Report - aferyprawa.com/

Report Overview

Submitted URL
aferyprawa.com/
IP
208.91.196.105
ASN
#40034 CONFLUENCE-NETWORK-INC
Submitted
2022-11-26 10:25:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.166.172.24
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.5 kB	142.250.74.164
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	54 kB	142.250.74.168
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	869 B	757 B	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
trnadszc.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	2.9 kB	208.91.196.46
no-go.kelkoogroup.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	33 kB	95.211.116.27
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.3
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	890 B	1.9 kB	142.250.74.162
aferyprawa.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	900 B	5.5 kB	208.91.196.105
r.redirekted.com	645251	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	12 kB	66.165.243.160
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.3 kB	93.184.220.29
dd.kelkoogroup.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	613 B	44 kB	54.230.111.104
dyrenesverden.no	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	25 kB	423 kB	178.79.147.49
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	42 kB	142.250.74.174
s.kk-resources.com	38577	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	3.3 kB	143.204.55.123
s.kelkoogroup.net	316265	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	912 B	1.1 kB	185.60.164.26
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	605 B	711 B	142.251.1.154

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	aferyprawa.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	aferyprawa.com/	18 B	2023-03-07	2023-04-05
Pretty URL aferyprawa.com/ IP 208.91.196.105 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:06 Last Seen2023-04-05 02:08:56 Times Seen93 Hash 2ced56afe3b74ea411a29222a1f4bb3c 9a11311fee301eb73df76aef430863311f06e5d5 d2e0d675c771cab20f63f13aa3e09d55fd24a3b7dbc81539fcd2b14d91f2eb81 Loading...

	trnadszc.com/trf?&o=6vOt1D1HVEWEq2rh2exx43OhkQRpsWacrPlBaNsPVb67bX%2BQd45PJQmJVui22x24KHtmWi54jI%2BZwEi%2BPD64ivZFzJz8CGHeyAIxEKEIPAj77X6yMhwumUw3z9XiZqWcFpygXje%2FUBMNic4FP6aPDn7r3Ys%2FdpFoD4oOIfpgt%2FLxH8KyRJXIQFJuMEMEDLs%2F5sPNVpuf0ItOWD7norpa9royACPYB5BHqX5NYCCx2Tu9WFsl4TJfLvH1FcXKcdfbbGOhcs3unzF2sXVpoZktOSS%2Bwt9FTY5GXb5vDSIyY%2BJu9%2Fteor9mJEXmVGGKk4wHGCclrLyJOyqPFqZgBQJGSBXsRDnBJbCMu0zzXva4R37Q1ejzdd9N3bP7TioMhM8uXy2CpEc7TA8gvw%2FjZpyVvFwfeVtuDZx2dueR3NPgCCp3HaIvAMnYgGTaqSBAQn3x&c=21234170039322003834885&n=VVqTgx6Tocz9tdhQ4JoIi6TjR0Wvcw9QaX99JjQqGbSXW6Q2xT47pp9p5V0RiU%2FjiQOQZI53V2m2ntG9acnJBsnuVcDmxp511VD14fIYJc9q8iRmSoMVKP30IqvYqyHjX384CG7yJfqHt%2F4ibH5tyGEyW6D5Hud9SrHAqhYRfyUUY44%2BBprCx6ZpX%2B%2FkFQ4wC0NbDEks1uf6Vm9i7b8%2BE7BmEqkneXfo7fri4ZANxtp6RziAQEX5p%2BzrhI%2BU81ezRkKCcvqbeUcISpy1w%2F62HTt2oBxocxmefmXt56iOEAIyJb4tIeC5OGQXXzKjZODEwr2wVKuWsdDxyZZOXO9wuBhHChhrkgBqaUnbkICFKYemZSRQ5nJOyk8LyLLlklx0wGiS7KypJ%2FbjE%2FljU%2F1JK9pJLIj0ilaxFwddHDxt5WdaC%2Fd2eYxVM0okI83YMt8oYjauzm7UhhOooMo93EQ0EqjszpCIaaNTiJpAFnkJydCaUOk6lnlsO9qi8bioMomvIMMx9D%2F1q1RL852%2B5DcoZOUcFYfnK0B7U1DrAsUmzHfFaJpcJ%2FZQ03ku2JcE3RVsdv3362uf4HHH6ei4k%2FCOZaVOolGylgo7KBB8XlTNUhHzKp%2B8tEOvqrm3AfKkftTy&kgp=0&jccheck=1	2.0 kB	2023-03-11	2023-03-11
Pretty URL trnadszc.com/trf?&o=6vOt1D1HVEWEq2rh2exx43OhkQRpsWacrPlBaNsPVb67bX%2BQd45PJQmJVui22x24KHtmWi54jI%2BZwEi%2BPD64ivZFzJz8CGHeyAIxEKEIPAj77X6yMhwumUw3z9XiZqWcFpygXje%2FUBMNic4FP6aPDn7r3Ys%2FdpFoD4oOIfpgt%2FLxH8KyRJXIQFJuMEMEDLs%2F5sPNVpuf0ItOWD7norpa9royACPYB5BHqX5NYCCx2Tu9WFsl4TJfLvH1FcXKcdfbbGOhcs3unzF2sXVpoZktOSS%2Bwt9FTY5GXb5vDSIyY%2BJu9%2Fteor9mJEXmVGGKk4wHGCclrLyJOyqPFqZgBQJGSBXsRDnBJbCMu0zzXva4R37Q1ejzdd9N3bP7TioMhM8uXy2CpEc7TA8gvw%2FjZpyVvFwfeVtuDZx2dueR3NPgCCp3HaIvAMnYgGTaqSBAQn3x&c=21234170039322003834885&n=VVqTgx6Tocz9tdhQ4JoIi6TjR0Wvcw9QaX99JjQqGbSXW6Q2xT47pp9p5V0RiU%2FjiQOQZI53V2m2ntG9acnJBsnuVcDmxp511VD14fIYJc9q8iRmSoMVKP30IqvYqyHjX384CG7yJfqHt%2F4ibH5tyGEyW6D5Hud9SrHAqhYRfyUUY44%2BBprCx6ZpX%2B%2FkFQ4wC0NbDEks1uf6Vm9i7b8%2BE7BmEqkneXfo7fri4ZANxtp6RziAQEX5p%2BzrhI%2BU81ezRkKCcvqbeUcISpy1w%2F62HTt2oBxocxmefmXt56iOEAIyJb4tIeC5OGQXXzKjZODEwr2wVKuWsdDxyZZOXO9wuBhHChhrkgBqaUnbkICFKYemZSRQ5nJOyk8LyLLlklx0wGiS7KypJ%2FbjE%2FljU%2F1JK9pJLIj0ilaxFwddHDxt5WdaC%2Fd2eYxVM0okI83YMt8oYjauzm7UhhOooMo93EQ0EqjszpCIaaNTiJpAFnkJydCaUOk6lnlsO9qi8bioMomvIMMx9D%2F1q1RL852%2B5DcoZOUcFYfnK0B7U1DrAsUmzHfFaJpcJ%2FZQ03ku2JcE3RVsdv3362uf4HHH6ei4k%2FCOZaVOolGylgo7KBB8XlTNUhHzKp%2B8tEOvqrm3AfKkftTy&kgp=0&jccheck=1 IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:48 Last Seen2023-03-11 20:37:48 Times Seen1 Hash a70521182fdddd79e34c6607a4d97ca0 74a730e02a40334d86679f3bf7a0fd91a6bc9631 041dfb517af394f30e05f84b48bf00862e3654e019a466414e5f588212ea2d26 Loading...

	dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick	2.7 kB	2023-03-11	2023-03-11
Pretty URL dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick IP 178.79.147.49 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:48 Last Seen2023-03-11 20:37:48 Times Seen1 Hash 0d149f0b56ea2427088c474e660d3d32 40c3abdfa7b7797542eb1610deabc3c8ce4a1812 df77ad9849f56e09d75a87cc019247fdd3618240022f4a9e8bee69c68b91c186 Loading...

	www.googletagmanager.com/gtag/js?id=AW-833441087	138 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-833441087 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:48 Last Seen2023-03-11 20:37:48 Times Seen1 Hash fd9bf951770ed9a639ba0099522303ad 3d9f7e494c71817460329c52292835161643cd6e 293f66ecde8fa737fe976d96d28c06b5d31a12568fe031d25bd59b519002072f Loading...

	aferyprawa.com/px.js?ch=1	346 B	2023-03-07	2024-04-26
Pretty URL aferyprawa.com/px.js?ch=1 IP 208.91.196.105 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 06:53:48 Times Seen43546 Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 Loading...

	aferyprawa.com/	506 B	2023-03-11	2023-03-11
Pretty URL aferyprawa.com/ IP 208.91.196.105 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:48 Last Seen2023-03-11 20:37:48 Times Seen1 Hash bd5ad5fada0486525c8102e440fa1e5c ec764536a5e395579d581ef768190de612818696 fa1ca93584211cc8bbb977b62e45550e2fe9abf90518a5f5d2e79ce2823ad887 Loading...

	aferyprawa.com/	37 B	2023-03-07	2024-04-26
Pretty URL aferyprawa.com/ IP 208.91.196.105 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 06:53:48 Times Seen12201 Hash fcd7b94e73a1f9cc8807da94baec6354 088ae01bf28379b61fd5a322034c8c618d3f2b23 0361577e582e091d8656bc3ffeeafc27c0607530e2000d55772674122d703253 Loading...

