buikolered.com/4/5117836/
139.45.197.237200 OK 951 B URL HTTP/1.1 buikolered.com/4/5117836/
IP 139.45.197.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (513)
Hash b3de0e2fb3854269339a8ddaa5bb83f7
29c2687547745a164f50f5f19ab0638f6b7a6979
905737558f83b114e48dc1154f73f992830ad50e9f123422f68db8839f15018a
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5117836/ HTTP/1.1
Host: buikolered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 05:18:56 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 52c1ce115a86033e1845a2b5c7aac866
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://bnr.thedataclicks.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=e695897c58034dafb93c9ea403a17f9e; expires=Fri, 08 Dec 2023 05:18:56 GMT; path=/
oaidts=1670476736; expires=Fri, 08 Dec 2023 05:18:56 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11599
Expires: Thu, 08 Dec 2022 08:32:15 GMT
Date: Thu, 08 Dec 2022 05:18:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9478
Expires: Thu, 08 Dec 2022 07:56:54 GMT
Date: Thu, 08 Dec 2022 05:18:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 05:08:09 GMT
content-type: application/json
age: 647
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13635
Expires: Thu, 08 Dec 2022 09:06:11 GMT
Date: Thu, 08 Dec 2022 05:18:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hRWEnwtYtoIUAkZiR1AAwveTGtakJkZZ/BwH6PMiZ5aFR5k/Xh11kZBNeffWRcseRbhp5QAfifk=
x-amz-request-id: KJB8BXS701MQBQ11
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 04:47:47 GMT
age: 1869
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:18:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 27f907a256adb2c2f78f02a5f9b10c99
3411bd289f7e48859cde22993e8bd795ac9b19b2
907bff5886c7b9a138f540090f7e0010621667c24aa02c3fd075f083d0a3b683
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907BFF5886C7B9A138F540090F7E0010621667C24AA02C3FD075F083D0A3B683"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4455
Expires: Thu, 08 Dec 2022 06:33:11 GMT
Date: Thu, 08 Dec 2022 05:18:56 GMT
Connection: keep-alive
buikolered.com/favicon.ico
139.45.197.237204 No Content 0 B URL HTTP/1.1 buikolered.com/favicon.ico
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: buikolered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=e695897c58034dafb93c9ea403a17f9e; oaidts=1670476736
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 08 Dec 2022 05:18:56 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
my.rtmark.net/img.gif?f=merge&userId=e695897c58034dafb93c9ea403a17f9e
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=e695897c58034dafb93c9ea403a17f9e
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=e695897c58034dafb93c9ea403a17f9e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:18:56 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e695897c58034dafb93c9ea403a17f9e; expires=Fri, 08 Dec 2023 05:18:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 05:07:55 GMT
age: 661
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash ccd9c89f34132c65e6dcb00b0c26af87
82fa9981542908167544520c4d5766bd56c96529
7c9f4b4d2658108dbf0c19f04528865a6b8bed0940d816484624ee73d0e6360b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90474
Date: Thu, 08 Dec 2022 05:18:56 GMT
Etag: "6390319c-1d7"
Expires: Fri, 09 Dec 2022 06:26:50 GMT
Last-Modified: Wed, 07 Dec 2022 06:24:28 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zN44qrMG58AuaQ2wMsfBJWs4bl7d_vlMdgmFIIUjLx85YyOwlGMe1w==
Age: 142
bnr.thedataclicks.com/get/yutAYtbQFsgkEpscfYUXQCLs?connectionType=broadband&carrier=?&browserVersion=105®ion=03&device=desktop&operatingSystem=windows&osVersion=win10&country=NO&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&browser=firefox&zoneId=5117836&cost=0.000500&campaignId=6359297&paid=624587298398540330&rdk=rk1
18.210.123.3200 OK 1.6 kB URL HTTP/2 bnr.thedataclicks.com/get/yutAYtbQFsgkEpscfYUXQCLs?connectionType=broadband&carrier=?&browserVersion=105®ion=03&device=desktop&operatingSystem=windows&osVersion=win10&country=NO&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&browser=firefox&zoneId=5117836&cost=0.000500&campaignId=6359297&paid=624587298398540330&rdk=rk1
IP 18.210.123.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (823)
Hash 7981a1822e5c076ebbb1b42ccd0b6679
621c1abf8ddb6835a7de52f3f77002895ec197cb
e7abf437e59f07c85032d6a486609beec05a3d90f63cd10ab461f6b3b1d4060b
GET /get/yutAYtbQFsgkEpscfYUXQCLs?connectionType=broadband&carrier=?&browserVersion=105®ion=03&device=desktop&operatingSystem=windows&osVersion=win10&country=NO&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&browser=firefox&zoneId=5117836&cost=0.000500&campaignId=6359297&paid=624587298398540330&rdk=rk1 HTTP/1.1
Host: bnr.thedataclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Thu, 08 Dec 2022 05:18:57 GMT
content-type: text/html
content-length: 1602
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1593
Cache-Control: max-age=101666
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:57 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:33:23 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
d1aaucsx2ftut2.cloudfront.net/jcm-mm/ac0a0beed1ab46c039530e930f6d96bf.jpeg
143.204.42.82200 OK 184 kB URL HTTP/2 d1aaucsx2ftut2.cloudfront.net/jcm-mm/ac0a0beed1ab46c039530e930f6d96bf.jpeg
