0de17.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (15454), with no line terminators
Hash d1f0b829434e2ca41c0ea74a6b64a682
f1f957f6b7b5495fbe48de0d34572af067661976
92af5bba3f198eed4c6939cc3b414bff0815d20b0fb102e6326e033cf4cbbf8d
GET /asset/assets/mjs/sg.wizard.b0de17.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Wed, 14 Dec 2022 11:30:45 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4480
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash 4acd683b0a59450a65bff762e3dd53f0
8c39a2b44c13ee9a6d12d18499ad47f00ce292fe
0885fa93ede016a8e58a471acf819876c0a9234c4d0c64f3fdad26c571ace4da
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 08:18:51 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A2C75D1B218AECC0108954A8C113B2F421F26C50"
Expires: Wed, 11 Jan 2023 19:00:00 GMT
Last-Modified: Wed, 11 Jan 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2263
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787c395f4bf7b4f7-OSL
www.cewe.no/asset/assets/cds/cwc/p-a757944c.entry.js
200 OK 124 B URL HTTP/2 www.cewe.no/asset/assets/cds/cwc/p-a757944c.entry.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
Hash 636969b2d13038870a848c5647fea8ef
188aa40be2812c39075bd95f0fe0a4977dd1c7d2
c1e54e830e51dace86a9bb2516135b944cfa1f42d8207f1bdbaf0cb6fb800bb5
GET /asset/assets/cds/cwc/p-a757944c.entry.js HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/asset/assets/cds/cwc/cwc.esm.js?v=1670944928
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Thu, 01 Dec 2022 13:57:44 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 124
content-type: application/javascript
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
cdn.jsdelivr.net/instantsearch.js/1/instantsearch.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/instantsearch.js/1/instantsearch.min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /instantsearch.js/1/instantsearch.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.12.1
x-jsd-version-type: version
etag: W/"7581e-fbLOlWAiUWKyrDKqyDyvut/otGc"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 11 Jan 2023 08:18:51 GMT
age: 3654
x-served-by: cache-fra-eddf8230126-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 131651
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/data/external/tradingpartner-products/391.json
200 OK 322 B URL HTTP/2 www.cewe.no/asset/assets/data/external/tradingpartner-products/391.json
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type JSON data\012- , ASCII text
Hash ac914be918d067f69987fe2a22464b74
6341b40fc55e63b63d3ae25cf9b7a41d075738ca
bc22845c4f33c39361b1ca8a758069195d38faeba026924375f6bdb2d478f368
GET /asset/assets/data/external/tradingpartner-products/391.json HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Apache
last-modified: Thu, 05 Jan 2023 10:16:25 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:51 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 322
content-type: application/json
set-cookie: BIGipServercs-https-pool=33946122.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4f2a26c64c6cfc8dd754843d09f56ed4
bdf7d3700504495a1707e403f54566b89e8c6f23
e47e8bf37f3b6643682e1708f43f743ef9d716cead5adcfd9c479a2ae3a0cfd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E47E8BF37F3B6643682E1708F43F743EF9D716CEAD5ADCFD9C479A2AE3A0CFD1"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15285
Expires: Wed, 11 Jan 2023 12:33:36 GMT
Date: Wed, 11 Jan 2023 08:18:51 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
Hash dceddc785d7ef4ffa446e23ebe5868ab
c484a9cae1474f27892d08527e3bf36b24030df3
4f60198e0dccad5159754603cc4253aabdcf978410af2043eb708e553f661114
POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
Hash 00dfd2fb2555d32afa25fdaa5701e238
de4b25652673668a4d2f0f47df5cdb8321d50356
a5987477c1c49fd57eff9506599cf2ac8a6695a553e838f6157e9ce395569710
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