	aferyprawa.com/	3.5 kB	2023-03-11	2023-03-11
Pretty URL aferyprawa.com/ IP 208.91.196.105 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash 845184953cb22edb17453d09e9f43cb5 f2a900ad1aa328a3112b98f30897fd9853b36563 a266ca6d23ad7139391536b0b86781cde1f1dca0a67e1d1f570b71dc5d7558ea Loading...

	r.redirekted.com/go?e=04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW	1.7 kB	2023-03-11	2023-03-11
Pretty URL r.redirekted.com/go?e=04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW IP 66.165.243.160 ASN #29802 HVC-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash ae94c427dd4d154842ed6f65d19fe5ae a49394a8a9fb5237245ab4d98d665d999a458af4 a644c557fbb83f681c42f9e8dd37bc5cb551c203f5acf7a43bbbf73718664971 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	r.redirekted.com/js/adren.min.js?n=2735213388	7.5 kB	2023-03-08	2023-03-14
Pretty URL r.redirekted.com/js/adren.min.js?n=2735213388 IP 66.165.243.160 ASN #29802 HVC-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:11:25 Last Seen2023-03-14 08:42:01 Times Seen1 Hash 9a9ec61d7e275f25fe83f0aa93bd2e41 8a3a23c432b601e9f8f8fe2b61f0fedbc341c9ac 55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE	17 kB	2023-03-11	2023-03-11
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash 7a65b9d8a5516386459c12bed648fcc3 2b9a4f5a613b87decebf0794ff311f6defbe3c7c c400e7678ebf5b5408e5c88454bb51c6b526095c32497b7b41cecbb75187bee1 Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE	1.6 kB	2023-03-11	2023-03-11
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash 3ebba429cbfe72b8a33e314d5d0c1bf6 4ded5519996f36dd7618709df352b353ea421e61 4413db7008ae525b2dad09f965dc32588a8c66a26150a6aab3f005f9d943abaf Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 07:57:50 Times Seen37086792 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	s.kk-resources.com/leadtag.js	6.9 kB	2023-03-07	2023-03-17
Pretty URL s.kk-resources.com/leadtag.js IP 143.204.55.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2023-03-17 12:43:10 Times Seen1 Hash a061caddf9a72996f38089e304bcd23e 8ff3f9a24060381804f08f536577c042461e1ad3 c2fc5dec89e84862f73de94802749b7b94af9ee4af0b6c3d653b965318188e44 Loading...

	www.google-analytics.com/plugins/ua/ec.js	2.8 kB	2023-03-07	2024-04-24
Pretty URL www.google-analytics.com/plugins/ua/ec.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 19:10:50 Times Seen1644 Hash 7b430c6350a59a7cf22b9adeccba327b b48d3c289bcb6809bb52fffd8f013055ed6bcd65 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Loading...

	aferyprawa.com/	8 B	2023-03-07	2024-04-26
Pretty URL aferyprawa.com/ IP 208.91.196.105 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 06:53:48 Times Seen10798 Hash 883fa82f6169ed5ddd95e0c34cf36450 52fcfe1e375b542d4847a9c963bff266b98bfbc2 dca6253c1f2bdadb922b559c83bee52fbe1411e3a159adcb922ff3b45c623185 Loading...

	r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24	193 B	2023-03-11	2023-03-11
Pretty URL r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24 IP 66.165.243.160 ASN #29802 HVC-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash 186daac4a122ae3a6966dee5d81216ca 8170b5b99b1540bbdb80477388b57ead90724f2f 18c146452863b68aa65ae7b6f2c7ee086c94342aaad3996bcc0b20c17fff9937 Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE	9.4 kB	2023-03-11	2023-03-11
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash eb653d60e1cc4937b39d806dd3f097f8 d74387093700c5e1207877b6254eb621350618b9 fe37eb54db1b103d1a9ce35a2f750f6d02d0efc2bfbace56c5e6747da4f09181 Loading...

	dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick	4.2 kB	2023-03-11	2023-03-11
Pretty URL dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick IP 178.79.147.49 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash ea68ad23a032a3c2c3f3a67b655e576c bdbf5996b4e9dfb8a0a353934a4e8491b5b86399 fb40caf7bb3c4386c50ee6f889eaadccabcf116ecf5b784d54c924d0f9b85bf2 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669458334636&cv=11&fst=1669458334636&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&auid=1478447067.1669458335&data=event%3Dgtag.config&rfmt=3&fmt=4	2.3 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669458334636&cv=11&fst=1669458334636&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&auid=1478447067.1669458335&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:37:49 Last Seen2023-03-11 20:37:49 Times Seen1 Hash 8858e82b4fc1a6b7de80f9422af0bedc 86994daf0d3c4d8efcbfbef577f0f234de138d37 984108da750dcfd0473f747529b795a40c82accdae5011db734129e5d0194aad Loading...

		Size	First Seen	Last Seen
	#1 Eval - db18126967cfe9a70d85e14f7a670c95	1.8 kB	2023-03-07	2024-04-06
Pretty Observations First Seen2023-03-07 12:08:47 Last Seen2024-04-06 10:35:14 Times Seen115 Hash db18126967cfe9a70d85e14f7a670c95 8241095d9a5b8dc980a83b8f6abf3c741e9d578f 07790e038b8517f03bc5090d9fcc772213de917aeedc3d349da4df4a5d31e360 Loading...

HTTP Transactions (87)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7533
Expires: Sat, 26 Nov 2022 12:31:04 GMT
Date: Sat, 26 Nov 2022 10:25:31 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:31 GMT
Last-Modified: Sat, 26 Nov 2022 09:11:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 10:17:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 479
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10206
Expires: Sat, 26 Nov 2022 13:15:37 GMT
Date: Sat, 26 Nov 2022 10:25:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: HDPHtAJlA4vdCNN8Ix9U1B+Sn4cPHr5cYyI6o7fLRCCEDQDiFwgaXY+PJW3T/c0qoBmBmIvERbc=
x-amz-request-id: B5AY2N48T9X0GKGS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 09:41:09 GMT
age: 2662
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 10:25:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 10:11:12 GMT
cache-control: public,max-age=3600
age: 859
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6492
Cache-Control: max-age=88172
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:31 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:55:03 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.166.172.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.166.172.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EHUe4GT3ARDvi93O/8qL4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WwrVu5zFV4tHLnYXo/xwdv3fQ80=

aferyprawa.com/

208.91.196.105

200 OK

2.3 kB

URL HTTP/1.1
aferyprawa.com/
IP
208.91.196.105:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1649)
Size
2.3 kB (2304 bytes)
Hash
f7f29d46c523c2cc9a796fd50e4e8a13
2d1d39c51a02139f3a8061b0b3f2c8b9664008dc
6e2d245e4f62aef4abc75c8be6b3daf4ca077eeb50cb5f74fa6dc4e42ab8ec91

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: aferyprawa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:31 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Cache-Control: private, no-cache
Pragma: no-cache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_IPgucGoQJv13zKKSkNoekEU4wVtimXvJlF3yZ3/2fPdcUuwunBWa7cxsypcWAyuzBWrQX5ZBhHDgLj18agoD/g==
Cteonnt-Length: 7575
Keep-Alive: timeout=5, max=125
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Length: 2304

aferyprawa.com/px.js?ch=1

208.91.196.105

200 OK

346 B

URL HTTP/1.1
aferyprawa.com/px.js?ch=1
IP
208.91.196.105:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

HTTP Headers

GET /px.js?ch=1 HTTP/1.1
Host: aferyprawa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aferyprawa.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:32 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=107
Connection: Keep-Alive
Content-Type: application/javascript

aferyprawa.com/px.js?ch=2

208.91.196.105

200 OK

346 B

URL HTTP/1.1
aferyprawa.com/px.js?ch=2
IP
208.91.196.105:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with very long lines (346), with no line terminators
Size
346 B (346 bytes)
Hash
f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584