IP 143.204.42.82:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 800x575, components 3\012- data
Size 184 kB (184529 bytes)
Hash ef60018c5db320c478ea0738b33966e5
9dd467554cf4b76fc7df3eaac3766d29bdb2b543
9789121067d1f5aa7eeb3267b926014932e6d089fa6053ff05289875f9b262e5
GET /jcm-mm/ac0a0beed1ab46c039530e930f6d96bf.jpeg HTTP/1.1
Host: d1aaucsx2ftut2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bnr.thedataclicks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 184529
last-modified: Fri, 25 Nov 2022 17:13:57 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 06:44:55 GMT
etag: "ef60018c5db320c478ea0738b33966e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HzOrEc1vI7AYTF6uxwSSoHxlY80S_u-NP6MzTfKb3QXV8JrAhssOQg==
age: 81242
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3yKonvLojgN5UDV9NxVo5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AvBLX6VTe/Xd4DSjeP90r2iJ0gU=
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 113628befd8d77ae6e73857d7d628e20
a50fdf6db5b7c3c213c90036edb96a9ba10d4165
03f34cad1062eb5b4b03c72994a71fed79a3203e6ba96199305e6bec1a0860e3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 05:18:57 GMT
Etag: "63911580-1d7"
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0N5Rgj6NUFf_kLyQyP_CNXBMF4apyv77o9R6RNGY190o4fbZD02B6Q==
lnk.clickadsolutions.com/trk/yutAYtbQFsgkEpscfYUXQCLs?browser=firefox&browserVersion=105&campaignId=6359297&carrier=%3F&connectionType=broadband&cost=0.000500&country=NO&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=624587298398540330&rdk=rk1®ion=03&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&zoneId=5117836&c2=true&vpw=1280&vph=1024
34.234.231.229200 OK 10 kB URL HTTP/2 lnk.clickadsolutions.com/trk/yutAYtbQFsgkEpscfYUXQCLs?browser=firefox&browserVersion=105&campaignId=6359297&carrier=%3F&connectionType=broadband&cost=0.000500&country=NO&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=624587298398540330&rdk=rk1®ion=03&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&zoneId=5117836&c2=true&vpw=1280&vph=1024
IP 34.234.231.229:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1038)
Hash 30c95489eae6f7a606fd9fc38b8b0b63
06acc3ea8951872b4b53ce9ca9fba719d058a703
5c57b5e901b71beab6946e519b44195e38254e633ab0836cd0b06b1f6b1da081
GET /trk/yutAYtbQFsgkEpscfYUXQCLs?browser=firefox&browserVersion=105&campaignId=6359297&carrier=%3F&connectionType=broadband&cost=0.000500&country=NO&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=624587298398540330&rdk=rk1®ion=03&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&zoneId=5117836&c2=true&vpw=1280&vph=1024 HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bnr.thedataclicks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:18:57 GMT
content-type: text/html;charset=UTF-8
set-cookie: v=t; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Fri, 08 Dec 2023 05:18:57 GMT; Secure; SameSite=None
cas=3442:1802:1802:1; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Fri, 08 Dec 2023 05:18:57 GMT; Secure; SameSite=None
rls=245026:1802:1802:1|245831:1802:1802:1; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Fri, 08 Dec 2023 05:18:57 GMT; Secure; SameSite=None
com=162:92:NO:1802:1802:1|16571:166:NO:1802:1802:1; Path=/; Domain=lnk.clickadsolutions.com; Max-Age=31536000; Expires=Fri, 08 Dec 2023 05:18:57 GMT; Secure; SameSite=None
content-language: en-US
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=15279551.1515319974
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=15279551.1515319974
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=15279551.1515319974 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 08 Dec 2022 03:37:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 6116
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&tid=UA-6627226-3&t=pageview&ds=web&aip=1&cs=referral&cm=4242&cn=%28not+set%29&cc=%28not+set%29&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1289508228.1652497490
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-6627226-3&t=pageview&ds=web&aip=1&cs=referral&cm=4242&cn=%28not+set%29&cc=%28not+set%29&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1289508228.1652497490
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-6627226-3&t=pageview&ds=web&aip=1&cs=referral&cm=4242&cn=%28not+set%29&cc=%28not+set%29&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1289508228.1652497490 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 08 Dec 2022 03:37:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 6116
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=Tredia&cc=245026&ck=42259&cm=Advanced+Store&cn=bangerhead&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1178551752.1302453239
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=Tredia&cc=245026&ck=42259&cm=Advanced+Store&cn=bangerhead&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1178551752.1302453239
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=Tredia&cc=245026&ck=42259&cm=Advanced+Store&cn=bangerhead&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.bangerhead.no&dp=%2F&dt=Hudpleie%2C+h%C3%A5rpleie+og+skj%C3%B8nnhet+online+til+lave+priser+-+Bangerhead.no&dr=&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1178551752.1302453239 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 08 Dec 2022 03:37:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 6116
