firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 31 Aug 2022 21:26:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4wS767yRNQp88-YzS_ZfzQwFFZj38yEwBU6ELz6JzpBYK38rArnl6Q==
Age: 2000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10043
Expires: Thu, 01 Sep 2022 00:47:20 GMT
Date: Wed, 31 Aug 2022 21:59:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 31 Aug 2022 02:27:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nrLyfLVHAWvz6YLLzCkV71zXXVfUHNcqdaGrSR524QebaEXrHv9fhw==
age: 70373
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 21:59:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 31 Aug 2022 21:17:12 GMT
Cache-Control: max-age=3600
Expires: Wed, 31 Aug 2022 21:48:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xAQ1hhaxL05pS8gy36NhDVmVkKfJ5gQkWzvPEjtm1LghDnuLwVxdEw==
Age: 2566
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2688
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 21:59:58 GMT
Last-Modified: Wed, 31 Aug 2022 21:15:10 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ATJChIm/sADj0HqtlVsrkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UgWQRPUXYbhon5bn2CJdB+qRkHc=
ww16.best-targeted-traffic.com/install.php?unq=30l82218010qvfbhkh&version=1.7&pais=Unknown&sub1=20220831-2143-423e-a4db-5a6d51e12e5a
64.190.63.136200 OK 1.2 kB URL HTTP/1.1 ww16.best-targeted-traffic.com/install.php?unq=30l82218010qvfbhkh&version=1.7&pais=Unknown&sub1=20220831-2143-423e-a4db-5a6d51e12e5a
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (685)
Hash 777d4bdfcc43eadef254e994482c6129
8ecb2f3d52fc8d9bfc417eac896140cd1fdb1e5e
55e93a5ba5f80a74e463d2240038eacba7d8a420d375690540235607c121fb81
Analyzer Verdict Alert quad9 Sinkholed
GET /install.php?unq=30l82218010qvfbhkh&version=1.7&pais=Unknown&sub1=20220831-2143-423e-a4db-5a6d51e12e5a HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Wed, 31 Aug 2022 21:59:58 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_Uue2jl8s1yy4CxbzwZkgTl5na5ApsfU7dn1lH+1G+Ia1QjbwW5xJAkDmDrxvZxUUvWlU2kHpxemQUVyGpAYkIQ==
last-modified: Wed, 31 Aug 2022 21:59:57 GMT
x-cache-miss-from: parking-5df4695cd5-xfrmc
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 21:59:58 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 07 Sep 2022 21:59:58 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: d4487da6e54bed2d537bfc4a38b2035d
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2MTk4MzE5ODdjZmUyNTkyNjg2MzFkNmMzNDliOWUzNTA1NGZhMjM4&crc=6745968c8c4e9d1c13ac678355f95822533877fa&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2MTk4MzE5ODdjZmUyNTkyNjg2MzFkNmMzNDliOWUzNTA1NGZhMjM4&crc=6745968c8c4e9d1c13ac678355f95822533877fa&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2MTk4MzE5ODdjZmUyNTkyNjg2MzFkNmMzNDliOWUzNTA1NGZhMjM4&crc=6745968c8c4e9d1c13ac678355f95822533877fa&cv=1 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=30l82218010qvfbhkh&version=1.7&pais=Unknown&sub1=20220831-2143-423e-a4db-5a6d51e12e5a
HTTP/1.1 200 OK
date: Wed, 31 Aug 2022 21:59:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-cache-miss-from: parking-5df4695cd5-nxtwg
server: NginX
ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DyipNJlOSfZw_0&v=NWQ3OGQ1ZTdlNzE2ZDIwZDY1YjQ0OWUzODhhY2M5YzcJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjA1Ni4zMDAxODIxNwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjNkNS41NzA0NTA0NQkxNjYxOTgzMTk4CWFkXzYzXzA=&l=OAk1Mzk5ZjUwOGVlMDg4ZTIyNjE2YjJjMWYzOGU3YmE3ZgkwCTM1CTAJYTM0MjM0NzUxYWVlMGYyNTg0NGJlOWVhYzg5YzEwNTMJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYxOTgzMTk4CTAuMDAwMzU2CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 0 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DyipNJlOSfZw_0&v=NWQ3OGQ1ZTdlNzE2ZDIwZDY1YjQ0OWUzODhhY2M5YzcJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjA1Ni4zMDAxODIxNwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjNkNS41NzA0NTA0NQkxNjYxOTgzMTk4CWFkXzYzXzA=&l=OAk1Mzk5ZjUwOGVlMDg4ZTIyNjE2YjJjMWYzOGU3YmE3ZgkwCTM1CTAJYTM0MjM0NzUxYWVlMGYyNTg0NGJlOWVhYzg5YzEwNTMJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYxOTgzMTk4CTAuMDAwMzU2CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DyipNJlOSfZw_0&v=NWQ3OGQ1ZTdlNzE2ZDIwZDY1YjQ0OWUzODhhY2M5YzcJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjA1Ni4zMDAxODIxNwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjNkNS41NzA0NTA0NQkxNjYxOTgzMTk4CWFkXzYzXzA=&l=OAk1Mzk5ZjUwOGVlMDg4ZTIyNjE2YjJjMWYzOGU3YmE3ZgkwCTM1CTAJYTM0MjM0NzUxYWVlMGYyNTg0NGJlOWVhYzg5YzEwNTMJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYxOTgzMTk4CTAuMDAwMzU2CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=30l82218010qvfbhkh&version=1.7&pais=Unknown&sub1=20220831-2143-423e-a4db-5a6d51e12e5a
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Wed, 31 Aug 2022 21:59:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 31 Aug 2022 21:59:59 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DyipNJlOSfZw_0&v=NWQ3OGQ1ZTdlNzE2ZDIwZDY1YjQ0OWUzODhhY2M5YzcJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjA1Ni4zMDAxODIxNwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjNkNS41NzA0NTA0NQkxNjYxOTgzMTk4CWFkXzYzXzA=&l=OAk1Mzk5ZjUwOGVlMDg4ZTIyNjE2YjJjMWYzOGU3YmE3ZgkwCTM1CTAJYTM0MjM0NzUxYWVlMGYyNTg0NGJlOWVhYzg5YzEwNTMJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYxOTgzMTk4CTAuMDAwMzU2CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-5df4695cd5-9rnxv
server: NginX
ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DyipNJlOSfZw_0&v=NWQ3OGQ1ZTdlNzE2ZDIwZDY1YjQ0OWUzODhhY2M5YzcJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjA1Ni4zMDAxODIxNwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjNkNS41NzA0NTA0NQkxNjYxOTgzMTk4CWFkXzYzXzA=&l=OAk1Mzk5ZjUwOGVlMDg4ZTIyNjE2YjJjMWYzOGU3YmE3ZgkwCTM1CTAJYTM0MjM0NzUxYWVlMGYyNTg0NGJlOWVhYzg5YzEwNTMJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYxOTgzMTk4CTAuMDAwMzU2CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 311 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DyipNJlOSfZw_0&v=NWQ3OGQ1ZTdlNzE2ZDIwZDY1YjQ0OWUzODhhY2M5YzcJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjA1Ni4zMDAxODIxNwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjNkNS41NzA0NTA0NQkxNjYxOTgzMTk4CWFkXzYzXzA=&l=OAk1Mzk5ZjUwOGVlMDg4ZTIyNjE2YjJjMWYzOGU3YmE3ZgkwCTM1CTAJYTM0MjM0NzUxYWVlMGYyNTg0NGJlOWVhYzg5YzEwNTMJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYxOTgzMTk4CTAuMDAwMzU2CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9433be12754c5150728a928093765236
eba78b55d732b6783774fde05289e6fbb2ddd798
ee63d4a16db1ac3c1e96503c4d5995be96d3aa30555a6968ce9697ad93942a17
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DyipNJlOSfZw_0&v=NWQ3OGQ1ZTdlNzE2ZDIwZDY1YjQ0OWUzODhhY2M5YzcJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjA1Ni4zMDAxODIxNwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzBmZDlkZGNjZjNkNS41NzA0NTA0NQkxNjYxOTgzMTk4CWFkXzYzXzA=&l=OAk1Mzk5ZjUwOGVlMDg4ZTIyNjE2YjJjMWYzOGU3YmE3ZgkwCTM1CTAJYTM0MjM0NzUxYWVlMGYyNTg0NGJlOWVhYzg5YzEwNTMJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYxOTgzMTk4CTAuMDAwMzU2CU4JMAkxCTgzMAkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=30l82218010qvfbhkh&version=1.7&pais=Unknown&sub1=20220831-2143-423e-a4db-5a6d51e12e5a
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Wed, 31 Aug 2022 21:59:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 31 Aug 2022 21:59:59 GMT
location: http://xml.sedodna.com/click?i=yipNJlOSfZw_0
x-cache-miss-from: parking-5df4695cd5-9rnxv
server: NginX
xml.sedodna.com/click?i=yipNJlOSfZw_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=yipNJlOSfZw_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=yipNJlOSfZw_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://api.quotes.com/40f34d16-2978-11ed-abd9-8b8a9d616df8
Pragma: no-cache
api.quotes.com/40f34d16-2978-11ed-abd9-8b8a9d616df8
5.79.68.236200 OK 171 B URL HTTP/1.1 api.quotes.com/40f34d16-2978-11ed-abd9-8b8a9d616df8