HTTP Headers

GET /px.js?ch=2 HTTP/1.1
Host: aferyprawa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aferyprawa.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:32 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=105
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 10:25:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 10:25:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 10:25:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Sat, 26 Nov 2022 12:00:33 GMT
Date: Sat, 26 Nov 2022 10:25:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 29150
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 23395
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 43611
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 45413
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9787 bytes)
Hash
95101ded0fe92a85649a086992948008
afed98649590f2524a9e530c53eebbc1ba36da6a
7f754cb2105494045efe657c47313e77bb26361ca45a6f8cbce1fdb52a15ba01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9787
x-amzn-requestid: 51d9848a-868c-4e51-b1a8-30596d0108b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUfxHjToAMFeGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813464-749244df2aa06b23445d675c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wkBPzz1thuM-Nm7rBY68psfSROU1fbCCO-TbpBBrYLQmH1ZxQEV1vg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:47:48 GMT
age: 45465
etag: "afed98649590f2524a9e530c53eebbc1ba36da6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9011 bytes)
Hash
d30923b7d20eeb37527255c3ee1da34f
bed54bd4f659fbf29834b262e9179df7e7bc56a6
3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9011
x-amzn-requestid: f0e83373-0f65-4358-a902-45f2e9c24c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUfPHzAoAMF4ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813461-19e037da49c44e4363bbe8f0;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N2zsqycYk04GXPSMhxJKCrX84Asqzq8UNIFTYg2hJllP4fTGXzwEuA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:16:10 GMT
age: 43763
etag: "bed54bd4f659fbf29834b262e9179df7e7bc56a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

trnadszc.com/trf?&o=6vOt1D1HVEWEq2rh2exx43OhkQRpsWacrPlBaNsPVb67bX%2BQd45PJQmJVui22x24KHtmWi54jI%2BZwEi%2BPD64ivZFzJz8CGHeyAIxEKEIPAj77X6yMhwumUw3z9XiZqWcFpygXje%2FUBMNic4FP6aPDn7r3Ys%2FdpFoD4oOIfpgt%2FLxH8KyRJXIQFJuMEMEDLs%2F5sPNVpuf0ItOWD7norpa9royACPYB5BHqX5NYCCx2Tu9WFsl4TJfLvH1FcXKcdfbbGOhcs3unzF2sXVpoZktOSS%2Bwt9FTY5GXb5vDSIyY%2BJu9%2Fteor9mJEXmVGGKk4wHGCclrLyJOyqPFqZgBQJGSBXsRDnBJbCMu0zzXva4R37Q1ejzdd9N3bP7TioMhM8uXy2CpEc7TA8gvw%2FjZpyVvFwfeVtuDZx2dueR3NPgCCp3HaIvAMnYgGTaqSBAQn3x&c=21234170039322003834885&n=VVqTgx6Tocz9tdhQ4JoIi6TjR0Wvcw9QaX99JjQqGbSXW6Q2xT47pp9p5V0RiU%2FjiQOQZI53V2m2ntG9acnJBsnuVcDmxp511VD14fIYJc9q8iRmSoMVKP30IqvYqyHjX384CG7yJfqHt%2F4ibH5tyGEyW6D5Hud9SrHAqhYRfyUUY44%2BBprCx6ZpX%2B%2FkFQ4wC0NbDEks1uf6Vm9i7b8%2BE7BmEqkneXfo7fri4ZANxtp6RziAQEX5p%2BzrhI%2BU81ezRkKCcvqbeUcISpy1w%2F62HTt2oBxocxmefmXt56iOEAIyJb4tIeC5OGQXXzKjZODEwr2wVKuWsdDxyZZOXO9wuBhHChhrkgBqaUnbkICFKYemZSRQ5nJOyk8LyLLlklx0wGiS7KypJ%2FbjE%2FljU%2F1JK9pJLIj0ilaxFwddHDxt5WdaC%2Fd2eYxVM0okI83YMt8oYjauzm7UhhOooMo93EQ0EqjszpCIaaNTiJpAFnkJydCaUOk6lnlsO9qi8bioMomvIMMx9D%2F1q1RL852%2B5DcoZOUcFYfnK0B7U1DrAsUmzHfFaJpcJ%2FZQ03ku2JcE3RVsdv3362uf4HHH6ei4k%2FCOZaVOolGylgo7KBB8XlTNUhHzKp%2B8tEOvqrm3AfKkftTy&kgp=0&jccheck=1

208.91.196.46

200 OK

1.3 kB

URL HTTP/1.1
trnadszc.com/trf?&o=6vOt1D1HVEWEq2rh2exx43OhkQRpsWacrPlBaNsPVb67bX%2BQd45PJQmJVui22x24KHtmWi54jI%2BZwEi%2BPD64ivZFzJz8CGHeyAIxEKEIPAj77X6yMhwumUw3z9XiZqWcFpygXje%2FUBMNic4FP6aPDn7r3Ys%2FdpFoD4oOIfpgt%2FLxH8KyRJXIQFJuMEMEDLs%2F5sPNVpuf0ItOWD7norpa9royACPYB5BHqX5NYCCx2Tu9WFsl4TJfLvH1FcXKcdfbbGOhcs3unzF2sXVpoZktOSS%2Bwt9FTY5GXb5vDSIyY%2BJu9%2Fteor9mJEXmVGGKk4wHGCclrLyJOyqPFqZgBQJGSBXsRDnBJbCMu0zzXva4R37Q1ejzdd9N3bP7TioMhM8uXy2CpEc7TA8gvw%2FjZpyVvFwfeVtuDZx2dueR3NPgCCp3HaIvAMnYgGTaqSBAQn3x&c=21234170039322003834885&n=VVqTgx6Tocz9tdhQ4JoIi6TjR0Wvcw9QaX99JjQqGbSXW6Q2xT47pp9p5V0RiU%2FjiQOQZI53V2m2ntG9acnJBsnuVcDmxp511VD14fIYJc9q8iRmSoMVKP30IqvYqyHjX384CG7yJfqHt%2F4ibH5tyGEyW6D5Hud9SrHAqhYRfyUUY44%2BBprCx6ZpX%2B%2FkFQ4wC0NbDEks1uf6Vm9i7b8%2BE7BmEqkneXfo7fri4ZANxtp6RziAQEX5p%2BzrhI%2BU81ezRkKCcvqbeUcISpy1w%2F62HTt2oBxocxmefmXt56iOEAIyJb4tIeC5OGQXXzKjZODEwr2wVKuWsdDxyZZOXO9wuBhHChhrkgBqaUnbkICFKYemZSRQ5nJOyk8LyLLlklx0wGiS7KypJ%2FbjE%2FljU%2F1JK9pJLIj0ilaxFwddHDxt5WdaC%2Fd2eYxVM0okI83YMt8oYjauzm7UhhOooMo93EQ0EqjszpCIaaNTiJpAFnkJydCaUOk6lnlsO9qi8bioMomvIMMx9D%2F1q1RL852%2B5DcoZOUcFYfnK0B7U1DrAsUmzHfFaJpcJ%2FZQ03ku2JcE3RVsdv3362uf4HHH6ei4k%2FCOZaVOolGylgo7KBB8XlTNUhHzKp%2B8tEOvqrm3AfKkftTy&kgp=0&jccheck=1
IP
208.91.196.46:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (440)
Size
1.3 kB (1319 bytes)
Hash
2cb72f6a7eeaaa84ef1f85b4833fed30
35fb44d4a19e6a26fcc4a6c2504ddd95b06ab2e5
577a240ea76342648bcacebfeb01ff284ef6766667a92ddb45aacf3df845df3c

HTTP Headers

GET /trf?&o=6vOt1D1HVEWEq2rh2exx43OhkQRpsWacrPlBaNsPVb67bX%2BQd45PJQmJVui22x24KHtmWi54jI%2BZwEi%2BPD64ivZFzJz8CGHeyAIxEKEIPAj77X6yMhwumUw3z9XiZqWcFpygXje%2FUBMNic4FP6aPDn7r3Ys%2FdpFoD4oOIfpgt%2FLxH8KyRJXIQFJuMEMEDLs%2F5sPNVpuf0ItOWD7norpa9royACPYB5BHqX5NYCCx2Tu9WFsl4TJfLvH1FcXKcdfbbGOhcs3unzF2sXVpoZktOSS%2Bwt9FTY5GXb5vDSIyY%2BJu9%2Fteor9mJEXmVGGKk4wHGCclrLyJOyqPFqZgBQJGSBXsRDnBJbCMu0zzXva4R37Q1ejzdd9N3bP7TioMhM8uXy2CpEc7TA8gvw%2FjZpyVvFwfeVtuDZx2dueR3NPgCCp3HaIvAMnYgGTaqSBAQn3x&c=21234170039322003834885&n=VVqTgx6Tocz9tdhQ4JoIi6TjR0Wvcw9QaX99JjQqGbSXW6Q2xT47pp9p5V0RiU%2FjiQOQZI53V2m2ntG9acnJBsnuVcDmxp511VD14fIYJc9q8iRmSoMVKP30IqvYqyHjX384CG7yJfqHt%2F4ibH5tyGEyW6D5Hud9SrHAqhYRfyUUY44%2BBprCx6ZpX%2B%2FkFQ4wC0NbDEks1uf6Vm9i7b8%2BE7BmEqkneXfo7fri4ZANxtp6RziAQEX5p%2BzrhI%2BU81ezRkKCcvqbeUcISpy1w%2F62HTt2oBxocxmefmXt56iOEAIyJb4tIeC5OGQXXzKjZODEwr2wVKuWsdDxyZZOXO9wuBhHChhrkgBqaUnbkICFKYemZSRQ5nJOyk8LyLLlklx0wGiS7KypJ%2FbjE%2FljU%2F1JK9pJLIj0ilaxFwddHDxt5WdaC%2Fd2eYxVM0okI83YMt8oYjauzm7UhhOooMo93EQ0EqjszpCIaaNTiJpAFnkJydCaUOk6lnlsO9qi8bioMomvIMMx9D%2F1q1RL852%2B5DcoZOUcFYfnK0B7U1DrAsUmzHfFaJpcJ%2FZQ03ku2JcE3RVsdv3362uf4HHH6ei4k%2FCOZaVOolGylgo7KBB8XlTNUhHzKp%2B8tEOvqrm3AfKkftTy&kgp=0&jccheck=1 HTTP/1.1
Host: trnadszc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aferyprawa.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:33 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Cache-Control: private, no-cache
Pragma: no-cache
Cteonnt-Length: 3172
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Content-Length: 1319