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=Tredia&cc=245831&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1679646195.1195868447
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=Tredia&cc=245831&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1679646195.1195868447
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=Tredia&cc=245831&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1679646195.1195868447 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 08 Dec 2022 03:37:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 6116
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash b1c44ca1e8549e840702bef5fd5eb7b6
7f6665902a5a9df4267f86b165678bfcbff5a2fc
2b8a2d97bc2f8c545f0e88f3b591c1260bab2e893c770e0df50af411f852dc1d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152867
Date: Thu, 08 Dec 2022 05:18:58 GMT
Etag: "639119b4-1d7"
Expires: Fri, 09 Dec 2022 23:46:45 GMT
Last-Modified: Wed, 07 Dec 2022 22:54:44 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ri0RrC416wbViZuZQ_HtsSdb98I_U8VP7BpO4iEcC0Jn9eIvL7KiJg==
Age: 3121
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18077
Expires: Thu, 08 Dec 2022 10:20:15 GMT
Date: Thu, 08 Dec 2022 05:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18077
Expires: Thu, 08 Dec 2022 10:20:15 GMT
Date: Thu, 08 Dec 2022 05:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18077
Expires: Thu, 08 Dec 2022 10:20:15 GMT
Date: Thu, 08 Dec 2022 05:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18077
Expires: Thu, 08 Dec 2022 10:20:15 GMT
Date: Thu, 08 Dec 2022 05:18:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:29:22 GMT
age: 74976
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 21581
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 22500
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 21743
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f5ce4070e5050733be6bded399afe53
77cf1dd30e86f5568a8e64cb42f536cf2af9301c
7fe19657e1add41e913e9a326023ff484180ca17615175ddc5d2ab57217566bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4538
x-amzn-requestid: 143f359f-c0fd-4d32-8de5-cc2c2804bb39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gIHzXoAMFqmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-27db2e3c6de7216e3c17caea;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ba2tqr7qzoTbVkNM_hFETgyCLbCLvAEQjFA2jSU83qYRz6j-uIpk6Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:14:58 GMT
age: 25440
etag: "77cf1dd30e86f5568a8e64cb42f536cf2af9301c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca700c3-a35c-4310-8bec-315aac6627af.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca700c3-a35c-4310-8bec-315aac6627af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b19dcd440d04491799ff31ed3741a3c
397314c70c7a3502856bd13b879ee62232229ffd
4ca5248ce9473768e2f89e7509a5c4585ed106acd5780c82dcf08e22a98892ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca700c3-a35c-4310-8bec-315aac6627af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7717
x-amzn-requestid: a0140095-5792-4d50-81b5-a790ad3f535e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4bcFmsoAMFxZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-7dda36810e4c98da79e828d9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wN37yp9r-_W6n-L1TENCfjV18Gj1-3Q3gdIFvcViFbcUPtTnRgoHKA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:09:20 GMT
age: 79778
etag: "397314c70c7a3502856bd13b879ee62232229ffd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
65.9.9.138200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 65.9.9.138:0
Hash ab3c4ed07c1a8c4c7d5d20cfd4ef354a
f2268657461cd8cca35ebbc8f225109b74b17e1f
f23e34f3a30af41803ee9354ebadf08131f69d00c351c17976e2e55cd87d1557
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 05:18:58 GMT
Last-Modified: Thu, 08 Dec 2022 03:45:50 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: fJuha1mFMQqaqOFY0Dpq3gjL6XefEEmvOzyfAklftytAhuV8K_84aw==
Age: 5589
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash d3d806640fd69949c59691513024a7dd
3e1d6969e674b84c6d28b72f9d12acd195fad57e
03e2d911a521642d8b708bed6aef344908d487e84d7cfaf9f6b84e1b3bc4ad24
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 05:18:58 GMT
Etag: "638fc121-1d7"
Server: ECS (dcb/7EC8)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lXGULhwoAQ_5HDLx0avywCZzExpD27mq1kG3NQx-SFOSufxK8NNLRw==
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 97f30da0320ae3acbcb2a8003ae36e90
f8a8b0eb2ce59593d708ec47a19026a4664a9aac
8a560c3c25769094b76e9fd80a974be33f7744b0af6ff080c8062535d8292357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2874
Cache-Control: max-age=156591
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:59 GMT
Etag: "63912938-116"
Expires: Sat, 10 Dec 2022 00:48:50 GMT
Last-Modified: Thu, 08 Dec 2022 00:00:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ticketmaster-no.tm8215.net/3PYq4d?SubId1=639173c178ff154ebfdf7e8b-RL-245831&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F
52.212.66.198302 Found 417 B URL HTTP/2 ticketmaster-no.tm8215.net/3PYq4d?SubId1=639173c178ff154ebfdf7e8b-RL-245831&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F
IP 52.212.66.198:0
File type HTML document, ASCII text, with very long lines (416)
Hash b075e059661141810bc0e8c90f945cc4