IP 5.79.68.236:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash a8cf7a99d61824f4bf42ef467b4c92e6
f28524be11a0bc747d008055313bc18b199170cd
970d6c487668a2de47657aa67bf7f44ea39475f8fb711ab465a18882036a9148
GET /40f34d16-2978-11ed-abd9-8b8a9d616df8 HTTP/1.1
Host: api.quotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 171
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 21:59:59 GMT
server: nginx
api.quotes.com/40f34d16-2978-11ed-abd9-8b8a9d616df8?hr=1
5.79.68.236302 Found 11 B URL HTTP/1.1 api.quotes.com/40f34d16-2978-11ed-abd9-8b8a9d616df8?hr=1
IP 5.79.68.236:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /40f34d16-2978-11ed-abd9-8b8a9d616df8?hr=1 HTTP/1.1
Host: api.quotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 31 Aug 2022 21:59:59 GMT
location: http://btpnav.com/click?data=b3U3R3QtTW9DSzRSNy1hTEJ1UFp6RlRVME5nX3dUSFhHZkhnQU9QWGVrUHJDbzNYTE9TeVJicTJQQWpQZWdzU2EtcS1mTE9HbkZ1ejd0aVNVYkRzNjhydWJaVnRqaGlzMjUzbU5zcm1sQTRiN0hpT0pfak9ZSlhpa2VaZm9pUGVyS3JkUmd2OVpXYnRVTmR0a2ZsSng4MnpMMmZzQ0xnX2s2T3h4TS12bTY4MQ2&id=7417f93e-f7ec-44e9-998c-36a557628131
server: nginx
btpnav.com/click?data=b3U3R3QtTW9DSzRSNy1hTEJ1UFp6RlRVME5nX3dUSFhHZkhnQU9QWGVrUHJDbzNYTE9TeVJicTJQQWpQZWdzU2EtcS1mTE9HbkZ1ejd0aVNVYkRzNjhydWJaVnRqaGlzMjUzbU5zcm1sQTRiN0hpT0pfak9ZSlhpa2VaZm9pUGVyS3JkUmd2OVpXYnRVTmR0a2ZsSng4MnpMMmZzQ0xnX2s2T3h4TS12bTY4MQ2&id=7417f93e-f7ec-44e9-998c-36a557628131
209.15.13.136200 OK 2.1 kB URL HTTP/1.1 btpnav.com/click?data=b3U3R3QtTW9DSzRSNy1hTEJ1UFp6RlRVME5nX3dUSFhHZkhnQU9QWGVrUHJDbzNYTE9TeVJicTJQQWpQZWdzU2EtcS1mTE9HbkZ1ejd0aVNVYkRzNjhydWJaVnRqaGlzMjUzbU5zcm1sQTRiN0hpT0pfak9ZSlhpa2VaZm9pUGVyS3JkUmd2OVpXYnRVTmR0a2ZsSng4MnpMMmZzQ0xnX2s2T3h4TS12bTY4MQ2&id=7417f93e-f7ec-44e9-998c-36a557628131
IP 209.15.13.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 6dc9a50cc5751d06d4218940aa9069ab
20a6045f768299088b63a7d650d82d272a3cf6a2
bc5ebb061a784b9b598d5d5f8054c69cada0e511be37668440e076e8de994422
GET /click?data=b3U3R3QtTW9DSzRSNy1hTEJ1UFp6RlRVME5nX3dUSFhHZkhnQU9QWGVrUHJDbzNYTE9TeVJicTJQQWpQZWdzU2EtcS1mTE9HbkZ1ejd0aVNVYkRzNjhydWJaVnRqaGlzMjUzbU5zcm1sQTRiN0hpT0pfak9ZSlhpa2VaZm9pUGVyS3JkUmd2OVpXYnRVTmR0a2ZsSng4MnpMMmZzQ0xnX2s2T3h4TS12bTY4MQ2&id=7417f93e-f7ec-44e9-998c-36a557628131 HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: monltIBQLTkeCCo=monltIBQLTkeCCo; path=/
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 31 Aug 2022 21:59:59 GMT
Content-Length: 2144
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9087
Expires: Thu, 01 Sep 2022 00:31:26 GMT
Date: Wed, 31 Aug 2022 21:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9087
Expires: Thu, 01 Sep 2022 00:31:26 GMT
Date: Wed, 31 Aug 2022 21:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9087
Expires: Thu, 01 Sep 2022 00:31:26 GMT
Date: Wed, 31 Aug 2022 21:59:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 03y3JoF38R7gjBYS3gHyOsivob68ykKlwvAIFEwiat2FjYfKWh-afA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 22:47:54 GMT
age: 83525
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 084c7b9f1244ec72236ab517787af1e2
18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb
2ea7697ebc332bec201ffeaed54a738869b6c64784916574db2c7e6a7990fb3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5911
x-amzn-requestid: 4b7ce903-4a21-41bc-a58e-87e717c1bcee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xdbw5HBkoAMFl0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087338-223060135802402337db6309;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:16:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jg2FSfeO7fMWCXHnBni6NwnUxsg4zHlFbG8Nh-deWqM-152dum8NQA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:59:42 GMT
age: 17
etag: "18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97b6b2d0-435f-4820-aacb-843f0a7a375e.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97b6b2d0-435f-4820-aacb-843f0a7a375e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f4b18b62ff275079a412349f454f66c
3638ba3ef38c4aaeb31a12bb61aaf90034915954
d825ce440863c9a53cee3a8d0f2ca2d41e2e9176ee1234d3dd0ae861f047b031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97b6b2d0-435f-4820-aacb-843f0a7a375e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11115
x-amzn-requestid: 11b741c1-55f5-4c28-bbf9-bd828ed204b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xkns8G8cIAMFRAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b531f-1d56c9401b90dc206b010d08;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 11:35:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4CIqSMm5XXWISAncsk_wwHBlIO6Ll4BH3FT6tN7qEM1EDtFLr7_RLA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 04:01:00 GMT
age: 64739
etag: "3638ba3ef38c4aaeb31a12bb61aaf90034915954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9843fcd5eb49c75b942e3dd042f3a931
ff6de19656bc0ee5649c1367448116a9576a690a
8e9679e05e1b2194e44a962a19f226793b5d7fc2334df64f8dd560498532ad3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6266
x-amzn-requestid: 82231f45-328a-479a-b346-108fe6a0c190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjU6bEP5IAMFaGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630acea8-6545154a39b44bb04d3bc18c;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P_a-E2SVJUpYrlOzoX9kDtHoAeyEpcqEXau-5wDupR-9AAk3gQgaHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 10:00:10 GMT
age: 43189
etag: "ff6de19656bc0ee5649c1367448116a9576a690a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: et3ZsWRVoBNMpArUk9CohTyMpS5F0eKiR6cZJRfwAEiiFJUaeay58g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:44:24 GMT
age: 935
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db8548465788b6e73fc19c63575f7d32
0502c55da685e6a5bd3506b55cd96d639346ed82
c125a0828629e46996832fd04555f503e62c0dc0e8506f069487ba8ebb2db4a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7582
x-amzn-requestid: 65712628-13c0-42e2-a090-b21fde8bd026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xg0rgE_hIAMF1ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309ce49-5feadfad6c342ae96a5a26d7;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 07:56:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AaCY2PsUVPfvdDwb7itAqcRV9NZPkDxFs1QEiYZ_FjTNp9sH4bn5rg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 06:11:47 GMT
age: 56892
etag: "0502c55da685e6a5bd3506b55cd96d639346ed82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
btpnav.com/Redirect/
209.15.13.136302 Found 269 B IP 209.15.13.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bb91322daf426a63363ee9ba8f494d47
f5b47abe17046c66470088a9f81d660d71c32851
f59feeee7eee17445ac35d11e0f1d6d3af727b5ad97b4212c219ddc4df88e00d
POST /Redirect/ HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 358
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=b3U3R3QtTW9DSzRSNy1hTEJ1UFp6RlRVME5nX3dUSFhHZkhnQU9QWGVrUHJDbzNYTE9TeVJicTJQQWpQZWdzU2EtcS1mTE9HbkZ1ejd0aVNVYkRzNjhydWJaVnRqaGlzMjUzbU5zcm1sQTRiN0hpT0pfak9ZSlhpa2VaZm9pUGVyS3JkUmd2OVpXYnRVTmR0a2ZsSng4MnpMMmZzQ0xnX2s2T3h4TS12bTY4MQ2&id=7417f93e-f7ec-44e9-998c-36a557628131
Cookie: monltIBQLTkeCCo=monltIBQLTkeCCo
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://balor-ghn.com/zcvisitor/4108bf28-2978-11ed-98ba-1227ce64e6e3/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 31 Aug 2022 21:59:59 GMT
Content-Length: 269
balor-ghn.com/zcvisitor/4108bf28-2978-11ed-98ba-1227ce64e6e3/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
52.45.156.125200 996 B URL HTTP/1.1 balor-ghn.com/zcvisitor/4108bf28-2978-11ed-98ba-1227ce64e6e3/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a6456c2d8532284f6b40e173c5a7e4d5
307fd69d937b7b27b0c4a74b181a654944f59591
c0cd39cb14ff472d438126881bac3a04b9922af2bba6de7fd9e1e0225dd2f6e6
GET /zcvisitor/4108bf28-2978-11ed-98ba-1227ce64e6e3/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 31 Aug 2022 22:00:00 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: UJbFJdJk
balor-ghn.com/zcredirect?visitid=4108bf28-2978-11ed-98ba-1227ce64e6e3&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