trnadszc.com/favicon.ico

208.91.196.46

404 Not Found

30 B

URL HTTP/1.1
trnadszc.com/favicon.ico
IP
208.91.196.46:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
c4609c83d6054d974c265b208bdc2a21
7e963e7185900347babd1f2797312c0ca21fa4ae
6cd85e3008758f2e06eeff9efdf9b4ad2981f6654f87918d155b0aced68d959a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trnadszc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://trnadszc.com/trf?&o=6vOt1D1HVEWEq2rh2exx43OhkQRpsWacrPlBaNsPVb67bX%2BQd45PJQmJVui22x24KHtmWi54jI%2BZwEi%2BPD64ivZFzJz8CGHeyAIxEKEIPAj77X6yMhwumUw3z9XiZqWcFpygXje%2FUBMNic4FP6aPDn7r3Ys%2FdpFoD4oOIfpgt%2FLxH8KyRJXIQFJuMEMEDLs%2F5sPNVpuf0ItOWD7norpa9royACPYB5BHqX5NYCCx2Tu9WFsl4TJfLvH1FcXKcdfbbGOhcs3unzF2sXVpoZktOSS%2Bwt9FTY5GXb5vDSIyY%2BJu9%2Fteor9mJEXmVGGKk4wHGCclrLyJOyqPFqZgBQJGSBXsRDnBJbCMu0zzXva4R37Q1ejzdd9N3bP7TioMhM8uXy2CpEc7TA8gvw%2FjZpyVvFwfeVtuDZx2dueR3NPgCCp3HaIvAMnYgGTaqSBAQn3x&c=21234170039322003834885&n=VVqTgx6Tocz9tdhQ4JoIi6TjR0Wvcw9QaX99JjQqGbSXW6Q2xT47pp9p5V0RiU%2FjiQOQZI53V2m2ntG9acnJBsnuVcDmxp511VD14fIYJc9q8iRmSoMVKP30IqvYqyHjX384CG7yJfqHt%2F4ibH5tyGEyW6D5Hud9SrHAqhYRfyUUY44%2BBprCx6ZpX%2B%2FkFQ4wC0NbDEks1uf6Vm9i7b8%2BE7BmEqkneXfo7fri4ZANxtp6RziAQEX5p%2BzrhI%2BU81ezRkKCcvqbeUcISpy1w%2F62HTt2oBxocxmefmXt56iOEAIyJb4tIeC5OGQXXzKjZODEwr2wVKuWsdDxyZZOXO9wuBhHChhrkgBqaUnbkICFKYemZSRQ5nJOyk8LyLLlklx0wGiS7KypJ%2FbjE%2FljU%2F1JK9pJLIj0ilaxFwddHDxt5WdaC%2Fd2eYxVM0okI83YMt8oYjauzm7UhhOooMo93EQ0EqjszpCIaaNTiJpAFnkJydCaUOk6lnlsO9qi8bioMomvIMMx9D%2F1q1RL852%2B5DcoZOUcFYfnK0B7U1DrAsUmzHfFaJpcJ%2FZQ03ku2JcE3RVsdv3362uf4HHH6ei4k%2FCOZaVOolGylgo7KBB8XlTNUhHzKp%2B8tEOvqrm3AfKkftTy&kgp=0&jccheck=1
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 10:25:33 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
ntCoent-Length: 10
Keep-Alive: timeout=5, max=114
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Cache-Control: private
Content-Encoding: gzip
Content-Length: 30

r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24

66.165.243.160

200 OK

794 B

URL HTTP/1.1
r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24
IP
66.165.243.160:0
ASN
#29802 HVC-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Size
794 B (794 bytes)
Hash
6587e50ed54eeb1f4df417f7f5ce392c
fedc8a7250e0c2a21d318c8d39f5c0a1542b7cd1
5d56d853484ec1308ba975787b84eeaf1c1c7cf10d5935aede063dff157e8b4a

HTTP Headers

GET /redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://trnadszc.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 26 Nov 2022 10:25:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14

r.redirekted.com/css/adren.css?n=2735213388

66.165.243.160

200 OK

243 B

URL HTTP/1.1
r.redirekted.com/css/adren.css?n=2735213388
IP
66.165.243.160:0
ASN
#29802 HVC-AS

File type
ASCII text
Size
243 B (243 bytes)
Hash
f72acd3fece9f7cf58643616c745b2ea
92bc529a83c5466fbf6b9e702eef1e59644687a1
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

HTTP Headers

GET /css/adren.css?n=2735213388 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24

HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 26 Nov 2022 10:25:33 GMT
Content-Type: text/css
Content-Length: 243
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-f3"
Accept-Ranges: bytes

r.redirekted.com/js/adren.min.js?n=2735213388

66.165.243.160

200 OK

7.5 kB

URL HTTP/1.1
r.redirekted.com/js/adren.min.js?n=2735213388
IP
66.165.243.160:0
ASN
#29802 HVC-AS

File type
ASCII text, with very long lines (7528), with no line terminators
Size
7.5 kB (7528 bytes)
Hash
9a9ec61d7e275f25fe83f0aa93bd2e41
8a3a23c432b601e9f8f8fe2b61f0fedbc341c9ac
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

HTTP Headers

GET /js/adren.min.js?n=2735213388 HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24

HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 26 Nov 2022 10:25:33 GMT
Content-Type: application/javascript
Content-Length: 7528
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-1d68"
Accept-Ranges: bytes

r.redirekted.com/favicon.ico

66.165.243.160

200 OK

0 B

URL HTTP/1.1
r.redirekted.com/favicon.ico
IP
66.165.243.160:0
ASN
#29802 HVC-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24

HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 26 Nov 2022 10:25:34 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Connection: keep-alive
ETag: "60dff9aa-0"
Accept-Ranges: bytes

r.redirekted.com/go?e=04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW

66.165.243.160

200 OK

1.8 kB

URL HTTP/1.1
r.redirekted.com/go?e=04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW
IP
66.165.243.160:0
ASN
#29802 HVC-AS

File type
HTML document, ASCII text, with very long lines (465)
Size
1.8 kB (1756 bytes)
Hash
5abf33402f0dfb005afea05d46991430
1e11ce3a39f6c2304eabade662e949ccde886809
ef7f92c26d1f320750751c4361aa33f5e45875bdd82e8d4e03cf3bf3dad200ef

HTTP Headers

GET /go?e=04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW HTTP/1.1
Host: r.redirekted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/redirect?redirect_id=30795cf84116ad23c163d884171dfa73&request_id=188c97804bd8cb0d07e083060a8cda24
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.21.5
Date: Sat, 26 Nov 2022 10:25:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.14
Set-Cookie: uuid=324662695697288128; expires=Sun, 27-Nov-2022 10:25:34 GMT; Max-Age=86400

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/1.1
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sat, 26 Nov 2022 10:22:56 GMT
Expires: Sat, 26 Nov 2022 12:22:56 GMT
Cache-Control: public, max-age=7200
Age: 158
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript

www.google-analytics.com/collect?v=1&_v=j98&a=1513221800&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1300401242.1669458333&tid=UA-32454353-1&_gid=742048189.1669458333&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1686300248

142.250.74.174

200 OK

35 B

URL HTTP/1.1
www.google-analytics.com/collect?v=1&_v=j98&a=1513221800&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1300401242.1669458333&tid=UA-32454353-1&_gid=742048189.1669458333&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1686300248
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /collect?v=1&_v=j98&a=1513221800&t=pageview&_s=2&dl=http%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW0Azs2kUM9gRBV1aq5kws21aB8MaVV1KLztxsmkUF9gGp54aq9kwXyt3K59Gr8RFW8uHsYkQLdRzXw13p0yHs-HUC8gGs7jKWdf0XmumL9AUqvkUXw4wXyDmF59Gr-RPX58IA3OKM7cRnsEwCxymX31KMdbRM7ZGLsqHr-ZTn8gQAY1KW4yRsYk3L-W3X7VmFtMHAbxRE55QMYImq4uJsmEaCmtvVtEwLwbHVyj3K8IlX503Fa4Gs21KCdHPCWk3p8NTsmImBdtFs84aqzb0X7xKBetlX7x3C9gQA_DQn8IPrwkapefxXvyUDuHPCY5UWe8IVcZvF1tvW&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1300401242.1669458333&tid=UA-32454353-1&_gid=742048189.1669458333&cd1=oz9lo258n2kesUk8sT5ipz9hsTgfn3k8sUj%3D&z=1686300248 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://r.redirekted.com/

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 25 Nov 2022 17:27:05 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 61109
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
970324cde413a21608afb941164f574c
56bc7108ca1056bd2851b6c5723ce2dbaef95f6e
d2c7978fa0469be2ab8929c2e1a9d97f997ae40d625d23ce66ebcf05ebaea266

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4406
Cache-Control: max-age=116312
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:34 GMT
Etag: "6380fbc0-1d7"
Expires: Sun, 27 Nov 2022 18:44:06 GMT
Last-Modified: Fri, 25 Nov 2022 17:30:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE

95.211.116.27

200 OK

30 kB

URL HTTP/1.1
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Size
30 kB (29839 bytes)
Hash
01d7fa3494d11c814cd3b1970e814794
2fa6ea514a9b961ced82588397c10cc6cd471a5f
e3e883aacae944b7bff3dc125f7df816ddfd702d7efe4a8415c2fe58ab5424b9