e1c36f928556e4b0e5291fce5f98f9cc4c6417cd
a90d7452203acbc88cf3ee070d9a6a77c618e05c410b7f23dfcf2e65bc3f034e
GET /3PYq4d?SubId1=639173c178ff154ebfdf7e8b-RL-245831&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F HTTP/1.1
Host: ticketmaster-no.tm8215.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.thebigadsstore.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 05:18:59 GMT
content-type: text/html; charset=utf-8
content-length: 417
location: https://www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D639173c178ff154ebfdf7e8b-RL-245831%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes
set-cookie: AWSALB=wsL7sFV/zBp7ytramSDMLQ5fI39C6gCZnugFVgz31C5gGl7Kxtoy7+3SSOb8R2aAa8KzhaNOlJYkcbquzW8KDVN5LY6NSjlehLuaGiPp9+pa90611yhaZGzYiYXm; Expires=Thu, 15 Dec 2022 05:18:59 GMT; Path=/
AWSALBCORS=wsL7sFV/zBp7ytramSDMLQ5fI39C6gCZnugFVgz31C5gGl7Kxtoy7+3SSOb8R2aAa8KzhaNOlJYkcbquzW8KDVN5LY6NSjlehLuaGiPp9+pa90611yhaZGzYiYXm; Expires=Thu, 15 Dec 2022 05:18:59 GMT; Path=/; SameSite=None; Secure
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 05:18:59 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
as.ad4m.at/ad/tur?a=916&c=https%3A%2F%2Fbangerhead.no&b=639173c178ff154ebfdf7e8b-RL-245026
172.67.74.129307 Temporary Redirect 278 B URL HTTP/2 as.ad4m.at/ad/tur?a=916&c=https%3A%2F%2Fbangerhead.no&b=639173c178ff154ebfdf7e8b-RL-245026
IP 172.67.74.129:0
Hash 97f30da0320ae3acbcb2a8003ae36e90
f8a8b0eb2ce59593d708ec47a19026a4664a9aac
8a560c3c25769094b76e9fd80a974be33f7744b0af6ff080c8062535d8292357
GET /ad/tur?a=916&c=https%3A%2F%2Fbangerhead.no&b=639173c178ff154ebfdf7e8b-RL-245026 HTTP/1.1
Host: as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://srw.bannerwidget.tech/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Thu, 08 Dec 2022 05:18:59 GMT
location: https://www.smartredirect.de/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_639173c178ff154ebfdf7e8b-RL-245026
surrogate-control: no-store
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cross-origin-embedder-policy: unsafe-none
x-content-type-options: nosniff
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-xss-protection: 1; mode=block
expires: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
vary: accept-encoding
cross-origin-resource-policy: cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77630b22dd16b527-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c7b5a131eacd2479f07c26a9d042263c
89f08cc4d7fa31e2293db2b02e658faa1d9b48d7
4eccda33ea8d70795d79295a945040f3409ec76d549f9a9b43bb9bd0fe6f523a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6072
Cache-Control: max-age=149688
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:59 GMT
Etag: "639101c3-116"
Expires: Fri, 09 Dec 2022 22:53:47 GMT
Last-Modified: Wed, 07 Dec 2022 21:12:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c7b5a131eacd2479f07c26a9d042263c
89f08cc4d7fa31e2293db2b02e658faa1d9b48d7
4eccda33ea8d70795d79295a945040f3409ec76d549f9a9b43bb9bd0fe6f523a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6072
Cache-Control: max-age=149688
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:18:59 GMT
Etag: "639101c3-116"
Expires: Fri, 09 Dec 2022 22:53:47 GMT
Last-Modified: Wed, 07 Dec 2022 21:12:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e826c7dbe0ca4a4c17f8cf41ed34f88a
5e560ef34bc9e5cbf4ff00d5f4e3dc7e1648329e
2a911bd88d557a472c00652ad58502627b160acfeb21623038da104b33f83cb3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118822
Date: Thu, 08 Dec 2022 05:18:59 GMT
Etag: "63909864-1d7"
Expires: Fri, 09 Dec 2022 14:19:21 GMT
Last-Modified: Wed, 07 Dec 2022 13:43:00 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: k9EfbDtyHryLI1NvcolQuliR81argwTNHiAfO1nPfjTOmhvv1Q6R3Q==
Age: 2181
www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=15279551.1515319974
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=15279551.1515319974
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&tid=UA-24877590-4&t=pageview&ds=web&aip=1&cs=tredia&cm=affiliate&cn=3029083&cc=1220128_8215&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=15279551.1515319974 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 08 Dec 2022 03:37:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 6117
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?cs=Tredia&cc=245831&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1679646195.1195868447
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cs=Tredia&cc=245831&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1679646195.1195868447
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?cs=Tredia&cc=245831&ck=42259&cm=Impact&cn=Ticketmaster&tid=UA-207042490-1&v=1&t=pageview&ds=web&aip=1&dh=www.ticketmaster.no&dp=%2F&dt=Kj%C3%B8p+billetter+til+konserter%2C+sport%2C+teater%2C+stand+up%2C+festivaler+og+mye+mer+%7C+Ticketmaster&dr=lnk.thebigadsstore.com%2Fref%2Fhttps%3A%2F%2Fwww.altomfotball.no%2F&vp=1280x1024&sr=1280x1024&je=0&ul=en-US&cid=1679646195.1195868447 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 08 Dec 2022 03:37:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 6117
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a1fe46ffc11ad7847f1713fd7fa3c461
ffebe97c4aca7bdaadda5d499e4e0bee479c5618