52.45.156.125200 352 B URL HTTP/1.1 balor-ghn.com/zcredirect?visitid=4108bf28-2978-11ed-98ba-1227ce64e6e3&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 13714d081e1d3f4aa1096131ebd24862
54cc61457a583fd90a28374cb60cc2e1a5a3c5c7
d2155870d5ecd28f237204945e56604302496bc110b9cf22be1ff7d463e36abc
GET /zcredirect?visitid=4108bf28-2978-11ed-98ba-1227ce64e6e3&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcvisitor/4108bf28-2978-11ed-98ba-1227ce64e6e3/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 31 Aug 2022 22:00:00 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: UJbFJdJk
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4138d4bb1087da1cf619930bae46c9dd
b35ed79ae0591b993e2ef03b39afc731ba52100a
79b95088b61be2965e2c40f57ad22a4f72546107c07ec023b36213d90fa829b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79B95088B61BE2965E2C40F57AD22A4F72546107C07EC023B36213D90FA829B2"
Last-Modified: Tue, 30 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6033
Expires: Wed, 31 Aug 2022 23:40:33 GMT
Date: Wed, 31 Aug 2022 22:00:00 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=bravo-sap-1w6y90wp7q
78.46.197.88200 OK 347 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=bravo-sap-1w6y90wp7q
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (347), with no line terminators
Hash 4a3f53983cabf8b2f818b70ba77887ec
a83dbabace4716ac8e6da5a507602ca9dd60f2c7
849d6fc9338f078604340d43ecf1d47af6c41eac3e83a36d2893d17a32506e98
GET /s/r6?s=623619497&s2=gamboge-moose&s3=bravo-sap-1w6y90wp7q HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balor-ghn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 7c6f0df2063b237ac8cf7288b71cb75e=8e262bd75fe18ea84e5cdfe617635264deedee70a46e28b48ade13c02e1b2f67a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%227c6f0df2063b237ac8cf7288b71cb75e%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Thu, 01-Sep-2022 22:00:00 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 347
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 22:00:00 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
balor-ghn.com/favicon.ico
52.45.156.125404 653 B URL HTTP/1.1 balor-ghn.com/favicon.ico
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcredirect?visitid=4108bf28-2978-11ed-98ba-1227ce64e6e3&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Wed, 31 Aug 2022 22:00:00 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: knOBZYIX
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2842ac670384e56915ba6a294e93df0a
d22f2eba701c9d1a0c8af63970ef613c00e58252
7ac43f676c1f354daae628d461225cb9b898e69f3330d3aafb16e37891faa587
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7AC43F676C1F354DAAE628D461225CB9B898E69F3330D3AAFB16E37891FAA587"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5450
Expires: Wed, 31 Aug 2022 23:30:50 GMT
Date: Wed, 31 Aug 2022 22:00:00 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=miinto.no&s1=623619497&s2=gamboge-moose&s3=bravo-sap-1w6y90wp7q&s5=cf
157.90.169.168200 OK 939 B URL HTTP/2 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=miinto.no&s1=623619497&s2=gamboge-moose&s3=bravo-sap-1w6y90wp7q&s5=cf
IP 157.90.169.168:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Hash 2f6af02d0158ac80994f51d0a029f4fa
da5e3f9ec18c8d6f3c16ce669b91cd6831117e87
0d743663e417a1399f820714e2464768b40ad63dd69d8fd92f24d17483703a75
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=miinto.no&s1=623619497&s2=gamboge-moose&s3=bravo-sap-1w6y90wp7q&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.30
set-cookie: 20fb0acdec9620ec03b3785e68c02f5b=15da8a172606f7e922d78041feb2b856876e71914313631612af988a8c4cda28a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2220fb0acdec9620ec03b3785e68c02f5b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Thu, 01-Sep-2022 22:00:00 GMT; Max-Age=86399; path=/; HttpOnly
content-length: 939
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 22:00:00 GMT
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
X-Firefox-Spdy: h2
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DM0RpaXdHbjJ2STFUZTZaYW9pOTRvKytNdTBuL1lGOEphVCszc3E3VVZkRVBVdlNDNVZLS3g4Ymd1Q1V5WVRHczVBL2Q1cUhhVEZnc05BbS9MTUNycUZpV290WEozM1VQc0U5R0xrM0dCM21oZ2ZzK2ljcXpRSDd3dzU0QmhIN0dSRFU2aWJwOW5HU0hWN0JpalcyYk81cWNKVTMrS1I1bDdhV2l0MTFWQTN2WVF6dlVsNTZVWm52Wk5QSEMwVDVBdVlGOUhpSmxkcUk3ejlUUjRrakNiYVZXVkpMNnRRTGJuV0JiR2lWSDRjU3dSZkdSK3VhVnJQT1VMY0J1ZG1iNnpzQmg1NXNEclZmdWlIQzR3Q2xkZmNhUVBFc0ozcVBLVXo1dzExTHR3Sit0NzR5elh2N0VjRVhqa1lhTm9KTHZKcEtaSGxJR084Ylg2ME5CV1lob2ZPdUlkL05HaklpUkxKcDdRTXRiTG1rUkttQlI1VGJqT1BEVnRWVjd4U3gxVW52VVdKa3VjalRkMStsakdRNlBKem1XMVFqTUVJVXVuSWJIUWc9PQ%3D%3D%26i%3DOGzFqXy4OjBmtfNy%26placementId%3D1072162308cca46e820985bd1bb23634&h=acc5285f1b098c3b20fb01a75c852684
157.90.169.168200 OK 867 B URL HTTP/2 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DM0RpaXdHbjJ2STFUZTZaYW9pOTRvKytNdTBuL1lGOEphVCszc3E3VVZkRVBVdlNDNVZLS3g4Ymd1Q1V5WVRHczVBL2Q1cUhhVEZnc05BbS9MTUNycUZpV290WEozM1VQc0U5R0xrM0dCM21oZ2ZzK2ljcXpRSDd3dzU0QmhIN0dSRFU2aWJwOW5HU0hWN0JpalcyYk81cWNKVTMrS1I1bDdhV2l0MTFWQTN2WVF6dlVsNTZVWm52Wk5QSEMwVDVBdVlGOUhpSmxkcUk3ejlUUjRrakNiYVZXVkpMNnRRTGJuV0JiR2lWSDRjU3dSZkdSK3VhVnJQT1VMY0J1ZG1iNnpzQmg1NXNEclZmdWlIQzR3Q2xkZmNhUVBFc0ozcVBLVXo1dzExTHR3Sit0NzR5elh2N0VjRVhqa1lhTm9KTHZKcEtaSGxJR084Ylg2ME5CV1lob2ZPdUlkL05HaklpUkxKcDdRTXRiTG1rUkttQlI1VGJqT1BEVnRWVjd4U3gxVW52VVdKa3VjalRkMStsakdRNlBKem1XMVFqTUVJVXVuSWJIUWc9PQ%3D%3D%26i%3DOGzFqXy4OjBmtfNy%26placementId%3D1072162308cca46e820985bd1bb23634&h=acc5285f1b098c3b20fb01a75c852684
IP 157.90.169.168:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Hash 6ee9f2950629dada5e61bdcc4ee7b8c7
f9c44854b430f441998dfd6892374ce67cd7ed34
7e91c927324d8c1af1f6eb50d9bc26e8a9da05cca45b981b884db3c48a405816
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DM0RpaXdHbjJ2STFUZTZaYW9pOTRvKytNdTBuL1lGOEphVCszc3E3VVZkRVBVdlNDNVZLS3g4Ymd1Q1V5WVRHczVBL2Q1cUhhVEZnc05BbS9MTUNycUZpV290WEozM1VQc0U5R0xrM0dCM21oZ2ZzK2ljcXpRSDd3dzU0QmhIN0dSRFU2aWJwOW5HU0hWN0JpalcyYk81cWNKVTMrS1I1bDdhV2l0MTFWQTN2WVF6dlVsNTZVWm52Wk5QSEMwVDVBdVlGOUhpSmxkcUk3ejlUUjRrakNiYVZXVkpMNnRRTGJuV0JiR2lWSDRjU3dSZkdSK3VhVnJQT1VMY0J1ZG1iNnpzQmg1NXNEclZmdWlIQzR3Q2xkZmNhUVBFc0ozcVBLVXo1dzExTHR3Sit0NzR5elh2N0VjRVhqa1lhTm9KTHZKcEtaSGxJR084Ylg2ME5CV1lob2ZPdUlkL05HaklpUkxKcDdRTXRiTG1rUkttQlI1VGJqT1BEVnRWVjd4U3gxVW52VVdKa3VjalRkMStsakdRNlBKem1XMVFqTUVJVXVuSWJIUWc9PQ%3D%3D%26i%3DOGzFqXy4OjBmtfNy%26placementId%3D1072162308cca46e820985bd1bb23634&h=acc5285f1b098c3b20fb01a75c852684 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 20fb0acdec9620ec03b3785e68c02f5b=15da8a172606f7e922d78041feb2b856876e71914313631612af988a8c4cda28a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2220fb0acdec9620ec03b3785e68c02f5b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.30
content-length: 867
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 22:00:01 GMT
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75634acc62f3e71ebb34c0ddb3871e1
111b57d02f266798423c97ba6a11f425db5e7d07
5ccf20f35ea6aaf85888cf0009d80fb934a150cf5425e277d58721aceda1749a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CCF20F35EA6AAF85888CF0009D80FB934A150CF5425E277D58721ACEDA1749A"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16948
Expires: Thu, 01 Sep 2022 02:42:29 GMT
Date: Wed, 31 Aug 2022 22:00:01 GMT
Connection: keep-alive
api.yadore.com/v2/r?e=M0RpaXdHbjJ2STFUZTZaYW9pOTRvKytNdTBuL1lGOEphVCszc3E3VVZkRVBVdlNDNVZLS3g4Ymd1Q1V5WVRHczVBL2Q1cUhhVEZnc05BbS9MTUNycUZpV290WEozM1VQc0U5R0xrM0dCM21oZ2ZzK2ljcXpRSDd3dzU0QmhIN0dSRFU2aWJwOW5HU0hWN0JpalcyYk81cWNKVTMrS1I1bDdhV2l0MTFWQTN2WVF6dlVsNTZVWm52Wk5QSEMwVDVBdVlGOUhpSmxkcUk3ejlUUjRrakNiYVZXVkpMNnRRTGJuV0JiR2lWSDRjU3dSZkdSK3VhVnJQT1VMY0J1ZG1iNnpzQmg1NXNEclZmdWlIQzR3Q2xkZmNhUVBFc0ozcVBLVXo1dzExTHR3Sit0NzR5elh2N0VjRVhqa1lhTm9KTHZKcEtaSGxJR084Ylg2ME5CV1lob2ZPdUlkL05HaklpUkxKcDdRTXRiTG1rUkttQlI1VGJqT1BEVnRWVjd4U3gxVW52VVdKa3VjalRkMStsakdRNlBKem1XMVFqTUVJVXVuSWJIUWc9PQ==&i=OGzFqXy4OjBmtfNy&placementId=1072162308cca46e820985bd1bb23634