HTTP Headers

GET /ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://r.redirekted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:34 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618
clickId: 107698154_1669458334449_4692310
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.017322S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 29839
Set-Cookie: datadome=f7noTiSoNZwNYBsjlue3VdzMxhy0eLuWYU6tefri2rHVO4St2igdBX1wudzqBxGqrxTV2uTNXl4hyV2oEI_RbEEIqu9mMAv5-fI8v7fPWu1QCZkz1nQNl4V0pqMU8zT; Max-Age=31536000; Expires=Sun, 26 Nov 2023 10:25:34 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c629a-184b37892f1-15d624; Max-Age=31536000; Expires=Sun, 26 Nov 2023 10:25:34 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=85
Connection: Keep-Alive

no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb3db73e96c353242d76948ff29c2eecf65278b67133cc1145d6989eb4e77689842098e3407dca479dc16188a48d3c99be3c29acb67607818b8f1f4f87f00cd81dbf7a50bbf941911cefdf6676ad87427bb23bf7916149c475709a85133c497343817ca0454f13ab8f9dd6aad19569dc244c2b4e9bc1464269737659ad5fe84798047a2ea0f04b29ad0a68c3779b75ba1acdf7ff493dece1e19700620d1ae75d3e7da917c245411ba67e350f5d6c9a3f5dac1e0d0c6582e35fdb220500deef61509693bbea0f09de8e9f6f2e2fe2de94ea4e9ea42db582b626cae8b7db59b3500260662b9718817c7a33f630d3aa43e1d9df71e7a9e23abec0a39db7dc2eb8370c1d0c2aae9815516a393c3423c28f075e&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618&clickId=107698154_1669458334449_4692310

95.211.116.27

200 OK

68 B

URL HTTP/1.1
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb3db73e96c353242d76948ff29c2eecf65278b67133cc1145d6989eb4e77689842098e3407dca479dc16188a48d3c99be3c29acb67607818b8f1f4f87f00cd81dbf7a50bbf941911cefdf6676ad87427bb23bf7916149c475709a85133c497343817ca0454f13ab8f9dd6aad19569dc244c2b4e9bc1464269737659ad5fe84798047a2ea0f04b29ad0a68c3779b75ba1acdf7ff493dece1e19700620d1ae75d3e7da917c245411ba67e350f5d6c9a3f5dac1e0d0c6582e35fdb220500deef61509693bbea0f09de8e9f6f2e2fe2de94ea4e9ea42db582b626cae8b7db59b3500260662b9718817c7a33f630d3aa43e1d9df71e7a9e23abec0a39db7dc2eb8370c1d0c2aae9815516a393c3423c28f075e&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618&clickId=107698154_1669458334449_4692310
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb3db73e96c353242d76948ff29c2eecf65278b67133cc1145d6989eb4e77689842098e3407dca479dc16188a48d3c99be3c29acb67607818b8f1f4f87f00cd81dbf7a50bbf941911cefdf6676ad87427bb23bf7916149c475709a85133c497343817ca0454f13ab8f9dd6aad19569dc244c2b4e9bc1464269737659ad5fe84798047a2ea0f04b29ad0a68c3779b75ba1acdf7ff493dece1e19700620d1ae75d3e7da917c245411ba67e350f5d6c9a3f5dac1e0d0c6582e35fdb220500deef61509693bbea0f09de8e9f6f2e2fe2de94ea4e9ea42db582b626cae8b7db59b3500260662b9718817c7a33f630d3aa43e1d9df71e7a9e23abec0a39db7dc2eb8370c1d0c2aae9815516a393c3423c28f075e&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618&clickId=107698154_1669458334449_4692310 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE
Connection: keep-alive
Cookie: datadome=f7noTiSoNZwNYBsjlue3VdzMxhy0eLuWYU6tefri2rHVO4St2igdBX1wudzqBxGqrxTV2uTNXl4hyV2oEI_RbEEIqu9mMAv5-fI8v7fPWu1QCZkz1nQNl4V0pqMU8zT; kelkooID=a4c629a-184b37892f1-15d624
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:34 GMT
Request-Time: PT0.000981S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=89
Connection: Keep-Alive

dd.kelkoogroup.net/tags.js

54.230.111.104

200 OK

43 kB

URL HTTP/2
dd.kelkoogroup.net/tags.js
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65432)
Size
43 kB (43164 bytes)
Hash
1e9601b9f2fcd0d1d742e87fd046749c
88431bfdad7d8be4cf62396a57aebcec0de09827
4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb

HTTP Headers

GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=f7noTiSoNZwNYBsjlue3VdzMxhy0eLuWYU6tefri2rHVO4St2igdBX1wudzqBxGqrxTV2uTNXl4hyV2oEI_RbEEIqu9mMAv5-fI8v7fPWu1QCZkz1nQNl4V0pqMU8zT; kelkooID=a4c629a-184b37892f1-15d624; _ga=GA1.2.55730958.1669458333; _gid=GA1.2.122835958.1669458333
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 43164
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 15:19:16 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront), 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
date: Sat, 26 Nov 2022 10:19:59 GMT
cache-control: max-age=3600, public
expires: Sat, 26 Nov 2022 11:19:58 GMT
etag: "33bf8-5edac1cc94a7f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: pv8co4TRgJ4V3b103XfH37mIUnsVFi5Snuj7pidYCaKMD3X04r3QBQ==
age: 336
X-Firefox-Spdy: h2

no-go.kelkoogroup.net/favicon.ico

95.211.116.27

403 Forbidden

0 B

URL HTTP/1.0
no-go.kelkoogroup.net/favicon.ico
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE
Connection: keep-alive
Cookie: datadome=f7noTiSoNZwNYBsjlue3VdzMxhy0eLuWYU6tefri2rHVO4St2igdBX1wudzqBxGqrxTV2uTNXl4hyV2oEI_RbEEIqu9mMAv5-fI8v7fPWu1QCZkz1nQNl4V0pqMU8zT; kelkooID=a4c629a-184b37892f1-15d624; _ga=GA1.2.55730958.1669458333; _gid=GA1.2.122835958.1669458333
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb3db73e96c353242d76948ff29c2eecf65278b67133cc1145d6989eb4e77689842098e3407dca479dc16188a48d3c99be3c29acb67607818b8f1f4f87f00cd81dbf7a50bbf941911cefdf6676ad87427bb23bf7916149c475709a85133c497343817ca0454f13ab8f9dd6aad19569dc244c2b4e9bc1464269737659ad5fe84798047a2ea0f04b29ad0a68c3779b75ba1acdf7ff493dece1e19700620d1ae75d3e7da917c245411ba67e350f5d6c9a3f5dac1e0d0c6582e35fdb220500deef61509693bbea0f09de8e9f6f2e2fe2de94ea4e9ea42db582b626cae8b7db59b3500260662b9718817c7a33f630d3aa43e1d9df71e7a9e23abec0a39db7dc2eb8370c1d0c2aae9815516a393c3423c28f075e&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618&clickId=107698154_1669458334449_4692310&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&initiator=timeout

95.211.116.27

303 See Other

0 B

URL HTTP/1.1
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb3db73e96c353242d76948ff29c2eecf65278b67133cc1145d6989eb4e77689842098e3407dca479dc16188a48d3c99be3c29acb67607818b8f1f4f87f00cd81dbf7a50bbf941911cefdf6676ad87427bb23bf7916149c475709a85133c497343817ca0454f13ab8f9dd6aad19569dc244c2b4e9bc1464269737659ad5fe84798047a2ea0f04b29ad0a68c3779b75ba1acdf7ff493dece1e19700620d1ae75d3e7da917c245411ba67e350f5d6c9a3f5dac1e0d0c6582e35fdb220500deef61509693bbea0f09de8e9f6f2e2fe2de94ea4e9ea42db582b626cae8b7db59b3500260662b9718817c7a33f630d3aa43e1d9df71e7a9e23abec0a39db7dc2eb8370c1d0c2aae9815516a393c3423c28f075e&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618&clickId=107698154_1669458334449_4692310&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&initiator=timeout
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff437567c460be4e08eed49d56f330fab19bb3db73e96c353242d76948ff29c2eecf65278b67133cc1145d6989eb4e77689842098e3407dca479dc16188a48d3c99be3c29acb67607818b8f1f4f87f00cd81dbf7a50bbf941911cefdf6676ad87427bb23bf7916149c475709a85133c497343817ca0454f13ab8f9dd6aad19569dc244c2b4e9bc1464269737659ad5fe84798047a2ea0f04b29ad0a68c3779b75ba1acdf7ff493dece1e19700620d1ae75d3e7da917c245411ba67e350f5d6c9a3f5dac1e0d0c6582e35fdb220500deef61509693bbea0f09de8e9f6f2e2fe2de94ea4e9ea42db582b626cae8b7db59b3500260662b9718817c7a33f630d3aa43e1d9df71e7a9e23abec0a39db7dc2eb8370c1d0c2aae9815516a393c3423c28f075e&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618&clickId=107698154_1669458334449_4692310&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669391622813&.sig=C3hohrudj7bGdjqvJ2t_waNLBSk-&affiliationId=96965866&comId=15323213&country=no&offerId=f8ed123ef850ec04dbeabc5a1d007151&service=37&tokenId=35e025c3-2943-4e2d-874f-eaee491f9fab&wait=true&addedParams=true&custom1=8IPAV5KWwpzXbfFC08GCVEwC1WzXxD2BmRTLaIPCbqzsyDaE-IPpT13p4MRs7LPL3ZUqVk3pzZTsmuUL&custom2=8IvWYk3B8cRsy03MlRJFQqwqxqRA-tzE
Connection: keep-alive
Cookie: datadome=f7noTiSoNZwNYBsjlue3VdzMxhy0eLuWYU6tefri2rHVO4St2igdBX1wudzqBxGqrxTV2uTNXl4hyV2oEI_RbEEIqu9mMAv5-fI8v7fPWu1QCZkz1nQNl4V0pqMU8zT; kelkooID=a4c629a-184b37892f1-15d624; _ga=GA1.2.55730958.1669458333; _gid=GA1.2.122835958.1669458333
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 303 See Other
Date: Sat, 26 Nov 2022 10:25:34 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669458334456_1204618
clickId: 107698154_1669458334449_4692310
country: no
Location: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.01547S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=4_6UoDG4WaTP8NK-QHeQ2UF9ZsycUQdMaWMWBg5_WC8GqD1tB2_fXo1QV~W0seyOHN1LVA2g8eYS9OZEFxNoLpo7db6e9hSrh9IvxShxnNQTNDb7cynSCZYaqgiKX8hp; Max-Age=31536000; Expires=Sun, 26 Nov 2023 10:25:34 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive
Content-Type: text/plain