59c4501bea449a997cd5cd022541371f6f693996440f5ff7083db7cd5bfafe1d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:18:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 17:55:46 GMT
Expires: Tue, 13 Dec 2022 17:55:45 GMT
Etag: "ffebe97c4aca7bdaadda5d499e4e0bee479c5618"
Cache-Control: max-age=476805,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77630b235af9fab8-OSL
www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D639173c178ff154ebfdf7e8b-RL-245831%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes
34.95.127.121302 Found 0 B URL HTTP/2 www.ojrq.net/p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D639173c178ff154ebfdf7e8b-RL-245831%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes
IP 34.95.127.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?return=https%3A%2F%2Fticketmaster-no.tm8215.net%2Fc%2F3029083%2F462382%2F8215%3FSubId1%3D639173c178ff154ebfdf7e8b-RL-245831%26SubId2%3Dlnk.thebigadsstore.com%252Fref%252Fwww.altomfotball.no%252F%26u%3Dhttps%253A%252F%252Fwww.ticketmaster.no%252F%26svlink%3D4982831%26level%3D1%26srcref%3Dhttps%253A%252F%252Flnk.thebigadsstore.com%252F&cid=8215&tpsync=yes HTTP/1.1
Host: www.ojrq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.thebigadsstore.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 05:18:59 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
set-cookie: brwsr=d239cf8e-76b7-11ed-9ec9-d90eb3934b0f; Domain=.ojrq.net; Path=/; Secure; Max-Age=62208000; Expires=Wed, 27 Nov 2024 05:18:59 GMT; HttpOnly; SameSite=None
location: https://ticketmaster-no.tm8215.net/c/3029083/462382/8215?SubId1=639173c178ff154ebfdf7e8b-RL-245831&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=d239cf8e-76b7-11ed-9ec9-d90eb3934b0f&brwsrsig=XtGwEkViez-316UWNnU8hXZiQuAXuU
content-length: 0
date: Thu, 08 Dec 2022 05:18:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ticketmaster-no.tm8215.net/c/3029083/462382/8215?SubId1=639173c178ff154ebfdf7e8b-RL-245831&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=d239cf8e-76b7-11ed-9ec9-d90eb3934b0f&brwsrsig=XtGwEkViez-316UWNnU8hXZiQuAXuU
52.212.66.198301 Moved Permanently 0 B URL HTTP/2 ticketmaster-no.tm8215.net/c/3029083/462382/8215?SubId1=639173c178ff154ebfdf7e8b-RL-245831&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=d239cf8e-76b7-11ed-9ec9-d90eb3934b0f&brwsrsig=XtGwEkViez-316UWNnU8hXZiQuAXuU
IP 52.212.66.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/3029083/462382/8215?SubId1=639173c178ff154ebfdf7e8b-RL-245831&SubId2=lnk.thebigadsstore.com%2Fref%2Fwww.altomfotball.no%2F&u=https%3A%2F%2Fwww.ticketmaster.no%2F&svlink=4982831&level=1&srcref=https%3A%2F%2Flnk.thebigadsstore.com%2F&brwsr=d239cf8e-76b7-11ed-9ec9-d90eb3934b0f&brwsrsig=XtGwEkViez-316UWNnU8hXZiQuAXuU HTTP/1.1
Host: ticketmaster-no.tm8215.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.thebigadsstore.com/
Connection: keep-alive
Cookie: AWSALBCORS=wsL7sFV/zBp7ytramSDMLQ5fI39C6gCZnugFVgz31C5gGl7Kxtoy7+3SSOb8R2aAa8KzhaNOlJYkcbquzW8KDVN5LY6NSjlehLuaGiPp9+pa90611yhaZGzYiYXm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 05:18:59 GMT
content-length: 0
location: https://www.ticketmaster.no/?clickId=VU5Q-XyGaxyNR7RVoXTXjwISUkAxH0QVD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215
set-cookie: AWSALB=8Cm2YyupDC15ZjfktJOKf1jTlyrZpSPj4SF+r4EJPHpcM4jO7JLAShUr+fnHDz1cjoxVnMxTlyseiYuhOFOa6a1l+E8zyG1vd/y1NAlfuXfzBc8mqQ522Zae23aB; Expires=Thu, 15 Dec 2022 05:18:59 GMT; Path=/
AWSALBCORS=8Cm2YyupDC15ZjfktJOKf1jTlyrZpSPj4SF+r4EJPHpcM4jO7JLAShUr+fnHDz1cjoxVnMxTlyseiYuhOFOa6a1l+E8zyG1vd/y1NAlfuXfzBc8mqQ522Zae23aB; Expires=Thu, 15 Dec 2022 05:18:59 GMT; Path=/; SameSite=None; Secure
brwsr=d239cf8e-76b7-11ed-9ec9-d90eb3934b0f; Domain=.tm8215.net; Path=/; Secure; Max-Age=62208000; Expires=Wed, 27 Nov 2024 05:18:59 GMT; HttpOnly; SameSite=None
irld=LQr9WXlQcdzkxWRL2GMxgvTu6Svo07YTSUSXv0mxQXyxdOTA0; Path=/; Secure; Max-Age=15552000; Expires=Tue, 6 Jun 2023 05:18:59 GMT; HttpOnly; SameSite=None
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 05:18:59 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a1fe46ffc11ad7847f1713fd7fa3c461
ffebe97c4aca7bdaadda5d499e4e0bee479c5618
59c4501bea449a997cd5cd022541371f6f693996440f5ff7083db7cd5bfafe1d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:18:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 17:55:46 GMT
Expires: Tue, 13 Dec 2022 17:55:45 GMT
Etag: "ffebe97c4aca7bdaadda5d499e4e0bee479c5618"
Cache-Control: max-age=476805,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77630b270bd1fab8-OSL
analytics.ticketmaster.no/api/reports
151.101.194.87200 OK 4 B URL HTTP/2 analytics.ticketmaster.no/api/reports
IP 151.101.194.87:0
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
POST /api/reports HTTP/1.1
Host: analytics.ticketmaster.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 7536
Origin: https://www.ticketmaster.no
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-store, private, s-maxage=0
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:19:00 GMT
via: 1.1 varnish
x-robots-tag: none
x-served-by: cache-bma1680-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670476740.346028,VS0,VE80