88.99.112.6302 Found 0 B URL HTTP/2 api.yadore.com/v2/r?e=M0RpaXdHbjJ2STFUZTZaYW9pOTRvKytNdTBuL1lGOEphVCszc3E3VVZkRVBVdlNDNVZLS3g4Ymd1Q1V5WVRHczVBL2Q1cUhhVEZnc05BbS9MTUNycUZpV290WEozM1VQc0U5R0xrM0dCM21oZ2ZzK2ljcXpRSDd3dzU0QmhIN0dSRFU2aWJwOW5HU0hWN0JpalcyYk81cWNKVTMrS1I1bDdhV2l0MTFWQTN2WVF6dlVsNTZVWm52Wk5QSEMwVDVBdVlGOUhpSmxkcUk3ejlUUjRrakNiYVZXVkpMNnRRTGJuV0JiR2lWSDRjU3dSZkdSK3VhVnJQT1VMY0J1ZG1iNnpzQmg1NXNEclZmdWlIQzR3Q2xkZmNhUVBFc0ozcVBLVXo1dzExTHR3Sit0NzR5elh2N0VjRVhqa1lhTm9KTHZKcEtaSGxJR084Ylg2ME5CV1lob2ZPdUlkL05HaklpUkxKcDdRTXRiTG1rUkttQlI1VGJqT1BEVnRWVjd4U3gxVW52VVdKa3VjalRkMStsakdRNlBKem1XMVFqTUVJVXVuSWJIUWc9PQ==&i=OGzFqXy4OjBmtfNy&placementId=1072162308cca46e820985bd1bb23634
IP 88.99.112.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r?e=M0RpaXdHbjJ2STFUZTZaYW9pOTRvKytNdTBuL1lGOEphVCszc3E3VVZkRVBVdlNDNVZLS3g4Ymd1Q1V5WVRHczVBL2Q1cUhhVEZnc05BbS9MTUNycUZpV290WEozM1VQc0U5R0xrM0dCM21oZ2ZzK2ljcXpRSDd3dzU0QmhIN0dSRFU2aWJwOW5HU0hWN0JpalcyYk81cWNKVTMrS1I1bDdhV2l0MTFWQTN2WVF6dlVsNTZVWm52Wk5QSEMwVDVBdVlGOUhpSmxkcUk3ejlUUjRrakNiYVZXVkpMNnRRTGJuV0JiR2lWSDRjU3dSZkdSK3VhVnJQT1VMY0J1ZG1iNnpzQmg1NXNEclZmdWlIQzR3Q2xkZmNhUVBFc0ozcVBLVXo1dzExTHR3Sit0NzR5elh2N0VjRVhqa1lhTm9KTHZKcEtaSGxJR084Ylg2ME5CV1lob2ZPdUlkL05HaklpUkxKcDdRTXRiTG1rUkttQlI1VGJqT1BEVnRWVjd4U3gxVW52VVdKa3VjalRkMStsakdRNlBKem1XMVFqTUVJVXVuSWJIUWc9PQ==&i=OGzFqXy4OjBmtfNy&placementId=1072162308cca46e820985bd1bb23634 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 22:00:01 GMT
location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1661972888964&.sig=enp9kh2B69E3YpjK4glGEtNA6Hw-&affiliationId=96965886&comId=15970813&country=no&offerId=8c5987dfc67d35fe8258db612e6402fc&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.3
content-length: 0
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9e33fcf47a18f7d62c43b805e3ac89cc
ae2b8075e308949e757093b7ab223838a10f209e
576b8740ef768eb9d7e1143d1b375d2ddf526eaab125cce0a0025875dcf3eae9
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6212
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:01 GMT
Last-Modified: Wed, 31 Aug 2022 20:16:30 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1661972888964&.sig=enp9kh2B69E3YpjK4glGEtNA6Hw-&affiliationId=96965886&comId=15970813&country=no&offerId=8c5987dfc67d35fe8258db612e6402fc&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa&custom2=SRdytlITOR16&custom3=false
95.211.116.27200 OK 33 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1661972888964&.sig=enp9kh2B69E3YpjK4glGEtNA6Hw-&affiliationId=96965886&comId=15970813&country=no&offerId=8c5987dfc67d35fe8258db612e6402fc&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa&custom2=SRdytlITOR16&custom3=false
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12978)
Hash 0ecd68dba023fed47145d591a50bde3f
5063452dc29d8cabefdfa9318f247b30dcf38be5
3e986a0b36b211d8e41162a8f17820a10f1100fc2f1dce62cd25f27fc379cdbd
GET /ctl/go/offersearchGo?.ts=1661972888964&.sig=enp9kh2B69E3YpjK4glGEtNA6Hw-&affiliationId=96965886&comId=15970813&country=no&offerId=8c5987dfc67d35fe8258db612e6402fc&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 22:00:01 GMT
leadId: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806
clickId: 107698154_1661983201649_7992029
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.028253S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 32777
Set-Cookie: datadome=HkQ0aR_HZ6SJ~AJd0JY-H_atR15gRLnFE59JUMIgOxbaYoN2e38iT.0NCptm0JOwKNd3UkNbhf3ffXI8TbaFB2V6UbeUoTTYRnjm9HTPQV.U1s52CDt26vODFbjZE~T; Max-Age=31536000; Expires=Thu, 31 Aug 2023 22:00:01 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c629a-182f5eb1971-21c795; Max-Age=31536000; Expires=Thu, 31 Aug 2023 22:00:01 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=84
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1661972888964&.sig=enp9kh2B69E3YpjK4glGEtNA6Hw-&affiliationId=96965886&comId=15970813&country=no&offerId=8c5987dfc67d35fe8258db612e6402fc&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=HkQ0aR_HZ6SJ~AJd0JY-H_atR15gRLnFE59JUMIgOxbaYoN2e38iT.0NCptm0JOwKNd3UkNbhf3ffXI8TbaFB2V6UbeUoTTYRnjm9HTPQV.U1s52CDt26vODFbjZE~T; kelkooID=a4c629a-182f5eb1971-21c795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 22:00:01 GMT
Request-Time: PT0.003328S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=65
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1661972888964&.sig=enp9kh2B69E3YpjK4glGEtNA6Hw-&affiliationId=96965886&comId=15970813&country=no&offerId=8c5987dfc67d35fe8258db612e6402fc&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa&custom2=SRdytlITOR16&custom3=false
Content-Type: text/plain;charset=utf-8
Content-Length: 520
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=HkQ0aR_HZ6SJ~AJd0JY-H_atR15gRLnFE59JUMIgOxbaYoN2e38iT.0NCptm0JOwKNd3UkNbhf3ffXI8TbaFB2V6UbeUoTTYRnjm9HTPQV.U1s52CDt26vODFbjZE~T; kelkooID=a4c629a-182f5eb1971-21c795; _ga=GA1.2.1602508068.1661983201; _gid=GA1.2.1411332740.1661983201
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 22:00:01 GMT
Request-Time: PT0.005222S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=83
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029&url=https%3A%2F%2Fwww.awin1.com%2Fcread.php%3Fawinmid%3D8946%26clickref%3Ddc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806%26awinaffid%3D369759%26platform%3Dtp%26networkref1%3Dgclid_%26ued%3Dhttps%253A%252F%252Fwww.miinto.no%252Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029&url=https%3A%2F%2Fwww.awin1.com%2Fcread.php%3Fawinmid%3D8946%26clickref%3Ddc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806%26awinaffid%3D369759%26platform%3Dtp%26networkref1%3Dgclid_%26ued%3Dhttps%253A%252F%252Fwww.miinto.no%252Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a787583ddca7e537d974bae551eac149ca968e38d44496b0f73fcd7e9a76dd033b4e97ac35465e4493e98fff87b512f5a30a0d8abe86ea6acdfe0cbe4af201cb1cf852aa07ba11137ce768746cefae88c9f69d3fc7ed550e81836a5551ad55ac92e07cf86af90f1805969861d8193859409aa7110d86568b6ad81741cfb7f915a075557f823f2159c823e25490d64e12da1ad65971e87ed02fbafb63dfc104712c440206ba30b8a2f402a1ffaa3139be79f93e62bf9661587dd9116436ddf0bb3a9153b9f34bdc883b2c90304a0c325693b5c41ddc3eb40f73a27b17b954cbc05c603378505c103b90c0553849a1ef5040814acb09ddcf23124edb00cd53207d20&leadId=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&clickId=107698154_1661983201649_7992029&url=https%3A%2F%2Fwww.awin1.com%2Fcread.php%3Fawinmid%3D8946%26clickref%3Ddc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806%26awinaffid%3D369759%26platform%3Dtp%26networkref1%3Dgclid_%26ued%3Dhttps%253A%252F%252Fwww.miinto.no%252Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1661972888964&.sig=enp9kh2B69E3YpjK4glGEtNA6Hw-&affiliationId=96965886&comId=15970813&country=no&offerId=8c5987dfc67d35fe8258db612e6402fc&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=b0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=HkQ0aR_HZ6SJ~AJd0JY-H_atR15gRLnFE59JUMIgOxbaYoN2e38iT.0NCptm0JOwKNd3UkNbhf3ffXI8TbaFB2V6UbeUoTTYRnjm9HTPQV.U1s52CDt26vODFbjZE~T; kelkooID=a4c629a-182f5eb1971-21c795; _ga=GA1.2.1602508068.1661983201; _gid=GA1.2.1411332740.1661983201
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Wed, 31 Aug 2022 22:00:01 GMT
leadId: dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806
clickId: 107698154_1661983201649_7992029
country: no
Location: https://www.awin1.com/cread.php?awinmid=8946&clickref=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.016788S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=.-nQzxcDiTOFpbAeZF_4WKUgaB91xXxWWsiw8tBWrAAPC2ouD1m8Z_xCid1AM9e3XmRagW8y0hVynMVa1EWIAzvoiapttEBsGnSymqMCaBx6YhcRu.KIEuxZOMM_Cwa7; Max-Age=31536000; Expires=Thu, 31 Aug 2023 22:00:01 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=99
Connection: Keep-Alive
Content-Type: text/plain
www.awin1.com/cread.php?awinmid=8946&clickref=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e