Hash 00dfd2fb2555d32afa25fdaa5701e238
de4b25652673668a4d2f0f47df5cdb8321d50356
a5987477c1c49fd57eff9506599cf2ac8a6695a553e838f6157e9ce395569710
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
Hash dceddc785d7ef4ffa446e23ebe5868ab
c484a9cae1474f27892d08527e3bf36b24030df3
4f60198e0dccad5159754603cc4253aabdcf978410af2043eb708e553f661114
POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dls.photoprintit.com/cops-dk/no/cewe-search-24.js
200 OK 2.8 kB URL HTTP/2 dls.photoprintit.com/cops-dk/no/cewe-search-24.js
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d1f590801dbf3190daf2a4b6d9f3b33a
d16b7ae2ee97b839808ef006d66d1b6f7648301e
404e39855e6f30ea392eea2dafe03c39675ae84afd4d167032e0c8e98cbf84ec
GET /cops-dk/no/cewe-search-24.js HTTP/1.1
Host: dls.photoprintit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 07:59:48 GMT
server: ATS/8.1.6
last-modified: Thu, 10 Nov 2022 10:32:26 GMT
accept-ranges: bytes
cache-control: max-age=3600
vary: Accept-Encoding
content-encoding: gzip
content-length: 2801
content-type: application/javascript
expires: Wed, 11 Jan 2023 08:59:48 GMT
age: 1143
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
204 No Content 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.cewe.no/
Origin: https://www.cewe.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 11 Jan 2023 08:18:51 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
consent-api.service.consent.usercentrics.eu/consent/uw/1
204 No Content 0 B URL HTTP/2 consent-api.service.consent.usercentrics.eu/consent/uw/1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.cewe.no/
Origin: https://www.cewe.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-max-age: 86400
x-cloud-trace-context: 84d9e33fd9078f8da11ec6d8c0ff901d
date: Wed, 11 Jan 2023 08:18:51 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cewe.no/asset/assets/styles/main-styleeditor.css?v=1670944929
200 OK 255 kB URL HTTP/2 www.cewe.no/asset/assets/styles/main-styleeditor.css?v=1670944929
IP
ASN #49494 CEWE Stiftung & Co. KGaA
File type ASCII text, with very long lines (65536), with no line terminators
Size 255 kB (255039 bytes)
Hash 942385e55a08508522c863dbf4b75d5a
c2002eea79a137a4a530bf796fa6d97fc3750102
63fb87cbe277ea547b7e0f9277da4b80538a2733a3db2796193e8a9c020e10e8
GET /asset/assets/styles/main-styleeditor.css?v=1670944929 HTTP/1.1
Host: www.cewe.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/?utm_source=tradetracker&utm_medium=cpa&utm_campaign=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:50 GMT
server: Apache
last-modified: Wed, 14 Dec 2022 11:30:47 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Wed, 18 Jan 2023 08:18:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
set-cookie: BIGipServercs-https-pool=50723338.17173.0000; path=/; Httponly; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/L5KIiOsmaP8
IP
Hash dceddc785d7ef4ffa446e23ebe5868ab
c484a9cae1474f27892d08527e3bf36b24030df3
4f60198e0dccad5159754603cc4253aabdcf978410af2043eb708e553f661114
POST /s/gts1d4/L5KIiOsmaP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/VJA41Da9_CE
IP
Hash 00dfd2fb2555d32afa25fdaa5701e238
de4b25652673668a4d2f0f47df5cdb8321d50356
a5987477c1c49fd57eff9506599cf2ac8a6695a553e838f6157e9ce395569710
POST /s/gts1d4/VJA41Da9_CE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent-api.service.consent.usercentrics.eu/consent/uw/1
201 Created 0 B URL HTTP/2 consent-api.service.consent.usercentrics.eu/consent/uw/1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /consent/uw/1 HTTP/1.1
Host: consent-api.service.consent.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cewe.no/
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 33145eaa-131a-422e-9268-2217acba7b04
Origin: https://www.cewe.no
Content-Length: 1697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
vary: Origin
access-control-allow-origin: *
x-cloud-trace-context: f9ed511c38ebb010fca899c173e2b967