access-control-allow-origin: https://www.ticketmaster.co.uk https://www.ticketmaster.ie https://www.ticketmaster.com.au https://www.ticketmaster.co.nz https://www.ticketmaster.no https://www.ticketmaster.mx https://www.ticketmaster.pl https://www.ticketmaster.it https://www.ticketmaster.fr https://www.livenation.com https://www.ticketmaster.com https://www.ticketmaster.ae https://www.ticketmaster.de https://www.ticketmaster.se https://www.ticketmaster.ch https://www.ticketmaster.dk https://www.ticketmaster.be https://www.ticketmaster.fi https://www.ticketmaster.ae https://www.ticketmaster.at https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.com.au https://www.ticketmaster.cz https://www.ticketmaster.es https://www.ticketmaster.nl https://www.ticketmaster.co.za
content-length: 4
X-Firefox-Spdy: h2
www.smartredirect.de/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_639173c178ff154ebfdf7e8b-RL-245026
104.21.0.237302 Found 4 B URL HTTP/2 www.smartredirect.de/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_639173c178ff154ebfdf7e8b-RL-245026
IP 104.21.0.237:0
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
GET /redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_639173c178ff154ebfdf7e8b-RL-245026 HTTP/1.1
Host: www.smartredirect.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://srw.bannerwidget.tech/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 05:18:59 GMT
content-type: text/html; charset=UTF-8
location: https://de.trck.one/redir/clickGate.php?u=RkkuMW4M&m=1&p=Fr5xngjWXe&t=iRhdghTT&url=https%3A%2F%2Fwww.bangerhead.no&r=https%3A%2F%2Fwww.advancedstore.com&s=oneidBrqTgfPfrVwBH5t7cQcgCXZqajSdt9fMoneid_639173c178ff154ebfdf7e8b-RL-245026
cache-control: no-cache, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 08 Dec 2022 05:18:59 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1189P0egxeaMXo9EafaP7JtcGUUV%2BS2brQA7rgJYzUJguYAIEoNKZ122mTX6ot72yCuHne%2BmtgGCggbFCRTwk4Xof7okQPSCBJe58YOTtGu%2BeM1PIjx6S7qHQo7RQQg4MLeVkbTe3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77630b236d74b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&custom2=3CeZArO9TSWM50PYTIgW1UI4Ai0obTafQFT3BVmSNVPhcz&id=e4e2e5c6-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https://www.bangerhead.no
143.204.55.22200 OK 0 B URL HTTP/2 api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&custom2=3CeZArO9TSWM50PYTIgW1UI4Ai0obTafQFT3BVmSNVPhcz&id=e4e2e5c6-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https://www.bangerhead.no
IP 143.204.55.22:0
GET /publisher/shopping/v2/link-monetizer/link?country=no&custom2=3CeZArO9TSWM50PYTIgW1UI4Ai0obTafQFT3BVmSNVPhcz&id=e4e2e5c6-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https://www.bangerhead.no HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://srw.bannerwidget.tech/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 27980
x-gravitee-transaction-id: f6a45f18-7770-4f90-a45f-1877700f906c
x-gravitee-request-id: f6a45f18-7770-4f90-a45f-1877700f906c
leadid: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670476739725_244568
clickid: 107698149_1670476739711_655788
country: no
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
set-cookie: datadome=3sRUd4x8oxjpaB1VClmWCwtbI6ROul5x6apkGr2HM7YpDHP~g3scQ-QfNjwhYA1K2088dgW52C_lQ_y62O78RzVIIPJ_6hzbasnjFkf0scKCEtGz1KUJZZC~O-UjyWQW; Max-Age=31536000; Expires=Fri, 08 Dec 2023 05:18:59 GMT; SameSite=Lax; Path=/; Domain=.kelkoo.net; Secure
kelkooID=a4c6295-184f02c347f-3577c; Max-Age=31536000; Expires=Fri, 08 Dec 2023 05:18:59 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
x-datadome: protected
request-time: PT0.018553S
x-robots-tag: noindex,nofollow
referrer-policy: origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Thu, 08 Dec 2022 05:18:59 GMT
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ntD4R1aiCdHn4s8x_ypC4NKW_JShUKnp-MqMrIGtACGDpD2ctYZANA==
X-Firefox-Spdy: h2
www.ticketmaster.no/?clickId=VU5Q-XyGaxyNR7RVoXTXjwISUkAxH0QVD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215
151.101.2.87200 OK 0 B URL HTTP/2 www.ticketmaster.no/?clickId=VU5Q-XyGaxyNR7RVoXTXjwISUkAxH0QVD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215
IP 151.101.2.87:0
GET /?clickId=VU5Q-XyGaxyNR7RVoXTXjwISUkAxH0QVD1MORM0&irgwc=1&utm_source=tredia&utm_medium=affiliate&utm_campaign=3029083&utm_content=1220128_8215 HTTP/1.1
Host: www.ticketmaster.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lnk.thebigadsstore.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-tmsite: TM_NO
x-build-version: production-9-390-0-4590504
cache-control: max-age=15
x-powered-by: Next.js
content-type: text/html; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
age: 0
tmps-correlation-id: 7249b01f-6ae9-4315-a23f-d2104e5eaf96
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1
x-frame-options: Deny