2.21.192.211302 Moved Temporarily 0 B URL HTTP/1.1 www.awin1.com/cread.php?awinmid=8946&clickref=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e
IP 2.21.192.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cread.php?awinmid=8946&clickref=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e HTTP/1.1
Host: www.awin1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Cookie: bId=HLEX_628f00ae0f3690.47151114
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://www.zenaps.com/rclick.php?mid=8946&c_len=2592000&c_ts=1661983202&c_cnt=369759%7C0%7C0%7C1661983202%7Cdc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806%7Ctp%7C0&ir=434ae6f0-2978-11ed-96ab-2230957fd0f4&pr=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e%3Futm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26awc%3D8946_1661983202_74327e5b5b3f8a5214fa613810e416ea%26utm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26utm_content%3D369759&bId=HLEX_628f00ae0f3690.47151114&cookie=1&c_d=zenaps.com
Allow: GET
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Wed, 31 Aug 2022 22:00:02 GMT
Connection: keep-alive
Set-Cookie: aw8946=369759|0|0|1661983202|dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806|tp|0;domain=.awin1.com;path=/;expires=Friday, 30-Sep-2022 22:00:02 UTC;Secure;SameSite=None
bId=HLEX_628f00ae0f3690.47151114;domain=.awin1.com;path=/;expires=Thursday, 31-Aug-2023 22:00:02 UTC;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default
www.zenaps.com/rclick.php?mid=8946&c_len=2592000&c_ts=1661983202&c_cnt=369759%7C0%7C0%7C1661983202%7Cdc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806%7Ctp%7C0&ir=434ae6f0-2978-11ed-96ab-2230957fd0f4&pr=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e%3Futm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26awc%3D8946_1661983202_74327e5b5b3f8a5214fa613810e416ea%26utm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26utm_content%3D369759&bId=HLEX_628f00ae0f3690.47151114&cookie=1&c_d=zenaps.com
2.21.192.211302 Moved Temporarily 0 B URL HTTP/1.1 www.zenaps.com/rclick.php?mid=8946&c_len=2592000&c_ts=1661983202&c_cnt=369759%7C0%7C0%7C1661983202%7Cdc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806%7Ctp%7C0&ir=434ae6f0-2978-11ed-96ab-2230957fd0f4&pr=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e%3Futm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26awc%3D8946_1661983202_74327e5b5b3f8a5214fa613810e416ea%26utm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26utm_content%3D369759&bId=HLEX_628f00ae0f3690.47151114&cookie=1&c_d=zenaps.com
IP 2.21.192.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rclick.php?mid=8946&c_len=2592000&c_ts=1661983202&c_cnt=369759%7C0%7C0%7C1661983202%7Cdc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806%7Ctp%7C0&ir=434ae6f0-2978-11ed-96ab-2230957fd0f4&pr=https%3A%2F%2Fwww.miinto.no%2Fp-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e%3Futm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26awc%3D8946_1661983202_74327e5b5b3f8a5214fa613810e416ea%26utm_source%3DAwin%26utm_medium%3DAffiliates%26utm_campaign%3DKelkoo%2BNorway%26utm_content%3D369759&bId=HLEX_628f00ae0f3690.47151114&cookie=1&c_d=zenaps.com HTTP/1.1
Host: www.zenaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Allow: GET
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Wed, 31 Aug 2022 22:00:02 GMT
Connection: keep-alive
Set-Cookie: aw8946=369759|0|0|1661983202|dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806|tp|0;domain=.zenaps.com;path=/;expires=Friday, 30-Sep-2022 22:00:02 UTC;Secure;SameSite=None
bId=HLEX_628f00ae0f3690.47151114;domain=.zenaps.com;path=/;expires=Thursday, 31-Aug-2023 22:00:02 UTC;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 7b31126220ecd1600006c0bdf49f7aa5
697b4995edc878c4fb04a682c92928fc2c815097
f23ffecd11358937efe0657f5b4d45f960f06f19672b37e2c5a0c71dcc5b21b7
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=420
Date: Wed, 31 Aug 2022 22:00:02 GMT
Connection: keep-alive
X-N: S
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1661972888964%26.sig%3Denp9kh2B69E3YpjK4glGEtNA6Hw-%26affiliationId%3D96965886%26comId%3D15970813%26country%3Dno%26offerId%3D8c5987dfc67d35fe8258db612e6402fc%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Db0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C15970813%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Miinto.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1602508068.1661983201&tid=UA-168544891-6&_gid=1411332740.1661983201&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&cd3=15970813&cd4=a4c629a-182f5eb1971-21c795&cd5=&cd6=96965886%7C15970813%7C&z=939012415
216.239.36.178200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1661972888964%26.sig%3Denp9kh2B69E3YpjK4glGEtNA6Hw-%26affiliationId%3D96965886%26comId%3D15970813%26country%3Dno%26offerId%3D8c5987dfc67d35fe8258db612e6402fc%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Db0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C15970813%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Miinto.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1602508068.1661983201&tid=UA-168544891-6&_gid=1411332740.1661983201&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&cd3=15970813&cd4=a4c629a-182f5eb1971-21c795&cd5=&cd6=96965886%7C15970813%7C&z=939012415
IP 216.239.36.178:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1661972888964%26.sig%3Denp9kh2B69E3YpjK4glGEtNA6Hw-%26affiliationId%3D96965886%26comId%3D15970813%26country%3Dno%26offerId%3D8c5987dfc67d35fe8258db612e6402fc%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Db0c3ed365470991be30eea137e6d9adb9fe6d7e72505c3b04cf6d81054abdffa%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C15970813%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Miinto.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1602508068.1661983201&tid=UA-168544891-6&_gid=1411332740.1661983201&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-04.prod.dc1.kelkoo.net_1661983201658_5340806&cd3=15970813&cd4=a4c629a-182f5eb1971-21c795&cd5=&cd6=96965886%7C15970813%7C&z=939012415 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Wed, 31 Aug 2022 22:00:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
media.richrelevance.com/rrserver/js/1.2/p13n.js
23.32.86.186200 OK 6.9 kB URL HTTP/1.1 media.richrelevance.com/rrserver/js/1.2/p13n.js
IP 23.32.86.186:0
File type ASCII text, with very long lines (26579)
Hash ad424df7448dc2ec65e0bbaae775df0f
21265b09ff4ffe52bac30857c888c3840842f788
0b16fbb520c3b9decec27452152e0ef9c3505f3a1dd6f1403786b4bbcb655eee
GET /rrserver/js/1.2/p13n.js HTTP/1.1
Host: media.richrelevance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7b13b5fa5d33cbe9ac757819a0ae651c:1613693450.507675"
Last-Modified: Fri, 19 Feb 2021 00:10:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Date: Wed, 31 Aug 2022 22:00:03 GMT
Content-Length: 6897
Connection: keep-alive
www.miinto.no/static/dist/scripts/bundle.js?v=d980260
35.187.26.138200 OK 187 kB URL HTTP/2 www.miinto.no/static/dist/scripts/bundle.js?v=d980260
IP 35.187.26.138:0
Size 187 kB (187116 bytes)
Hash 1d57c923d57cacb3b591cfdd01052f53
7636af3c3bd20a0ca0f9f10692f8cf8d79a7f98f
f239c0ef17bbf7ab0307e69ba221d2b3147dab5eaf811baed0aab0309c7c5ecd
GET /static/dist/scripts/bundle.js?v=d980260 HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:04:05 GMT
etag: W/"6305f795-93d19"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/uc.js
152.199.21.175200 OK 11 kB URL HTTP/2 policy.app.cookieinformation.com/uc.js
IP 152.199.21.175:0
File type Unicode text, UTF-8 text, with very long lines (33201), with no line terminators
Hash f096dfcc34bf455b0fd5b43603a7dc51
09c98be307cbb60cef4d617b278a14611deb0d76
8152a99480049a7aeb1191c04ca239ce302787e5ed1a973f322bce448a027ff9
GET /uc.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 277
cache-control: max-age=300
content-md5: YyTyzryZ1u1047qORND22Q==
content-type: application/javascript
date: Wed, 31 Aug 2022 22:00:03 GMT
etag: 0x8DA84FAB7B28C0C
expires: Wed, 31 Aug 2022 22:05:03 GMT
last-modified: Tue, 23 Aug 2022 11:29:18 GMT
server: ECAcc (ska/F74D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 39abd602-301e-0019-0a84-bdb8f6000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 10618
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookiesharingiframe.html
152.199.21.175200 OK 2.8 kB URL HTTP/2 policy.app.cookieinformation.com/cookiesharingiframe.html
IP 152.199.21.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8796), with no line terminators
Hash 107035bc926fce470b4cd03d6fe1d202
91b7ce44b36961c28806c34f791198f085b3a919
25bc551ac5064781562fe7cab984f6647cb700cb05fa6de2f0c72cd4d95f42a1
GET /cookiesharingiframe.html HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 286
cache-control: max-age=300
content-md5: xqkKVmywb8mz//pJblCHTA==
content-type: text/html
date: Wed, 31 Aug 2022 22:00:03 GMT
etag: 0x8DA84FAB7B32853
expires: Wed, 31 Aug 2022 22:05:03 GMT
last-modified: Tue, 23 Aug 2022 11:29:18 GMT
server: ECAcc (ska/F754)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1c7f1080-d01e-0097-2684-bd6e40000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 2809
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookie-data/miinto.no/cabl.json
152.199.21.175200 OK 1.2 kB URL HTTP/2 policy.app.cookieinformation.com/cookie-data/miinto.no/cabl.json
IP 152.199.21.175:0
File type JSON data\012- , ASCII text, with very long lines (7066), with no line terminators
Hash a6fdc4ca088eaf555435d7f6de233dde
792593f700aecb8ff90262ac1210a4273cb67860
c532601d5bd7243a6951a1c2b097b82b8e90a442dda0a903d5b7439fc3454d8c
GET /cookie-data/miinto.no/cabl.json HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.miinto.no
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 220
cache-control: max-age=300
content-md5: teVv2EGDV6BnqgXZo7dYIg==
content-type: application/json
date: Wed, 31 Aug 2022 22:00:03 GMT
etag: 0x8DA84F721D7D041
expires: Wed, 31 Aug 2022 22:05:03 GMT
last-modified: Tue, 23 Aug 2022 11:03:38 GMT
server: ECAcc (ska/F76E)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c2950a23-b01e-0091-6e84-bd5dff000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 1155
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.miinto.no/static/styles/dist/sprite.svg?v=d980260
35.187.26.138200 OK 221 kB URL HTTP/2 www.miinto.no/static/styles/dist/sprite.svg?v=d980260
IP 35.187.26.138:0
Size 221 kB (220927 bytes)
Hash 7dee1fe71578ccf911a8a6041d7f75bf
95a54f33bd10a92c4c08d3f93e886e18fac34f63
6d74280e87ed3527f8e1ef8a2ec8ef3c01b1f2b929073ad013bffb3864f5088b
GET /static/styles/dist/sprite.svg?v=d980260 HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Wed, 24 Aug 2022 10:04:06 GMT
etag: W/"6305f796-5a15f"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.miinto.no/static/dist/styles/main.css?v=d980260
35.187.26.138200 OK 72 kB URL HTTP/2 www.miinto.no/static/dist/styles/main.css?v=d980260
IP 35.187.26.138:0
Hash d444466874be5e9356c3ecb95441fe8e
5a275edbe49ada8c7ee6d7e9e733d8d6ede56978
b04c42909e42d06903f0a575eb0ccabb9d692651397bd5a03b5cadaf1cf8a68d
GET /static/dist/styles/main.css?v=d980260 HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 10:04:09 GMT
etag: W/"6305f799-62dd9"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.miinto.no/static/graphics/cards/payment-method-emaerket-no.png
35.187.26.138200 OK 96 kB URL HTTP/2 www.miinto.no/static/graphics/cards/payment-method-emaerket-no.png
IP 35.187.26.138:0
Hash bd3d8235658be1a8e1182d70839af2ae
2a4b4bed12bffc9717ecfe741d48be8e222c898e
7c140e9f0990fe6f8f8d2232f9579bfc309074f0ade4231459ed03166c877fe3
GET /static/graphics/cards/payment-method-emaerket-no.png HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: image/png
last-modified: Wed, 31 Aug 2022 10:54:01 GMT
etag: W/"630f3dc9-117c"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.miinto.no/static/scripts/base/lazyloader.min.js
35.187.26.138200 OK 17 kB URL HTTP/2 www.miinto.no/static/scripts/base/lazyloader.min.js
IP 35.187.26.138:0
Hash e0518c385e7d0c83cd9fc12e3c9c4cb7
2f9a9975c42bf077d43ea840bcebd574fb468046
b332fc556b01f00b9e59a88c37f88104e1d53affb14e3fb932f1123ced741932
GET /static/scripts/base/lazyloader.min.js HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:01:56 GMT
etag: W/"6305f714-28c"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17660, version 1.0\012- data
Hash cfdce67a2e07ba6cf05e0292d7f3f9b7
dcad1b9e50f8ef49ec4600fe88c68c165d9b7e61
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c
GET /s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.miinto.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Aug 2022 15:46:55 GMT
expires: Sat, 26 Aug 2023 15:46:55 GMT
cache-control: public, max-age=31536000
age: 454388
last-modified: Mon, 11 Jul 2022 21:02:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hiA.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hiA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17552, version 1.0\012- data
Hash 0627ec86dfad171ba217bbc765326ed7
d83f8aac9cb272a8825602735e3766f4975d5c68
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
GET /s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.miinto.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 20:02:29 GMT
expires: Tue, 29 Aug 2023 20:02:29 GMT
cache-control: public, max-age=31536000
age: 179854
last-modified: Mon, 11 Jul 2022 21:02:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.miinto.no/static/graphics/cards/payment-vipps.png
35.187.26.138200 OK 1.5 kB URL HTTP/2 www.miinto.no/static/graphics/cards/payment-vipps.png
IP 35.187.26.138:0
Hash 8e2d6a2eac5bfb241fe3aa7b87ebfb00
91461a1911584498836044758b5091d84e37baab
912b116ff599bbb629de4994e85edcdf5ab4dfa9d5632d9b8302d83bf92344f6
GET /static/graphics/cards/payment-vipps.png HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: image/png
last-modified: Wed, 31 Aug 2022 10:49:46 GMT
etag: W/"630f3cca-4ac"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/ff83e4/miinto.no/nb.js
152.199.21.175200 OK 19 kB URL HTTP/2 policy.app.cookieinformation.com/ff83e4/miinto.no/nb.js
IP 152.199.21.175:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65350)
Hash 16c520ffba5208f664f252c4956c195b
2ef8006daffba14771f625a2590ed3aecb8d4159
de8c99daff82fd77e3daea7cca395c24caaab7c9f1c7547fa6fb8b6fcd11099a
GET /ff83e4/miinto.no/nb.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 71
cache-control: max-age=300
content-md5: j1yyT5tJDvru6wPI6AqRXw==
content-type: application/javascript
date: Wed, 31 Aug 2022 22:00:03 GMT
etag: 0x8DA84F721EA92C6
expires: Wed, 31 Aug 2022 22:05:03 GMT
last-modified: Tue, 23 Aug 2022 11:03:38 GMT
server: ECAcc (ska/F7A8)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f14e50ad-801e-0023-5084-bda28e000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 19363
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a54616e27129cca7cfef3c79add26963
750ea50c997295f3d9510c52064972e21b1351c4
1e516030379a290be46890464dc52b0bddbe0b09782dc7087d3a05f66f196105
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4795
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:03 GMT
Last-Modified: Wed, 31 Aug 2022 20:40:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a54616e27129cca7cfef3c79add26963
750ea50c997295f3d9510c52064972e21b1351c4
1e516030379a290be46890464dc52b0bddbe0b09782dc7087d3a05f66f196105
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4795
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:03 GMT
Last-Modified: Wed, 31 Aug 2022 20:40:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
static.miinto.net/products/350525cbc24b50a10a6c84c78ea976be.jpg?width=400&height=600&title=turtleneck
35.195.247.162200 OK 8.1 kB URL HTTP/2 static.miinto.net/products/350525cbc24b50a10a6c84c78ea976be.jpg?width=400&height=600&title=turtleneck
IP 35.195.247.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x600, components 3\012- data
Hash 1119726b7521d4ec88c1853bcf442fca
7d0a826a66d097008be273e090b087cf3fb99c01
c69a3c2997abf0a0e9ce6a5cb032acf213dd8dadaf0afed55c744e3af5cce912
GET /products/350525cbc24b50a10a6c84c78ea976be.jpg?width=400&height=600&title=turtleneck HTTP/1.1
Host: static.miinto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:04 GMT
content-type: image/jpeg
content-length: 8136
cache-control: max-age=31536000
x-varnish: 357761083
age: 0
via: 1.1 varnish (Varnish/6.6)
accept-ranges: bytes
strict-transport-security: max-age=17280000;
X-Firefox-Spdy: h2
miinto.sspinc.io/v1/ssp.js?env=prd&lang=no
54.230.111.90200 OK 87 kB URL HTTP/2 miinto.sspinc.io/v1/ssp.js?env=prd&lang=no
IP 54.230.111.90:0
File type ASCII text, with very long lines (65433)
Hash 9b2d58006929cf3636e3001ba6b4d4be
47da5cbf7ecc5ec9c627b001d53e56efb7047ff4
20fb9abf4b0c99aad12028a42c9affd1b26b5dd86ccfa879ea9d71866cfeabfe
GET /v1/ssp.js?env=prd&lang=no HTTP/1.1
Host: miinto.sspinc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200, public
content-encoding: gzip
date: Wed, 31 Aug 2022 20:14:33 GMT
etag: W/"7a0d57940fea47643e91b6981a40e584"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 5a7515fe9873b09f42e3ad5654c27172
x-runtime: 0.042375
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xM18LsXoNH7xGemt5CW0vbo6F1sHCn47zZHRZzJhQNZWDPOLBFfJMg==
age: 6331
X-Firefox-Spdy: h2
static.miinto.net/products/350525cbc24b50a10a6c84c78ea976be.jpg?width=90&height=145&title=turtleneck
35.195.247.162200 OK 1.5 kB URL HTTP/2 static.miinto.net/products/350525cbc24b50a10a6c84c78ea976be.jpg?width=90&height=145&title=turtleneck
IP 35.195.247.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x145, components 3\012- data
Hash cbcb42f3280f2929c6e4fac5b7d2c337
6e7cd52a7024ab3f4710a7fa5e11b1e7b62e4ae4
ec908668c08d019e22b0ad2e301ca3435ab055ac9f18c7b743000df1de783da4
GET /products/350525cbc24b50a10a6c84c78ea976be.jpg?width=90&height=145&title=turtleneck HTTP/1.1
Host: static.miinto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:04 GMT
content-type: image/jpeg
content-length: 1543
cache-control: max-age=31536000
x-varnish: 321848870
age: 0
via: 1.1 varnish (Varnish/6.6)
accept-ranges: bytes
strict-transport-security: max-age=17280000;
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=GTM-KZXHS8H
216.239.34.178200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-KZXHS8H
IP 216.239.34.178:0
File type ASCII text, with very long lines (1615)
Hash 31e73762404a38a73fe7d88c1b318e90
954b7e2839ecd80230f2b6cab7b0a93663f3de96
dfd12170ba74cb64fa0f5bb138dbafdad272cccecbe05fd9cea396dc14af701f
GET /gtm/optimize.js?id=GTM-KZXHS8H HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 31 Aug 2022 22:00:04 GMT
expires: Wed, 31 Aug 2022 22:00:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
miinto.sspinc.io/lib/4.46.10/fitpredictor.no.min.js
54.230.111.90200 OK 130 kB URL HTTP/2 miinto.sspinc.io/lib/4.46.10/fitpredictor.no.min.js
IP 54.230.111.90:0
File type Unicode text, UTF-8 text, with very long lines (65409)
Size 130 kB (129574 bytes)
Hash 8364ce55942304f9666c7223cfb1bf8a
26cb8baec751af523150fc14d42a570f3560929b
b9c0f78fec10de8b263df48c1f4556fa053f3946081a8fc1bbc2a175fdbb1b41
GET /lib/4.46.10/fitpredictor.no.min.js HTTP/1.1
Host: miinto.sspinc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 129574
date: Mon, 15 Aug 2022 03:21:10 GMT
last-modified: Tue, 19 Jul 2022 13:20:16 GMT
etag: "8364ce55942304f9666c7223cfb1bf8a"
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u6p5e8u--qEGo0_KTLZMcWSQHIidWCIKXPdJVyxXeUUUlSrn4rea0A==
age: 1449535
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 5cb213db28c70927d7758458adf91452
9af7030bde607b8720b6caf05f14245bf51875b8
2f023e083fd0633623c1b2880ff928b6dd58c862877354f0aa05279e89541c20
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 31 Aug 2022 22:00:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 31 Aug 2022 14:48:16 GMT
Expires: Thu, 01 Sep 2022 14:48:16 GMT
ETag: "9af7030bde607b8720b6caf05f14245bf51875b8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
recs.richrelevance.com/rrserver/p13n_generated.js?a=07e21dcc8044df08&ts=1661983203391&v=1.2.6.20210212&ssl=t&privm=t&s=ctj4jf41pi7g2qshv7nudtu6m2&pref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&l=1
104.245.215.165200 OK 568 B URL HTTP/1.1 recs.richrelevance.com/rrserver/p13n_generated.js?a=07e21dcc8044df08&ts=1661983203391&v=1.2.6.20210212&ssl=t&privm=t&s=ctj4jf41pi7g2qshv7nudtu6m2&pref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&l=1
IP 104.245.215.165:0
File type ASCII text, with very long lines (1124), with no line terminators
Hash 5f12a03af9aab28e92c5a4c0c1e25889
b61cdc728f10b3ce4ebbb739af1a4687389cc52d
74f314a139fed50555ec35039b2bf2c8f9b7e99b0f838afac4119188efc1608c
GET /rrserver/p13n_generated.js?a=07e21dcc8044df08&ts=1661983203391&v=1.2.6.20210212&ssl=t&privm=t&s=ctj4jf41pi7g2qshv7nudtu6m2&pref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&l=1 HTTP/1.1
Host: recs.richrelevance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 22:00:04 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3p: policyref="http://recs.richrelevance.com/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Content-Type: text/javascript;charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 568
miinto.sspinc.io/skins/miinto/2.0.3/fitpredictor.css
54.230.111.90200 OK 25 kB URL HTTP/2 miinto.sspinc.io/skins/miinto/2.0.3/fitpredictor.css
IP 54.230.111.90:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2f24cfe34fb08d3857b30b789fef75b4
0ab72cba03c75d322f9a3a54e46dff217dda329a
29f71ec6d005fccf8688fc8c240131395b4df5efa0bd3d5d872351324e62f315
GET /skins/miinto/2.0.3/fitpredictor.css HTTP/1.1
Host: miinto.sspinc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.miinto.no
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 24554
date: Thu, 25 Aug 2022 15:28:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
last-modified: Thu, 25 Aug 2022 15:28:05 GMT
etag: "2f24cfe34fb08d3857b30b789fef75b4"
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B1U1dFuulhhQ_T-DJzsoOXkGGOxVm-dQKI5pVuGnJN0QcsLKM4GjzA==
age: 541915
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 76f54cd611ac5f42540046a567ec9d72
af63b33f465113de834f0f87c5663d43239dfece
d28dca39896b1fcc09a3a8df581ca8f08925cdba144bcfcbec856ba48bc0c945
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 31 Aug 2022 22:00:04 GMT
Last-Modified: Wed, 31 Aug 2022 20:27:08 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ClOINQ1VVgjCNpN0DT3H5zoJRwDDNGjeOJBKQSwc08fc7SmHzCJ83w==
Age: 5577
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 76f54cd611ac5f42540046a567ec9d72
af63b33f465113de834f0f87c5663d43239dfece
d28dca39896b1fcc09a3a8df581ca8f08925cdba144bcfcbec856ba48bc0c945
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 31 Aug 2022 22:00:04 GMT
Last-Modified: Wed, 31 Aug 2022 20:20:44 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5xUIZ_HDKiiUQmRJ8TuIu0m4SI9Upic5DJRZ_BPvA-x_-RFjbH5pqw==
Age: 5960
c.sspinc.io/com.snowplowanalytics.snowplow/tp2
54.205.6.162200 OK 0 B URL HTTP/2 c.sspinc.io/com.snowplowanalytics.snowplow/tp2
IP 54.205.6.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: c.sspinc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.miinto.no/
Origin: https://www.miinto.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 22:00:04 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.miinto.no
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
c.sspinc.io/com.snowplowanalytics.snowplow/tp2
54.205.6.162200 OK 2 B URL HTTP/2 c.sspinc.io/com.snowplowanalytics.snowplow/tp2
IP 54.205.6.162:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: c.sspinc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2835
Origin: https://www.miinto.no