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
44cfce3f90d970a44e5d4e3b60854840
ec312ed6cb84c2b9ac2391aa272a4a782dce373c
1be664c1a3962e7800b81f73872538e6597d899a87076456064ed7e468964760

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BE664C1A3962E7800B81F73872538E6597D899A87076456064ED7E468964760"
Last-Modified: Thu, 24 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13386
Expires: Sat, 26 Nov 2022 14:08:40 GMT
Date: Sat, 26 Nov 2022 10:25:34 GMT
Connection: keep-alive

dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick

178.79.147.49

200 OK

9.2 kB

URL HTTP/1.1
dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31857)
Size
9.2 kB (9219 bytes)
Hash
2b68a46e87d313c4dbd567d7ff004819
c07ffacc51ffd81f659cef02ae13b1a45b1040d2
bc2d844b3631a8e18fde0e813a3f71d197833bbb139b369d9cb109bf94457a62

HTTP Headers

GET /mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:34 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Powered-By: PrestaShop
Set-Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ; expires=Fri, 16-Dec-2022 10:25:34 GMT; Max-Age=1728000; path=/; domain=dyrenesverden.no; secure; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 9219
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=utf-8

dyrenesverden.no/themes/erik-community-theme/cache/v_388_581056863ab8e758992c0d07a14f0ae2_all.css

178.79.147.49

200 OK

35 kB

URL HTTP/1.1
dyrenesverden.no/themes/erik-community-theme/cache/v_388_581056863ab8e758992c0d07a14f0ae2_all.css
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (65518)
Size
35 kB (35425 bytes)
Hash
515199447fde0938b13ef9e8cfd8632b
4de6aecd9fbbe3c1ddef2cc09001da62bd8b4578
7fcba1a943092b1fb33cf14ed3ab30a532d03d57b4474779f8c3b1225bae5fe1

HTTP Headers

GET /themes/erik-community-theme/cache/v_388_581056863ab8e758992c0d07a14f0ae2_all.css HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sun, 29 May 2022 20:09:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sat, 03 Dec 2022 10:25:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Length: 35425
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

s.kk-resources.com/leadtag.js

143.204.55.123

200 OK

2.6 kB

URL HTTP/1.1
s.kk-resources.com/leadtag.js
IP
143.204.55.123:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (6910)
Size
2.6 kB (2595 bytes)
Hash
b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0

HTTP Headers

GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 02cbec2f-6eb3-4f6a-8bec-2f6eb34f6a03
X-Gravitee-Request-Id: 02cbec2f-6eb3-4f6a-8bec-2f6eb34f6a03
Request-Time: 4
Accept-Ranges: bytes
Last-Modified: Tue, 12 Jul 2022 13:51:05 GMT
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 10:01:31 GMT
Cache-Control: public, max-age=3600
ETag: "05e089e0c08fd98ee6b4f6497ec87752b123fc2f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KhglXeXR0ygc5n55e_T3u5LQkuU9Mmk7OYsvetjYm8RYvX4pvNH4aQ==
Age: 1444

dyrenesverden.no/22065-home_default/klorestamme-sally.jpg

178.79.147.49

200 OK

4.3 kB

URL HTTP/1.1
dyrenesverden.no/22065-home_default/klorestamme-sally.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
4.3 kB (4289 bytes)
Hash
5f3e97b4cdf963b4c0da63228752ce1d
d00a2cf52a038cbe365e38affeed59355c830750
17e34fae4de2d37425a8489f6fadf3f9211d5ba25e89bb6730953f07ab3900c8

HTTP Headers

GET /22065-home_default/klorestamme-sally.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Sep 2016 09:36:33 GMT
Accept-Ranges: bytes
Content-Length: 4289
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg

dyrenesverden.no/22066-home_default/kloretonne-mimmi.jpg

178.79.147.49

200 OK

10 kB

URL HTTP/1.1
dyrenesverden.no/22066-home_default/kloretonne-mimmi.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
10 kB (10206 bytes)
Hash
5818a57e1c625f186233f5678a613bda
dac1f72965e776d3b5e7b83b12ca4d913d690a68
c32c37ccd0319c783e70a9e022e44db4afd23b75936198fbbd1ac12d662af4bf

HTTP Headers

GET /22066-home_default/kloretonne-mimmi.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Tue, 27 Sep 2016 09:36:49 GMT
Accept-Ranges: bytes
Content-Length: 10206
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/22067-home_default/kloretonne-mimmi.jpg

178.79.147.49

200 OK

7.4 kB

URL HTTP/1.1
dyrenesverden.no/22067-home_default/kloretonne-mimmi.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
7.4 kB (7405 bytes)
Hash
fa3ab11f0e44aa8fc706794ec53d97e2
2c1bbb78cb7f6df4660df092d4388fbc7cbbe948
96a9ab570e88eeb62b94585a7d9d26e09f781352da49f49bf82c9b0f9a4e01b2

HTTP Headers

GET /22067-home_default/kloretonne-mimmi.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Sep 2016 09:37:05 GMT
Accept-Ranges: bytes
Content-Length: 7405
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg

dyrenesverden.no/22068-home_default/kloremobel-morris.jpg

178.79.147.49

200 OK

6.8 kB

URL HTTP/1.1
dyrenesverden.no/22068-home_default/kloremobel-morris.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
6.8 kB (6814 bytes)
Hash
d290beb33acf59bc92c23dbe39d9eb15
ad38305548644af6ab93ffb9938fea8a68f58634
6e20b7494afdbf8158f7d16c15b5f1a2e950b84160e602ba766c15277d767278

HTTP Headers

GET /22068-home_default/kloremobel-morris.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Sep 2016 09:37:19 GMT
Accept-Ranges: bytes
Content-Length: 6814
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg

dyrenesverden.no/22069-home_default/kloremobel-morris.jpg

178.79.147.49

200 OK

6.6 kB

URL HTTP/1.1
dyrenesverden.no/22069-home_default/kloremobel-morris.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
6.6 kB (6556 bytes)
Hash
b7055df6e7de0ab78ff05e7c3a7bad47
5168ac7f80b786fc90f5664dd2f506b761c026bb
211d054acca687fc5e6d68a02a68c1554f076c1c115541e61f50b54d75f14d3d

HTTP Headers

GET /22069-home_default/kloremobel-morris.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Sep 2016 09:37:32 GMT
Accept-Ranges: bytes
Content-Length: 6556
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg

dyrenesverden.no/26957-home_default/klosmobel-misty.jpg

178.79.147.49

200 OK

8.9 kB

URL HTTP/1.1
dyrenesverden.no/26957-home_default/klosmobel-misty.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
8.9 kB (8858 bytes)
Hash
9233716a81df4470c8e8817b062e0c79
1f222b1788eda3c06e2330ac5c47cd2d0a75c1b7
8049f3bcd4d45785fa53f1147b17b891f636e5abcc1252150b015dbb7a9bfa37

HTTP Headers

GET /26957-home_default/klosmobel-misty.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Fri, 22 Feb 2019 10:06:24 GMT
Accept-Ranges: bytes
Content-Length: 8858
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/26958-home_default/klosmobel-misty.jpg

178.79.147.49

200 OK

6.7 kB

URL HTTP/1.1
dyrenesverden.no/26958-home_default/klosmobel-misty.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
6.7 kB (6728 bytes)
Hash
d868ad3ed50b5d73acdf393c7b62f164
65f6bc9ffce64a7492b16cb7401674908902f000
80512effeac339ff59ca67c4b5ff8ce12d38e5e14f8e4bc8abfdb11c10a88a10

HTTP Headers

GET /26958-home_default/klosmobel-misty.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Fri, 22 Feb 2019 10:06:30 GMT
Accept-Ranges: bytes
Content-Length: 6728
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/27577-home_default/klosmobel-sylvester.jpg

178.79.147.49

200 OK

7.8 kB

URL HTTP/1.1
dyrenesverden.no/27577-home_default/klosmobel-sylvester.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
7.8 kB (7807 bytes)
Hash
dbf407c59029fe78f0fe58b6a99fd640
5b2429aa47df9bddd840f940602dac647bb25a99
40d250a73f5824668693cfd97099f0101018824b5df087fbb6773b6dfd359fd6