content-security-policy: frame-ancestors 'none'; default-src https://*.safeframe.googlesyndication.com https://tpc.googlesyndication.com https://uk.tmconst.com; font-src 'self' https://uk.tmconst.com https://fonts.gstatic.com https://marketer.monetate.net/ https://cdn.smooch.io; connect-src 'self' wss://*.hotjar.com wss://api.smooch.io wss://marketplace.prod.pub-tmaws.io https://*.ticketmaster.co.uk https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.siteintercept.qualtrics.com https://*.hotjar.com https://*.permutive.com https://*.prmutv.co https://*.config.smooch.io https://epsf.ticketmaster.net https://uk.tmconst.com https://checkout.ticketmaster.com https://venueview.io-virtualvenue.com https://pubads.g.doubleclick.net https://securepubads.g.doubleclick.net https://siteintercept.qualtrics.com https://stats.g.doubleclick.net https://pagead2.googlesyndication.com https://vc.hotjar.io https://d2v54wjmlooyi.cloudfront.net https://csi.gstatic.com https://venue.tmol.co https://adservice.google.com https://www.google.com https://analytics.tiktok.com https://ib.adnxs.com https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://privacyportal.onetrust.com/ https://api.smooch.io https://app.ticketmaster.com https://mapsapi.tmol.co https://availability.ticketmaster.eu https://www.ticketmaster.no https://analytics.ticketmaster.no https://identity.ticketmaster.no https://app.ticketmaster.eu https://pubapi.ticketmaster.com; prefetch-src https://uk.tmconst.com https://pubapi.ticketmaster.com/sdk/ras-sdk-v0.js; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googletagmanager.com https://*.siteintercept.qualtrics.com https://*.collect.igodigital.com https://epsf.ticketmaster.net https://uk.tmconst.com https://venueview.io-virtualvenue.com https://polyfill.io https://static.hotjar.com https://af.monetate.net https://f.monetate.net https://se.monetate.net https://sb.monetate.net https://marketer.monetate.net/ https://www.googletagservices.com https://www.google-analytics.com https://pagead2.googlesyndication.com https://siteintercept.qualtrics.com https://d2v54wjmlooyi.cloudfront.net/ssp/libs/prod/fanbuilder/v2/fanbuilder.js https://cdn.smooch.io https://api.smooch.io https://cdn.distiltag.com https://widget.ticketmaster.eu https://securepubads.g.doubleclick.net https://script.hotjar.com https://adservice.google.ae https://adservice.google.at https://adservice.google.be https://adservice.google.ca https://adservice.google.ch https://adservice.google.co.il https://adservice.google.co.jp https://adservice.google.co.uk https://adservice.google.co.nz https://adservice.google.com https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.mx https://adservice.google.com.ph https://adservice.google.com.sa https://adservice.google.com.ua https://adservice.google.cz https://adservice.google.de https://adservice.google.dk https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ie https://adservice.google.it https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.se https://analytics.twitter.com https://analytics.tiktok.com https://connect.facebook.net https://googleads.g.doubleclick.net https://media.ticketmaster.co.uk https://static.ads-twitter.com https://www.googleadservices.com https://cdn.ampproject.org https://tpc.googlesyndication.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com/pagead/conversion_async.js https://api.permutive.com https://cdn.permutive.com https://cdn.cookielaw.org/ https://geolocation.onetrust.com/ https://s1.ticketm.net/tm/en-us/img/static/tmcore/web-vitals.umd.js https://s.adroll.com/ https://d.adroll.com/ https://s.pinimg.com/ https://swrap.tradedoubler.com https://www.sc.pages06.net https://identity.ticketmaster.no https://my.ticketmaster.com https://secure-entry.ticketmaster.com https://pubapi.ticketmaster.com/sdk/ras-sdk-v0.js; style-src 'unsafe-inline' https://marketer.monetate.net/ https://fonts.googleapis.com/ https://cdn.smooch.io/; frame-src https://*.safeframe.googlesyndication.com https://*.siteintercept.qualtrics.com https://*.fls.doubleclick.net https://player.vimeo.com https://vars.hotjar.com https://tpc.googlesyndication.com https://sb.monetate.net https://www.google.com/recaptcha/ https://www.youtube.com https://media.ticketmaster.co.uk https://cookies.onetrust.mgr.consensu.org/ https://bid.g.doubleclick.net https://securepubads.g.doubleclick.net https://identity.ticketmaster.no https://www.ticketmaster.no https://my.ticketmaster.com; img-src data: 'self' http://track.adform.net/ http://s0.2mdn.net/ https://*.googletagmanager.com https://*.google-analytics.com https://*.fls.doubleclick.net https://*.googleusercontent.com https://uk.tmconst.com https://cbt-assets.tmconst.com https://media.ticketmaster.eu https://media-staging.mfol.eu-west-1.pci.public.tmaws.eu https://s1.ticketm.net https://www.facebook.com https://nova.collect.igodigital.com https://eu.qualtrics.com https://af.monetate.net https://f.monetate.net https://marketer.monetate.net/ https://tpc.googlesyndication.com https://www.google.ae https://www.google.at https://www.google.be https://www.google.ca https://www.google.ch https://www.google.cl https://www.google.co.in https://www.google.co.jp https://www.google.co.uk https://www.google.co.nz https://www.google.co.za https://www.google.com https://www.google.com.au https://www.google.com.br https://www.google.com.co https://www.google.com.ec https://www.google.com.eg https://www.google.com.gt https://www.google.com.mx https://www.google.com.ph https://www.google.com.sa https://www.google.com.ua https://www.google.cz https://www.google.de https://www.google.dk https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ie https://www.google.it https://www.google.nl https://www.google.no https://www.google.pl https://www.google.rs https://www.google.ru https://www.google.se https://ad.doubleclick.net https://cm.g.doubleclick.net https://securepubads.g.doubleclick.net https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://prismic-images.tmol.io https://i.ytimg.com/ https://i.vimeocdn.com/ https://media.ticketmaster.co.uk https://s3.eu-west-2.amazonaws.com/onsale-img/tmimages/TM_GenCatImgs_Generic.jpg https://s3.eu-west-2.amazonaws.com/onsale-img/tmimages/TM_GenCatImgs_Music.jpg https://s3.eu-west-1.amazonaws.com/ https://cx.atdmt.com https://venueview.io-virtualvenue.com https://secure.adnxs.com https://t.co https://analytics.twitter.com https://ads.avocet.io https://ads.avct.cloud https://googlesync.permutive.com/ https://cdn.cookielaw.org/ https://pixel.quantserve.com https://www.gstatic.com/ https://image.mailing.ticketmaster.com/ https://cdn.smooch.io https://media.smooch.io https://ct.pinterest.com/ https://sp.analytics.yahoo.com/ https://www.pages06.net/ https://identity.ticketmaster.no https://mapsapi.tmol.co; media-src https://uk.tmconst.com/; object-src 'none'; base-uri 'self'; worker-src 'self' blob: https://www.google.com/recaptcha/; child-src blob: https://*.siteintercept.qualtrics.com; report-uri https://analytics.ticketmaster.no/api/reports
x-fastly: ICCP-GLOBAL-PROD
fastly-restarts: 1
x-origin-name: 1GUugFzYescHPg4UVycAKL--F_iccp
date: Thu, 08 Dec 2022 05:19:00 GMT
x-served-by: cache-bma1663-BMA, cache-bma1663-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
vary: Accept-Encoding
content-length: 71355
X-Firefox-Spdy: h2
lnk.clickadsolutions.com/?bt=lnk.thebigadsstore.com&ref=https%3A%2F%2Fwww.altomfotball.no%2F&friend=&u=ticketmaster-no.tm8215.net%252F3PYq4d%253FSubId1%253D639173c178ff154ebfdf7e8b-RL-245831%2526SubId2%253Dlnk.thebigadsstore.com%25252Fref%25252Fwww.altomfotball.no%25252F&log=false&type=ROTATOR_LINK&linkId=245831&clickId=639173c178ff154ebfdf7e8b&br=false
34.234.231.229200 OK 0 B URL HTTP/2 lnk.clickadsolutions.com/?bt=lnk.thebigadsstore.com&ref=https%3A%2F%2Fwww.altomfotball.no%2F&friend=&u=ticketmaster-no.tm8215.net%252F3PYq4d%253FSubId1%253D639173c178ff154ebfdf7e8b-RL-245831%2526SubId2%253Dlnk.thebigadsstore.com%25252Fref%25252Fwww.altomfotball.no%25252F&log=false&type=ROTATOR_LINK&linkId=245831&clickId=639173c178ff154ebfdf7e8b&br=false
IP 34.234.231.229:0
GET /?bt=lnk.thebigadsstore.com&ref=https%3A%2F%2Fwww.altomfotball.no%2F&friend=&u=ticketmaster-no.tm8215.net%252F3PYq4d%253FSubId1%253D639173c178ff154ebfdf7e8b-RL-245831%2526SubId2%253Dlnk.thebigadsstore.com%25252Fref%25252Fwww.altomfotball.no%25252F&log=false&type=ROTATOR_LINK&linkId=245831&clickId=639173c178ff154ebfdf7e8b&br=false HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/trk/yutAYtbQFsgkEpscfYUXQCLs?browser=firefox&browserVersion=105&campaignId=6359297&carrier=%3F&connectionType=broadband&cost=0.000500&country=NO&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=624587298398540330&rdk=rk1®ion=03&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&zoneId=5117836&c2=true&vpw=1280&vph=1024
Cookie: v=t; cas=3442:1802:1802:1; rls=245026:1802:1802:1|245831:1802:1802:1; com=162:92:NO:1802:1802:1|16571:166:NO:1802:1802:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:18:57 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
lnk.clickadsolutions.com/?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fbangerhead.no%2526b%253D639173c178ff154ebfdf7e8b-RL-245026&log=false&type=ROTATOR_LINK&linkId=245026&clickId=639173c178ff154ebfdf7e8b&br=false
34.234.231.229200 OK 0 B URL HTTP/2 lnk.clickadsolutions.com/?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fbangerhead.no%2526b%253D639173c178ff154ebfdf7e8b-RL-245026&log=false&type=ROTATOR_LINK&linkId=245026&clickId=639173c178ff154ebfdf7e8b&br=false
IP 34.234.231.229:0
GET /?bt=srw.bannerwidget.tech&ref=&friend=&u=as.ad4m.at%252Fad%252Ftur%253Fa%253D916%2526c%253Dhttps%25253A%25252F%25252Fbangerhead.no%2526b%253D639173c178ff154ebfdf7e8b-RL-245026&log=false&type=ROTATOR_LINK&linkId=245026&clickId=639173c178ff154ebfdf7e8b&br=false HTTP/1.1
Host: lnk.clickadsolutions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/trk/yutAYtbQFsgkEpscfYUXQCLs?browser=firefox&browserVersion=105&campaignId=6359297&carrier=%3F&connectionType=broadband&cost=0.000500&country=NO&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=624587298398540330&rdk=rk1®ion=03&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&zoneId=5117836&c2=true&vpw=1280&vph=1024
Cookie: v=t; cas=3442:1802:1802:1; rls=245026:1802:1802:1|245831:1802:1802:1; com=162:92:NO:1802:1802:1|16571:166:NO:1802:1802:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:18:57 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2
lnk.thebigadsstore.com/ref/www.altomfotball.no/
50.17.84.136200 OK 0 B URL HTTP/2 lnk.thebigadsstore.com/ref/www.altomfotball.no/
IP 50.17.84.136:0
POST /ref/www.altomfotball.no/ HTTP/1.1
Host: lnk.thebigadsstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 240
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:18:58 GMT
content-type: text/html;charset=UTF-8
referrer-policy: no-referrer-when-downgrade
content-language: en-US
X-Firefox-Spdy: h2
srw.bannerwidget.tech/
50.17.84.136200 OK 0 B IP 50.17.84.136:0
POST / HTTP/1.1
Host: srw.bannerwidget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 206
Origin: https://lnk.clickadsolutions.com
Connection: keep-alive
Referer: https://lnk.clickadsolutions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:18:58 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
X-Firefox-Spdy: h2