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 22:00:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=cec721ef-3e33-4883-8d16-2a2997dad6d1; Expires=Fri, 30 Aug 2024 22:00:04 GMT; Domain=sspinc.io; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.miinto.no
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fitpredictor-api.sspinc.io/v1/prediction?auth_token=miinto%3A1856f31437855fb353fc8ea41725b12e&page_view_id=4bbc0b4a-5ea6-404e-bfe0-fd1c4935ff0f&domain_userid=49695181-729d-4ac6-8ec6-82e8221386c6&mode=prediction&market=NO&env=prd&lang=no&product_id=c80e3522-21d0-4929-82bb-aa157bd9237e&available_size=L&available_size=M&available_size=S&available_size=L&available_size=M&available_size=S&psud_enabled=false
54.87.24.123200 OK 32 B URL HTTP/1.1 fitpredictor-api.sspinc.io/v1/prediction?auth_token=miinto%3A1856f31437855fb353fc8ea41725b12e&page_view_id=4bbc0b4a-5ea6-404e-bfe0-fd1c4935ff0f&domain_userid=49695181-729d-4ac6-8ec6-82e8221386c6&mode=prediction&market=NO&env=prd&lang=no&product_id=c80e3522-21d0-4929-82bb-aa157bd9237e&available_size=L&available_size=M&available_size=S&available_size=L&available_size=M&available_size=S&psud_enabled=false
IP 54.87.24.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 455b2d024bd2a526ecfbca79bd46208a
4798a1a651782b8f9935f1a0b57dd5976a4f332a
872ca417379385bb1fcc3bff29ca035f64f4fdd73496d51265bd0e2a9c9cc8d5
GET /v1/prediction?auth_token=miinto%3A1856f31437855fb353fc8ea41725b12e&page_view_id=4bbc0b4a-5ea6-404e-bfe0-fd1c4935ff0f&domain_userid=49695181-729d-4ac6-8ec6-82e8221386c6&mode=prediction&market=NO&env=prd&lang=no&product_id=c80e3522-21d0-4929-82bb-aa157bd9237e&available_size=L&available_size=M&available_size=S&available_size=L&available_size=M&available_size=S&psud_enabled=false HTTP/1.1
Host: fitpredictor-api.sspinc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.miinto.no
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.miinto.no
Cache-Control: no-cache
Content-Encoding: br
Content-Type: application/json
Date: Wed, 31 Aug 2022 22:00:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 32
Connection: keep-alive
c.sspinc.io/com.snowplowanalytics.snowplow/tp2
54.205.6.162200 OK 2 B URL HTTP/2 c.sspinc.io/com.snowplowanalytics.snowplow/tp2
IP 54.205.6.162:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: c.sspinc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 3013
Origin: https://www.miinto.no
Connection: keep-alive
Referer: https://www.miinto.no/
Cookie: sp=cec721ef-3e33-4883-8d16-2a2997dad6d1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 22:00:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=cec721ef-3e33-4883-8d16-2a2997dad6d1; Expires=Fri, 30 Aug 2024 22:00:04 GMT; Domain=sspinc.io; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.miinto.no
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 92e2f9daa51a3d7fdd105bd90f4a4f3f
a47baa9d54154de89033d947719a325f09b334f1
8ad3dfbc00b285d9ff544055e4f2ad0ab4472562ddd3ba1ed8650f704896c2a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
storage.googleapis.com/workbox-cdn/releases/5.0.0/workbox-sw.js
216.58.207.208200 OK 741 B URL HTTP/2 storage.googleapis.com/workbox-cdn/releases/5.0.0/workbox-sw.js
IP 216.58.207.208:0
File type ASCII text, with very long lines (1289)
Hash 31d413c2c7635d1ca33d60bf4ab8d4f8
93d5e78ceedee4fcc6da738536b6d7368712f7d3
ef3649e2fccca41dda5f26265c41e38c20cfe6123fe2445e23d7473b408a694d
GET /workbox-cdn/releases/5.0.0/workbox-sw.js HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsy79LLrVvOAg-Vr3A5Y2KbsB-d8sNSIScXnoR9VjVYiqbv46VGYsZkM6amynghddzAyVM06n74F79M8sPWxLkA2XdpLYW8
x-goog-generation: 1580345297473779
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 741
content-encoding: gzip
x-goog-hash: crc32c=On5zHQ==, md5=MdQTwsdjXRyjPWC/SrjU+A==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 741
access-control-allow-origin: *
server: UploadServer
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
date: Wed, 31 Aug 2022 21:26:45 GMT
expires: Thu, 31 Aug 2023 21:26:45 GMT
cache-control: public, max-age=31536000
age: 2000
last-modified: Thu, 30 Jan 2020 00:48:17 GMT
etag: "31d413c2c7635d1ca33d60bf4ab8d4f8"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 92e2f9daa51a3d7fdd105bd90f4a4f3f
a47baa9d54154de89033d947719a325f09b334f1
8ad3dfbc00b285d9ff544055e4f2ad0ab4472562ddd3ba1ed8650f704896c2a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 22:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.miinto.no/static/graphics/favicons/new/apple-touch-icon.png
35.187.26.138200 OK 0 B URL HTTP/2 www.miinto.no/static/graphics/favicons/new/apple-touch-icon.png
IP 35.187.26.138:0
GET /static/graphics/favicons/new/apple-touch-icon.png HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:04 GMT
content-type: image/png
last-modified: Wed, 31 Aug 2022 10:54:01 GMT
etag: W/"630f3dc9-f49"
expires: Thu, 31 Aug 2023 22:00:04 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.miinto.no/static/sw/sw.js
35.187.26.138200 OK 0 B URL HTTP/2 www.miinto.no/static/sw/sw.js
IP 35.187.26.138:0
GET /static/sw/sw.js HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803; _sp_ses.1629=*; _sp_id.1629=49695181-729d-4ac6-8ec6-82e8221386c6.1661983204.1.1661983204.1661983204.a7026a4b-2c8c-4e56-8a74-d0d9d466a83f
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:04 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 10:54:01 GMT
etag: W/"630f3dc9-767"
service-worker-allowed: /
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
35.187.26.138200 OK 0 B URL HTTP/2 www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
IP 35.187.26.138:0
GET /p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759 HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: text/html;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; path=/; domain=.miinto.no
nomiinookie=b78c675dfacc7409637c926958281285237b76442c36b3cfb98a0542f0988320; expires=Fri, 30-Sep-2022 22:00:03 GMT; Max-Age=2592000; path=/; domain=.miinto.no
nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803; expires=Fri, 30-Sep-2022 22:00:03 GMT; Max-Age=2592000; path=/; domain=.miinto.no
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
X-Firefox-Spdy: h2
www.miinto.no/static/graphics/favicons/new/favicon.svg
35.187.26.138200 OK 0 B URL HTTP/2 www.miinto.no/static/graphics/favicons/new/favicon.svg
IP 35.187.26.138:0
GET /static/graphics/favicons/new/favicon.svg HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Wed, 31 Aug 2022 10:49:46 GMT
etag: W/"630f3cca-369"
expires: Thu, 31 Aug 2023 22:00:04 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.miinto.no/static/scripts/base/dixaFacade.min.js
35.187.26.138200 OK 0 B URL HTTP/2 www.miinto.no/static/scripts/base/dixaFacade.min.js
IP 35.187.26.138:0
GET /static/scripts/base/dixaFacade.min.js HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:01:56 GMT
etag: W/"6305f714-8fd"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.miinto.no/static/graphics/svg/logo-new.svg?v=d980260
35.187.26.138200 OK 0 B URL HTTP/2 www.miinto.no/static/graphics/svg/logo-new.svg?v=d980260
IP 35.187.26.138:0
GET /static/graphics/svg/logo-new.svg?v=d980260 HTTP/1.1
Host: www.miinto.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.miinto.no/p-turtleneck-c80e3522-21d0-4929-82bb-aa157bd9237e?utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&awc=8946_1661983202_74327e5b5b3f8a5214fa613810e416ea&utm_source=Awin&utm_medium=Affiliates&utm_campaign=Kelkoo+Norway&utm_content=369759
Cookie: PHPSESSID=ctj4jf41pi7g2qshv7nudtu6m2; nomiinookie=de9b2f77d4eddde78526becb62f89196598ad73d534ed1e99d71e37b37727803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.8
date: Wed, 31 Aug 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Wed, 31 Aug 2022 10:54:01 GMT
etag: W/"630f3dc9-32e"
expires: Thu, 31 Aug 2023 22:00:03 GMT
cache-control: max-age=31536000, public
strict-transport-security: max-age=17280000;
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Miinto-Basket-Token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2