HTTP Headers

GET /27577-home_default/klosmobel-sylvester.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Fri, 24 May 2019 16:43:54 GMT
Accept-Ranges: bytes
Content-Length: 7807
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dyrenesverden.no/img/dyrenes-verden-logo-1428252460.jpg

178.79.147.49

200 OK

7.2 kB

URL HTTP/1.1
dyrenesverden.no/img/dyrenes-verden-logo-1428252460.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 369x93, components 3\012- data
Size
7.2 kB (7230 bytes)
Hash
e9fe7f192ff32b47b3a676393ac8e0da
52f7288f3eb87240feb089c266e24a04cf4b95a1
44828d5f12d7359f78067ef7a5aa08a26b9d699b36667517f1b11c0b44c19381

HTTP Headers

GET /img/dyrenes-verden-logo-1428252460.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sun, 05 Apr 2015 16:47:40 GMT
Accept-Ranges: bytes
Content-Length: 7230
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/themes/erik-community-theme/cache/v_387_1cf942a8618a32bc96c164943752c6a2.js

178.79.147.49

200 OK

95 kB

URL HTTP/1.1
dyrenesverden.no/themes/erik-community-theme/cache/v_387_1cf942a8618a32bc96c164943752c6a2.js
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (32341)
Size
95 kB (94758 bytes)
Hash
21ad1983e7e85fdb7dfdaffa29fcc1ff
24f3bb0d18501012e0c3bb8d69c19f8fa15df4f8
77cf00955e41dbbf46e3a48807b75750b4867e1a00d05af4a03c99d5cdb6f1e6

HTTP Headers

GET /themes/erik-community-theme/cache/v_387_1cf942a8618a32bc96c164943752c6a2.js HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 29 May 2022 20:09:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sat, 03 Dec 2022 10:25:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: application/javascript

dyrenesverden.no/modules/productpaymentlogos/img/payment-logo.png

178.79.147.49

200 OK

18 kB

URL HTTP/1.1
dyrenesverden.no/modules/productpaymentlogos/img/payment-logo.png
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
PNG image data, 233 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18199 bytes)
Hash
d30f4e1523d6c5415760e97849e0168e
b34a2a7c1929bfbaaac2744184d40058940debbb
bed685421df7812acb89f8f1564de321c19abdc85b6a6db0dba16b27a586799f

HTTP Headers

GET /modules/productpaymentlogos/img/payment-logo.png HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sun, 05 May 2019 17:39:37 GMT
Accept-Ranges: bytes
Content-Length: 18199
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

dyrenesverden.no/15968-home_default/kloremobel-matta-sisal.jpg

178.79.147.49

200 OK

10 kB

URL HTTP/1.1
dyrenesverden.no/15968-home_default/kloremobel-matta-sisal.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
10 kB (10241 bytes)
Hash
fc4225092b5bee772219dbb480e0a76c
dd34e28b8ad1d7785fb12a11b62b20ed39023321
57e47e03b354165478c05ade7f1f0ee2476c4ac90695b66f148bb93c39d14573

HTTP Headers

GET /15968-home_default/kloremobel-matta-sisal.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Wed, 10 Sep 2014 10:44:48 GMT
Accept-Ranges: bytes
Content-Length: 10241
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/15970-home_default/kloremobel.jpg

178.79.147.49

200 OK

8.5 kB

URL HTTP/1.1
dyrenesverden.no/15970-home_default/kloremobel.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
8.5 kB (8548 bytes)
Hash
4eeb76cbe205961760e2c9260e6f59e9
be58bee98d91a8d4655bda370e6ad46d3ec9ae90
febffd803aba2cff93283591c8c09f642faf172e5c11258e2a1ef691c4dfd19d

HTTP Headers

GET /15970-home_default/kloremobel.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Wed, 10 Sep 2014 10:44:49 GMT
Accept-Ranges: bytes
Content-Length: 8548
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/20264-home_default/kloremobel.jpg

178.79.147.49

200 OK

5.6 kB

URL HTTP/1.1
dyrenesverden.no/20264-home_default/kloremobel.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
5.6 kB (5607 bytes)
Hash
9a883ee4d0349ead25d752f5c6f93d63
341adb7d905e9f953505454081b349e3eea25372
c6b8ae8bce33502a6e68d12d8398b7566cf78dd767f2dbbce6c3f4aac895920e

HTTP Headers

GET /20264-home_default/kloremobel.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sat, 08 Aug 2015 22:35:39 GMT
Accept-Ranges: bytes
Content-Length: 5607
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/29891-large_default/kloremobel-misty.jpg

178.79.147.49

200 OK

22 kB

URL HTTP/1.1
dyrenesverden.no/29891-large_default/kloremobel-misty.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 458x458, components 3\012- data
Size
22 kB (22522 bytes)
Hash
3b4de58d7c3a6a95d86a3295ea19ba46
9e22cda0b01458032b8120247a9f02f68cad837c
694ed29297f68fa597fe66dd4071cc57936c5de576fa5f9861c860bcb2014d8f

HTTP Headers

GET /29891-large_default/kloremobel-misty.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sun, 11 Oct 2020 18:26:47 GMT
Accept-Ranges: bytes
Content-Length: 22522
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/20267-home_default/kloremobel.jpg

178.79.147.49

200 OK

5.5 kB

URL HTTP/1.1
dyrenesverden.no/20267-home_default/kloremobel.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
5.5 kB (5460 bytes)
Hash
cd90db02640f41599ab7c099a8f78d4d
96b30066cc5754fc7a9810fe40d8530c4d7181b8
27ac246b035958a12e20b0645b014be4aed072db09a5c535b37633da645f90eb

HTTP Headers

GET /20267-home_default/kloremobel.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sat, 08 Aug 2015 22:35:47 GMT
Accept-Ranges: bytes
Content-Length: 5460
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/29890-home_default/kloremobel-misty.jpg

178.79.147.49

200 OK

7.6 kB

URL HTTP/1.1
dyrenesverden.no/29890-home_default/kloremobel-misty.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
7.6 kB (7583 bytes)
Hash
c0521a81a3c512ac430a7e00a66940e4
d937e8a7782809e07dab7a5d14838ff8904f474d
6052271269f30860ca2ae322829a21395ea91a978ca6defe37be5b182ab284ff

HTTP Headers

GET /29890-home_default/kloremobel-misty.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sun, 11 Oct 2020 18:26:39 GMT
Accept-Ranges: bytes
Content-Length: 7583
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/22063-home_default/klorestamme-sally.jpg

178.79.147.49

200 OK

4.5 kB

URL HTTP/1.1
dyrenesverden.no/22063-home_default/klorestamme-sally.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
4.5 kB (4538 bytes)
Hash
553303e8305dc950b8d8cecbe4f78e1d
188b29b6392c7ffaaf6cab013b1ecd6bb6bbd5ec
15ee8f094707251a5ffb3189b94f7e9c16c79273df1b0ff642172c517a7f961d

HTTP Headers

GET /22063-home_default/klorestamme-sally.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Tue, 27 Sep 2016 09:36:12 GMT
Accept-Ranges: bytes
Content-Length: 4538
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/22064-home_default/klorestamme-sally.jpg

178.79.147.49

200 OK

4.0 kB

URL HTTP/1.1
dyrenesverden.no/22064-home_default/klorestamme-sally.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
4.0 kB (3964 bytes)
Hash
632ae15a06d94c5dbc60547b9a2297c8
7b0292e2847691f6fb236a8a02ae957bfeb39dad
aaf5759432e570c837c38a904271320ab23c9937a2deca09672124161a7a2a3c

HTTP Headers

GET /22064-home_default/klorestamme-sally.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Tue, 27 Sep 2016 09:36:23 GMT
Accept-Ranges: bytes
Content-Length: 3964
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/themes/erik-community-theme/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3

178.79.147.49

200 OK

72 kB

URL HTTP/1.1
dyrenesverden.no/themes/erik-community-theme/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

HTTP Headers

GET /themes/erik-community-theme/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dyrenesverden.no/themes/erik-community-theme/cache/v_388_581056863ab8e758992c0d07a14f0ae2_all.css
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sun, 20 Nov 2016 20:50:42 GMT
Accept-Ranges: bytes
Content-Length: 71896
Cache-Control: max-age=31536000
Expires: Sun, 26 Nov 2023 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2

dyrenesverden.no/15977-home_default/kloremobel.jpg

178.79.147.49

200 OK

12 kB

URL HTTP/1.1
dyrenesverden.no/15977-home_default/kloremobel.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
12 kB (11790 bytes)
Hash
88c9c1340027fc922b94ed061e6d487b
606855bdd66b4f7654bb7e71b12b6b99328b064f
79ab401a01bfb0e510009d5ef5c3eee2bf2b480ac2527203f137a8e4bf8c7cd3

HTTP Headers

GET /15977-home_default/kloremobel.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Wed, 10 Sep 2014 10:44:50 GMT
Accept-Ranges: bytes
Content-Length: 11790
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/15976-home_default/kloremobel.jpg

178.79.147.49

200 OK

9.0 kB

URL HTTP/1.1
dyrenesverden.no/15976-home_default/kloremobel.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
e8f579b482c7e6500d8fb41b454c9277
8599e0f69dccc0355bc5fe01509899aa9a04cbe5
e64b6251637b679d8fe88ea82475cbbc8829509ebf59de24d9cefd6981e762e9