date: Wed, 11 Jan 2023 08:18:51 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
IP
Hash 1991d18d066d70cad3cd7072118288ab
77dd4433e4a443b8c2b8e59a4aef926697a1f142
7fd69c4da8e9dc40a48aa951bff70fc5601ca43e0ceafcaa49b30119fa41a5c5
POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uct.service.usercentrics.eu/uct?v=1&sid=08NTPuv5-&t=1&abv=&r=https%3A%2F%2Fwww.cewe.no%2F%3Futm_source%3Dtradetracker%26utm_medium%3Dcpa%26utm_campaign%3Dno&cb=1673425117596
200 OK 35 B URL HTTP/2 uct.service.usercentrics.eu/uct?v=1&sid=08NTPuv5-&t=1&abv=&r=https%3A%2F%2Fwww.cewe.no%2F%3Futm_source%3Dtradetracker%26utm_medium%3Dcpa%26utm_campaign%3Dno&cb=1673425117596
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /uct?v=1&sid=08NTPuv5-&t=1&abv=&r=https%3A%2F%2Fwww.cewe.no%2F%3Futm_source%3Dtradetracker%26utm_medium%3Dcpa%26utm_campaign%3Dno&cb=1673425117596 HTTP/1.1
Host: uct.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cewe.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store
content-type: image/gif
function-execution-id: 7svtid8ih9q9
x-powered-by: Express
x-cloud-trace-context: 572d98757446c5d04dfaba04be5aab39
date: Wed, 11 Jan 2023 08:18:51 GMT
server: Google Frontend
content-length: 35
via: 1.1 google
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/yQ_v2YqKKtg
IP
Hash 1991d18d066d70cad3cd7072118288ab
77dd4433e4a443b8c2b8e59a4aef926697a1f142
7fd69c4da8e9dc40a48aa951bff70fc5601ca43e0ceafcaa49b30119fa41a5c5
POST /s/gts1d4/yQ_v2YqKKtg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 08:18:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lnk.clickadsolutions.com/?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fbangerhead.no%2526b%253D63be70e793093b6e0c0fe2a1-RL-290848&log=false&type=ROTATOR_LINK&linkId=290848&clickId=63be70e793093b6e0c0fe2a1&br=false
200 OK 0 B URL HTTP/2 lnk.clickadsolutions.com/?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fbangerhead.no%2526b%253D63be70e793093b6e0c0fe2a1-RL-290848&log=false&type=ROTATOR_LINK&linkId=290848&clickId=63be70e793093b6e0c0fe2a1&br=false
IP
GET /?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fbangerhead.no%2526b%253D63be70e793093b6e0c0fe2a1-RL-290848&log=false&type=ROTATOR_LINK&linkId=290848&clickId=63be70e793093b6e0c0fe2a1&br=false HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024
Cookie: v=t; cas=3451:1836:1836:1; rls=290870:1836:1836:1|290838:1836:1836:1|290848:1836:1836:1|265458:1836:1836:1|291100:1836:1836:1; com=162:92:NO:1836:1836:1|16571:166:NO:1836:1836:1|3833:142:NO:1836:1836:1|162:37:NO:1836:1836:1|9424:166:NO:1836:1836:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:47 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
lnk.thebigadsstore.com/ref/www.altomfotball.no/
200 OK 0 B URL HTTP/2 lnk.thebigadsstore.com/ref/www.altomfotball.no/
IP
POST /ref/www.altomfotball.no/ HTTP/1.1
Host: lnk.thebigadsstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 240
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:48 GMT
content-type: text/html;charset=UTF-8
referrer-policy: no-referrer-when-downgrade
content-language: en-US
X-Firefox-Spdy: h2
www.smartredirect.de/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.cubus.com&r=https%3A%2F%2Fwww.advancedstore.com&s=oneiddMWTEfkfPqE2HxtYc7cqCDjZCeSRt9fjoneid_63be70e793093b6e0c0fe2a1-RL-290870
302 Found 0 B URL HTTP/2 www.smartredirect.de/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.cubus.com&r=https%3A%2F%2Fwww.advancedstore.com&s=oneiddMWTEfkfPqE2HxtYc7cqCDjZCeSRt9fjoneid_63be70e793093b6e0c0fe2a1-RL-290870
IP
GET /redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.cubus.com&r=https%3A%2F%2Fwww.advancedstore.com&s=oneiddMWTEfkfPqE2HxtYc7cqCDjZCeSRt9fjoneid_63be70e793093b6e0c0fe2a1-RL-290870 HTTP/1.1
Host: www.smartredirect.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://srw.bannerwidget.tech/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 11 Jan 2023 08:18:48 GMT
content-type: text/html; charset=UTF-8
location: https://de.trck.one/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.cubus.com&r=https%3A%2F%2Fwww.advancedstore.com&s=oneiddMWTEfkfPqE2HxtYc7cqCDjZCeSRt9fjoneid_63be70e793093b6e0c0fe2a1-RL-290870
cache-control: no-cache, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 11 Jan 2023 08:18:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsZIcGfOdg51qhZ%2BjkOYRP6dIRqK11wlWda68iyFnZQHOXn21%2Fdqd6wmegr27NMO%2BmQs1F4DhVh3uwfcm0KUYeYoVFyfUeH%2FSqpsJkjCj5pyIPezUBPu21YrbebNaynL634Bum5FeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787c394dffff1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
as.ad4m.at/ad/tur?a=916&c=https%3A%2F%2Fcubus.com&b=63be70e793093b6e0c0fe2a1-RL-290870
307 Temporary Redirect 0 B URL HTTP/2 as.ad4m.at/ad/tur?a=916&c=https%3A%2F%2Fcubus.com&b=63be70e793093b6e0c0fe2a1-RL-290870
IP
GET /ad/tur?a=916&c=https%3A%2F%2Fcubus.com&b=63be70e793093b6e0c0fe2a1-RL-290870 HTTP/1.1
Host: as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://srw.bannerwidget.tech/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Wed, 11 Jan 2023 08:18:48 GMT
location: https://www.smartredirect.de/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.cubus.com&r=https%3A%2F%2Fwww.advancedstore.com&s=oneiddMWTEfkfPqE2HxtYc7cqCDjZCeSRt9fjoneid_63be70e793093b6e0c0fe2a1-RL-290870
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
x-download-options: noopen
surrogate-control: no-store
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
pragma: no-cache
strict-transport-security: max-age=86400; includeSubDomains; preload
cross-origin-opener-policy: unsafe-none
referrer-policy: no-referrer-when-downgrade
expires: 0
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cross-origin-resource-policy: cross-origin
vary: accept-encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 787c394d38aab503-OSL
X-Firefox-Spdy: h2
kixa.jukminung.com/rc/19aff8b744?affclick=63be70e3620f10000164bdd8&pubid=1106_101.888.ys_22.22.930_c1a9c8a3_101.465513.us.
200 OK 0 B URL HTTP/2 kixa.jukminung.com/rc/19aff8b744?affclick=63be70e3620f10000164bdd8&pubid=1106_101.888.ys_22.22.930_c1a9c8a3_101.465513.us.
IP
GET /rc/19aff8b744?affclick=63be70e3620f10000164bdd8&pubid=1106_101.888.ys_22.22.930_c1a9c8a3_101.465513.us. HTTP/1.1
Host: kixa.jukminung.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:43 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=M6HasSw49rfkXSlAL/j+AlI6Fo6+44Wu9typtLcMXw2NbCgCkriBrksj3BTdurvCmxxVDxyR+9QuM+Z9Vq0YNHYt0pX4bhRiW1loIKKnT7oMAdR3dStiTUHXwdBD; Expires=Wed, 18 Jan 2023 08:18:43 GMT; Path=/
AWSALBCORS=M6HasSw49rfkXSlAL/j+AlI6Fo6+44Wu9typtLcMXw2NbCgCkriBrksj3BTdurvCmxxVDxyR+9QuM+Z9Vq0YNHYt0pX4bhRiW1loIKKnT7oMAdR3dStiTUHXwdBD; Expires=Wed, 18 Jan 2023 08:18:43 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCHoEbK8dbz7MW7Z85wdDnD2iVXdUEBSvLGeE%2F3GCvjBf9vvT9Td9UKOHjZgBt1yxEFd6St7HSMMrp68Esq50mZcvliFdHkf96z5Kz7SJ4HpblAmhSDzGz6zWe4qNSjmtCKSTlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787c392e7badb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.addlnk.com/redirect.css
200 OK 0 B URL HTTP/2 cdn.addlnk.com/redirect.css
IP
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kixa.jukminung.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:44 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: hoKGF2DENF0Fxpfk9aX2Txj0orTMbszygnDmGFSC4SoL/4C3WQsM9k4Y5ZmrshXNgXN64qzAUMY=
x-amz-request-id: 9NDC432NBG524RW1
cf-cache-status: HIT
age: 5181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0Is%2FvAKoBCUHzGmeTjTaWjlw5y26SLYnqpJF81BNUSEmEu6ZvJ4AZbR36q%2FWaLRw12yDY9SPgd7v%2FaA9LS5rhkSHBIndemNAEP3SFiH8s7O5FKab%2BgVYzCHHGg1TbKGjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787c393239e1fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cubus.com/no/
301 Moved Permanently 0 B IP
GET /no/ HTTP/1.1
Host: www.cubus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://srw.bannerwidget.tech/
Connection: keep-alive
Cookie: __cf_bm=15pc9dM7I_PekDdLkKZb94hlHCCXYVpGs6YtTCahahU-1673425129-0-AZ2SvLbQe+INd8zMAChhD/hTt3KPLh9Nckhc3Bu15InEGuu3x7DNKYw3kSLWU0kLvrumf1N92N6BOFbNPlEAOhjbamN5isJlVCoFg/+Y3l4h
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 11 Jan 2023 08:18:49 GMT
content-type: text/html; charset=UTF-8
location: https://cubus.com/no/
x-frame-options: SAMEORIGIN
servedby: var-p-web26
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 787c39511d6bb503-OSL
X-Firefox-Spdy: h2
de.trck.one/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_63be70e793093b6e0c0fe2a1-RL-290848
302 Found 0 B URL HTTP/2 de.trck.one/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_63be70e793093b6e0c0fe2a1-RL-290848
IP
GET /redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_63be70e793093b6e0c0fe2a1-RL-290848 HTTP/1.1
Host: de.trck.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://srw.bannerwidget.tech/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 11 Jan 2023 08:18:49 GMT
content-type: text/html; charset=UTF-8
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&custom2=3CehVcOdLl1QvVVsnfulbZ8Zh7lwoKVu63wdhCfQZTnRnp&id=e4e2e5c6-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https://www.bangerhead.no
server: nginx
cache-control: no-cache, private
X-Firefox-Spdy: h2
lnk.clickadsolutions.com/trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024
200 OK 0 B URL HTTP/2 lnk.clickadsolutions.com/trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024
IP
GET /trk/Y2x1uwhzCQUWsRki19S5Fpdr?campaignId=1998166&campaignName=NEW+-+ZP5+-+NO&cost=0.000190&keyword=mainstream&longCampaignId=7d7c3280-6dab-11ed-9d23-12beee04f19b&match=&source=vitellary-lion&target=whiskey-ria-ss9gkru3z&trafficType=POPUP&visitorType=NON-ADULT&zid=zr915092f3918811eda3c60ad2af265803f43f77c6af9b4e348cc43a6daa3e2026070376e91af8f6f970&c2=true&vpw=1280&vph=1024 HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bnr.thedataclicks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:47 GMT
content-type: text/html;charset=UTF-8
set-cookie: v=t; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Thu, 11 Jan 2024 08:18:47 GMT; Secure; SameSite=None
cas=3451:1836:1836:1; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Thu, 11 Jan 2024 08:18:47 GMT; Secure; SameSite=None
rls=290870:1836:1836:1|290838:1836:1836:1|290848:1836:1836:1|265458:1836:1836:1|291100:1836:1836:1; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Thu, 11 Jan 2024 08:18:47 GMT; Secure; SameSite=None
com=162:92:NO:1836:1836:1|16571:166:NO:1836:1836:1|3833:142:NO:1836:1836:1|162:37:NO:1836:1836:1|9424:166:NO:1836:1836:1; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Thu, 11 Jan 2024 08:18:47 GMT; Secure; SameSite=None
content-language: en-US
X-Firefox-Spdy: h2
www.ticketmaster.no/?clickId=RQA2KhR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=Eficads%20Media%20Group%20S.L.&utm_medium=affiliate&utm_campaign=1995957&utm_content=1220128_8215
200 OK 0 B URL HTTP/2 www.ticketmaster.no/?clickId=RQA2KhR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=Eficads%20Media%20Group%20S.L.&utm_medium=affiliate&utm_campaign=1995957&utm_content=1220128_8215
IP
GET /?clickId=RQA2KhR3UxyNTSdx-YVKw2naUkAwh9XpD1MORM0&irgwc=1&utm_source=Eficads%20Media%20Group%20S.L.&utm_medium=affiliate&utm_campaign=1995957&utm_content=1220128_8215 HTTP/1.1
Host: www.ticketmaster.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.performance-click.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-tmsite: TM_NO
x-build-version: production-9-394-0-4743903
cache-control: max-age=15
x-powered-by: Next.js
content-type: text/html; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
age: 0
tmps-correlation-id: e271af96-afbd-406f-84d7-89c7019adeea
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1
x-frame-options: Deny
content-security-policy: frame-ancestors 'none'; default-src https://*.safeframe.googlesyndication.com https://tpc.googlesyndication.com https://uk.tmconst.com; font-src 'self' https://uk.tmconst.com https://fonts.gstatic.com https://marketer.monetate.net/ https://cdn.smooch.io; connect-src 'self' wss://api.smooch.io wss://marketplace.prod.pub-tmaws.io https://*.ticketmaster.co.uk https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.siteintercept.qualtrics.com https://*.permutive.com https://*.prmutv.co https://*.config.smooch.io https://epsf.ticketmaster.net https://uk.tmconst.com https://checkout.ticketmaster.com https://venueview.io-virtualvenue.com https://pubads.g.doubleclick.net https://securepubads.g.doubleclick.net https://siteintercept.qualtrics.com https://stats.g.doubleclick.net https://pagead2.googlesyndication.com https://d2v54wjmlooyi.cloudfront.net https://csi.gstatic.com https://venue.tmol.co https://adservice.google.com https://www.google.com https://analytics.tiktok.com https://ib.adnxs.com https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://api.smooch.io https://app.ticketmaster.com https://mapsapi.tmol.co https://availability.ticketmaster.eu https://www.ticketmaster.no https://analytics.ticketmaster.no https://identity.ticketmaster.no https://app.ticketmaster.eu https://pubapi.ticketmaster.com; prefetch-src https://uk.tmconst.com https://pubapi.ticketmaster.com/sdk/ras-sdk-v0.js; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googletagmanager.com https://*.siteintercept.qualtrics.com https://*.collect.igodigital.com https://epsf.ticketmaster.net https://uk.tmconst.com https://venueview.io-virtualvenue.com https://polyfill.io https://af.monetate.net https://f.monetate.net https://se.monetate.net https://sb.monetate.net https://marketer.monetate.net/ https://www.googletagservices.com https://www.google-analytics.com https://pagead2.googlesyndication.com https://siteintercept.qualtrics.com https://d2v54wjmlooyi.cloudfront.net/ssp/libs/prod/fanbuilder/v2/fanbuilder.js https://cdn.smooch.io https://api.smooch.io https://cdn.distiltag.com https://widget.ticketmaster.eu https://securepubads.g.doubleclick.net https://adservice.google.ae https://adservice.google.at https://adservice.google.be https://adservice.google.ca https://adservice.google.ch https://adservice.google.co.il https://adservice.google.co.jp https://adservice.google.co.uk https://adservice.google.co.nz https://adservice.google.com https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.mx https://adservice.google.com.ph https://adservice.google.com.sa https://adservice.google.com.ua https://adservice.google.cz https://adservice.google.de https://adservice.google.dk https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ie https://adservice.google.it https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.se https://analytics.twitter.com https://analytics.tiktok.com https://connect.facebook.net https://googleads.g.doubleclick.net https://media.ticketmaster.co.uk https://static.ads-twitter.com https://www.googleadservices.com https://cdn.ampproject.org https://tpc.googlesyndication.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com/pagead/conversion_async.js https://api.permutive.com https://cdn.permutive.com https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://s1.ticketm.net/tm/en-us/img/static/tmcore/web-vitals.umd.js https://s.adroll.com/ https://d.adroll.com/ https://s.pinimg.com/ https://swrap.tradedoubler.com https://www.sc.pages06.net https://identity.ticketmaster.no https://my.ticketmaster.com https://secure-entry.ticketmaster.com https://pubapi.ticketmaster.com/sdk/ras-sdk-v0.js; style-src 'unsafe-inline' https://marketer.monetate.net/ https://fonts.googleapis.com/ https://cdn.smooch.io/; frame-src https://*.safeframe.googlesyndication.com https://*.siteintercept.qualtrics.com https://*.fls.doubleclick.net https://player.vimeo.com https://tpc.googlesyndication.com https://sb.monetate.net https://www.google.com/recaptcha/ https://www.youtube.com https://media.ticketmaster.co.uk https://cookies.onetrust.mgr.consensu.org/ https://bid.g.doubleclick.net https://securepubads.g.doubleclick.net https://identity.ticketmaster.no https://www.ticketmaster.no https://my.ticketmaster.com; img-src data: 'self' http://track.adform.net/ http://s0.2mdn.net/ https://*.googletagmanager.com https://*.google-analytics.com https://*.fls.doubleclick.net https://*.googleusercontent.com https://uk.tmconst.com https://cbt-assets.tmconst.com https://media.ticketmaster.eu https://media-staging.mfol.eu-west-1.pci.public.tmaws.eu https://s1.ticketm.net https://www.facebook.com https://nova.collect.igodigital.com https://eu.qualtrics.com https://af.monetate.net https://f.monetate.net https://marketer.monetate.net/ https://tpc.googlesyndication.com https://www.google.ae https://www.google.at https://www.google.be https://www.google.ca https://www.google.ch https://www.google.cl https://www.google.co.in https://www.google.co.jp https://www.google.co.uk https://www.google.co.nz https://www.google.co.za https://www.google.com https://www.google.com.au https://www.google.com.br https://www.google.com.co https://www.google.com.ec https://www.google.com.eg https://www.google.com.gt https://www.google.com.mx https://www.google.com.ph https://www.google.com.sa https://www.google.com.ua https://www.google.cz https://www.google.de https://www.google.dk https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ie https://www.google.it https://www.google.nl https://www.google.no https://www.google.pl https://www.google.rs https://www.google.ru https://www.google.se https://ad.doubleclick.net https://cm.g.doubleclick.net https://securepubads.g.doubleclick.net https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://prismic-images.tmol.io https://i.ytimg.com/ https://i.vimeocdn.com/ https://media.ticketmaster.co.uk https://s3.eu-west-2.amazonaws.com/onsale-img/tmimages/TM_GenCatImgs_Generic.jpg https://s3.eu-west-2.amazonaws.com/onsale-img/tmimages/TM_GenCatImgs_Music.jpg https://s3.eu-west-1.amazonaws.com/ https://cx.atdmt.com https://venueview.io-virtualvenue.com https://secure.adnxs.com https://t.co https://analytics.twitter.com https://ads.avocet.io https://ads.avct.cloud https://googlesync.permutive.com/ https://cdn.cookielaw.org/ https://pixel.quantserve.com https://www.gstatic.com/ https://image.mailing.ticketmaster.com/ https://cdn.smooch.io https://media.smooch.io https://ct.pinterest.com/ https://sp.analytics.yahoo.com/ https://www.pages06.net/ https://identity.ticketmaster.no https://mapsapi.tmol.co; media-src https://uk.tmconst.com/; object-src 'none'; base-uri 'self'; worker-src 'self' blob: https://www.google.com/recaptcha/; child-src blob: https://*.siteintercept.qualtrics.com; report-uri https://analytics.ticketmaster.no/api/reports
x-fastly: ICCP-GLOBAL-PROD
fastly-restarts: 1
x-origin-name: 1GUugFzYescHPg4UVycAKL--F_iccp
date: Wed, 11 Jan 2023 08:18:49 GMT
x-served-by: cache-bma1645-BMA, cache-bma1645-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
content-length: 71311
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
200 OK 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cewe.no/
content-type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: cb626798-d97b-4786-b034-8916335f8330
Origin: https://www.cewe.no
Content-Length: 7090
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 08:18:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"535-pycuj9Y+K6uUA9ky2RKnjDa7bZU"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
34.91.234.242
169.48.74.205
95.101.11.115
193.169.77.7
104.18.28.45
51.83.143.92
35.187.21.229
93.184.220.29
52.16.102.249
51.161.115.163