HTTP Headers

GET /15976-home_default/kloremobel.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Wed, 10 Sep 2014 10:37:19 GMT
Accept-Ranges: bytes
Content-Length: 9032
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dyrenesverden.no/15979-home_default/kloremobel.jpg

178.79.147.49

200 OK

8.9 kB

URL HTTP/1.1
dyrenesverden.no/15979-home_default/kloremobel.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 250x250, components 3\012- data
Size
8.9 kB (8877 bytes)
Hash
153bf04df9ca3ac623ebf1f4215fc68d
1795681eb21b14ca495f873baf546385394f53e4
6229715e114d58d10933835291af0d8069a8be0110e17d7c6944985dcfd9cb57

HTTP Headers

GET /15979-home_default/kloremobel.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Wed, 10 Sep 2014 10:44:50 GMT
Accept-Ranges: bytes
Content-Length: 8877
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

dyrenesverden.no/29891-cart_default/kloremobel-misty.jpg

178.79.147.49

200 OK

2.1 kB

URL HTTP/1.1
dyrenesverden.no/29891-cart_default/kloremobel-misty.jpg
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 80x80, components 3\012- data
Size
2.1 kB (2094 bytes)
Hash
a36858f1f5d6602452eb7a4c06c9362c
f0e1c472287ad9ce4f77539ed07e7355ae47d6e0
811b96895feb49e1ea56a15fe5320055a61c36c8d181fbeeb8823a3efe69a8de

HTTP Headers

GET /29891-cart_default/kloremobel-misty.jpg HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Sun, 11 Oct 2020 18:26:47 GMT
Accept-Ranges: bytes
Content-Length: 2094
Cache-Control: max-age=2592000
Expires: Mon, 26 Dec 2022 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
970324cde413a21608afb941164f574c
56bc7108ca1056bd2851b6c5723ce2dbaef95f6e
d2c7978fa0469be2ab8929c2e1a9d97f997ae40d625d23ce66ebcf05ebaea266

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3225
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Last-Modified: Sat, 26 Nov 2022 09:31:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtag/js?id=AW-833441087

142.250.74.168

200 OK

53 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-833441087
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
53 kB (53023 bytes)
Hash
236cd1376635196ecf0b8a964f33b602
72c9e6d42838682052b9a2d31fec8d52fcd48c4e
287f5b4b6095eaf18be6c1a4728690265ced3a3c4c8160f8b4da449af82f78a6

HTTP Headers

GET /gtag/js?id=AW-833441087 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 10:25:35 GMT
expires: Sat, 26 Nov 2022 10:25:35 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
970324cde413a21608afb941164f574c
56bc7108ca1056bd2851b6c5723ce2dbaef95f6e
d2c7978fa0469be2ab8929c2e1a9d97f997ae40d625d23ce66ebcf05ebaea266

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4370
Cache-Control: max-age=116275
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Etag: "6380fbc0-1d7"
Expires: Sun, 27 Nov 2022 18:43:30 GMT
Last-Modified: Fri, 25 Nov 2022 17:30:40 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

s.kelkoogroup.net/k.gif

185.60.164.26

200 OK

0 B

URL HTTP/1.1
s.kelkoogroup.net/k.gif
IP
185.60.164.26:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://dyrenesverden.no/
Origin: https://dyrenesverden.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 2acbf275-695d-4251-8bf2-75695d2251b1
X-Gravitee-Request-Id: 2acbf275-695d-4251-8bf2-75695d2251b1
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://dyrenesverden.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Sat, 26 Nov 2022 10:25:35 GMT
content-length: 0

s.kelkoogroup.net/k.gif

185.60.164.26

200 OK

43 B

URL HTTP/1.1
s.kelkoogroup.net/k.gif
IP
185.60.164.26:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ETag: a2Vsa29vSWQ9YTRjNjI5YS0xODRiMzc4OTJmMS0xNWQ2MjQ=
Origin: https://dyrenesverden.no
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 1d9a1d3c-821d-4e11-9a1d-3c821dce1197
X-Gravitee-Request-Id: 1d9a1d3c-821d-4e11-9a1d-3c821dce1197
ETag: a2Vsa29vSWQ9YTRjNjI5YS0xODRiMzc4OTJmMS0xNWQ2MjQ=
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 0
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://dyrenesverden.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Sat, 26 Nov 2022 10:25:35 GMT
Content-Type: image/gif
content-length: 43

dyrenesverden.no/img/favicon.ico?1569698788

178.79.147.49

200 OK

15 kB

URL HTTP/1.1
dyrenesverden.no/img/favicon.ico?1569698788
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
8104f82beec7ffb729be6722af14ec7c
422e0c38d8a58df4af4ed10714a911c80de9760e
5392dcfd362a94f208d205b4eac56c8c69c445c8ed059e3ee26e96ce94aeff4f

HTTP Headers

GET /img/favicon.ico?1569698788 HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ; kk_leadtag=true; kelkooId=a4c629a-184b37892f1-15d624
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Wed, 03 Feb 2016 21:06:27 GMT
Accept-Ranges: bytes
Content-Length: 15086
Cache-Control: max-age=31536000
Expires: Sun, 26 Nov 2023 10:25:35 GMT
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 08:41:08 GMT
expires: Sat, 26 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 6267
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669458334636&cv=11&fst=1669458334636&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&auid=1478447067.1669458335&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.162

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1669458334636&cv=11&fst=1669458334636&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&auid=1478447067.1669458335&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2301), with no line terminators
Size
1.0 kB (1010 bytes)
Hash
041d2e8d00f5dbef3a166f6e80951126
84ac7f569d8de1a6fc28c0fc6aeb823e91682a9a
6583214de1a4fddbddd074329c4596dd02e4b46c901db25402d390ac86040ace

HTTP Headers

GET /pagead/viewthroughconversion/833441087/?random=1669458334636&cv=11&fst=1669458334636&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&auid=1478447067.1669458335&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:25:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1010
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 10:40:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/833441087/?random=1669458334636&cv=11&fst=1669456800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078541956&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/833441087/?random=1669458334636&cv=11&fst=1669456800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078541956&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/833441087/?random=1669458334636&cv=11&fst=1669456800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078541956&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:25:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/833441087/?random=1669458334636&cv=11&fst=1669456800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078541956&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/833441087/?random=1669458334636&cv=11&fst=1669456800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078541956&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/833441087/?random=1669458334636&cv=11&fst=1669456800000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdyrenesverden.no%2Fmobel%2F21214-kloremobel-misty-7312137251211.html%3Fkk%3Da4c629a-184b37892f1-15d624%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Klorem%C3%B8bel%20Misty%20-%20Dyrenes%20Verden&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078541956&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:25:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47382877-1&cid=518307583.1669458335&jid=1843167445&gjid=725292948&_gid=595043774.1669458335&_u=aGBAAEIIAAAAACAMI~&z=717826809

142.251.1.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47382877-1&cid=518307583.1669458335&jid=1843167445&gjid=725292948&_gid=595043774.1669458335&_u=aGBAAEIIAAAAACAMI~&z=717826809
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47382877-1&cid=518307583.1669458335&jid=1843167445&gjid=725292948&_gid=595043774.1669458335&_u=aGBAAEIIAAAAACAMI~&z=717826809 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dyrenesverden.no
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://dyrenesverden.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 10:25:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 10:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47382877-1&cid=518307583.1669458335&jid=1843167445&_u=aGBAAEIIAAAAACAMI~&z=224615756

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47382877-1&cid=518307583.1669458335&jid=1843167445&_u=aGBAAEIIAAAAACAMI~&z=224615756
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47382877-1&cid=518307583.1669458335&jid=1843167445&_u=aGBAAEIIAAAAACAMI~&z=224615756 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dyrenesverden.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:25:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dyrenesverden.no//modules/paypal/express_checkout/ajax.php?get_qty=1&id_product=21214&id_product_attribute=&_=1669458334442

178.79.147.49

200 OK

1 B

URL HTTP/1.1
dyrenesverden.no//modules/paypal/express_checkout/ajax.php?get_qty=1&id_product=21214&id_product_attribute=&_=1669458334442
IP
178.79.147.49:0
ASN
#63949 Linode, LLC

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

GET //modules/paypal/express_checkout/ajax.php?get_qty=1&id_product=21214&id_product_attribute=&_=1669458334442 HTTP/1.1
Host: dyrenesverden.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dyrenesverden.no/mobel/21214-kloremobel-misty-7312137251211.html?kk=a4c629a-184b37892f1-15d624&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick
Cookie: PrestaShop-b8eb303980912c0e9d0892ddb495ce4f=abbe619076a00fbbdb69cb449b12a7713222b55d069271e59540a15c48f3bf05%3Akr%2BWYV%2BkwAN%2FkFjtJA1cvIJstMMMuCLR7qSNaa%2FjIxNv23o9s%2FkyTUdf4PqBybSG9Y83aMDcS%2FItJamVYHzFs2IObOXF0yi%2B66ag4aZiGnDL44NYRs57DKtwjqe%2B166GXAA4ys%2FPykhfDnFrT6tYK5ROFwLG4eWQxKgGy1UugbyvWhedbuWpU%2B1%2F9R9lBk%2FJ; kk_leadtag=true; kelkooId=a4c629a-184b37892f1-15d624; kk_au=1.1.1478447067.1669458335; _ga=GA1.2.518307583.1669458335; _gid=GA1.2.595043774.1669458335; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 10:25:35 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
Content-Length: 1
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations