r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Mon, 05 Dec 2022 23:21:24 GMT
Date: Mon, 05 Dec 2022 20:39:07 GMT
Connection: keep-alive
mkkuei4kdsz.com/887/120.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/887/120.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /887/120.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 05 Dec 2022 20:39:07 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2230
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:07 GMT
Last-Modified: Mon, 05 Dec 2022 20:01:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 20:18:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1237
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6092
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 20:39:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bZlwbmwXuccBNDSMJgv5wGlbl+7LPeO/nLUcXRBdHPUUb0G4O7vk8TMZv0X1bvOKANZk30GGMj2Kz2+/l1Cdkw==
x-amz-request-id: 3YW9K12E7YVT9DXA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:46:48 GMT
age: 3139
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:39:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6514
Cache-Control: max-age=92070
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:07 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 22:13:37 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15716451
expires: Sat, 25 Nov 2023 20:39:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKspobWVRpukDmBqslPhJlbpB5QcvTPnSIuV563R1nKCa914Z25HtB33KfT8cLLJFYDAOGd7CCk5g0bDzBxLZiZ%2B17axd5LWi%2B%2FGPYBE6GmHOUwlQNkE3dJ%2FV83R4ev5c8K%2BUoH6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774f96e0da46b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6514
Cache-Control: max-age=92070
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:07 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 22:13:37 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b1a840eba42dcfa72d3e2786ba2dd4f5
8517a73f72784c64445274c47c7a5b3adb50bdb4
8e3c803c1a2287f39f626151d6293ad860f15aafb2e004beb589205b0b92219e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8E3C803C1A2287F39F626151D6293AD860F15AAFB2E004BEB589205B0B92219E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5250
Expires: Mon, 05 Dec 2022 22:06:37 GMT
Date: Mon, 05 Dec 2022 20:39:07 GMT
Connection: keep-alive
mkkuei4kdsz.com/favicon.ico
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/887/120.html
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 05 Dec 2022 20:39:07 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 20:08:58 GMT
cache-control: public,max-age=3600
age: 1810
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/887/120.html
172.67.68.176200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/887/120.html
IP 172.67.68.176:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/887/120.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:08 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FebUv7ZXEWDwcHus5nFu46Qvh4U%2FG8e%2BnzW9cxel09EVCPRkru519Tgx79uqmpEEVnzgVY8gzlMXacN3nkaI4QjQR3RSg%2Fd4rxN8qx6zdlTd3BWP9AgNXmpJ1RaovkSCyH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f96e1eb9db521-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2214
Cache-Control: max-age=133478
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:08 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:43:46 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.24.78.9101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.24.78.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J3Y57WS4mTLA+vhahFXVhg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hjWnmmbLl+qZepnpLOxD6XKzwGs=
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Hash 5ed6b79b1414d3c86473609b8a5af0d2
4fa765bf07ac88a362ecded4a5dd3766c6f0d74d
6764788e07c01888b84c9448250393c711bed437707235971978245b458fc15a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Mon, 05 Dec 2022 20:39:09 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Mon, 05 Dec 2022 20:39:08 GMT
x-cache-miss-from: parking-d7dbd8c4d-5wc8k
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:39:09 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Mon, 12 Dec 2022 20:39:09 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 84e41c24b9ab9608887d4a3b1a8dd762
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI3Mjc0OTE2MTM5MzdhMWFmMGJiYzFmMTNjZTUwNTQwNTQ0NmZj&crc=18ac01ed8b9ab2574cbea84811d8376c3543f96a&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI3Mjc0OTE2MTM5MzdhMWFmMGJiYzFmMTNjZTUwNTQwNTQ0NmZj&crc=18ac01ed8b9ab2574cbea84811d8376c3543f96a&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI3Mjc0OTE2MTM5MzdhMWFmMGJiYzFmMTNjZTUwNTQwNTQ0NmZj&crc=18ac01ed8b9ab2574cbea84811d8376c3543f96a&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Mon, 05 Dec 2022 20:39:09 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-4r7pb
server: NginX
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjP0smD2rWv0_0&v=YzQxNTVlYzFjNWQ4ZjE0OGNkMzFmYmFmNmFkZWQwZjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZTU2ZWM5ZGFlNzQuOTA5OTc0NTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU1NmVjOWRiMTY4LjM0NDY2ODYwCTE2NzAyNzI3NDkJYWRfNjNfMA==&l=OAk1OGVmN2Y5ZWIzNTk0YzY3YWYyMDQwYTUzYjYwNjE5MgkwCTM1CTAJZmMyNTg1Y2I2YTMzNGNkZTk5NzY0OTQzMTFiYjhhNzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyNzI3NDkJMC4wMDAzODUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjP0smD2rWv0_0&v=YzQxNTVlYzFjNWQ4ZjE0OGNkMzFmYmFmNmFkZWQwZjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZTU2ZWM5ZGFlNzQuOTA5OTc0NTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU1NmVjOWRiMTY4LjM0NDY2ODYwCTE2NzAyNzI3NDkJYWRfNjNfMA==&l=OAk1OGVmN2Y5ZWIzNTk0YzY3YWYyMDQwYTUzYjYwNjE5MgkwCTM1CTAJZmMyNTg1Y2I2YTMzNGNkZTk5NzY0OTQzMTFiYjhhNzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyNzI3NDkJMC4wMDAzODUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjP0smD2rWv0_0&v=YzQxNTVlYzFjNWQ4ZjE0OGNkMzFmYmFmNmFkZWQwZjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZTU2ZWM5ZGFlNzQuOTA5OTc0NTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU1NmVjOWRiMTY4LjM0NDY2ODYwCTE2NzAyNzI3NDkJYWRfNjNfMA==&l=OAk1OGVmN2Y5ZWIzNTk0YzY3YWYyMDQwYTUzYjYwNjE5MgkwCTM1CTAJZmMyNTg1Y2I2YTMzNGNkZTk5NzY0OTQzMTFiYjhhNzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyNzI3NDkJMC4wMDAzODUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Mon, 05 Dec 2022 20:39:09 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 05 Dec 2022 20:39:09 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjP0smD2rWv0_0&v=YzQxNTVlYzFjNWQ4ZjE0OGNkMzFmYmFmNmFkZWQwZjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZTU2ZWM5ZGFlNzQuOTA5OTc0NTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU1NmVjOWRiMTY4LjM0NDY2ODYwCTE2NzAyNzI3NDkJYWRfNjNfMA==&l=OAk1OGVmN2Y5ZWIzNTk0YzY3YWYyMDQwYTUzYjYwNjE5MgkwCTM1CTAJZmMyNTg1Y2I2YTMzNGNkZTk5NzY0OTQzMTFiYjhhNzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyNzI3NDkJMC4wMDAzODUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-d7dbd8c4d-hwmjh
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjP0smD2rWv0_0&v=YzQxNTVlYzFjNWQ4ZjE0OGNkMzFmYmFmNmFkZWQwZjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZTU2ZWM5ZGFlNzQuOTA5OTc0NTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU1NmVjOWRiMTY4LjM0NDY2ODYwCTE2NzAyNzI3NDkJYWRfNjNfMA==&l=OAk1OGVmN2Y5ZWIzNTk0YzY3YWYyMDQwYTUzYjYwNjE5MgkwCTM1CTAJZmMyNTg1Y2I2YTMzNGNkZTk5NzY0OTQzMTFiYjhhNzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyNzI3NDkJMC4wMDAzODUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjP0smD2rWv0_0&v=YzQxNTVlYzFjNWQ4ZjE0OGNkMzFmYmFmNmFkZWQwZjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZTU2ZWM5ZGFlNzQuOTA5OTc0NTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU1NmVjOWRiMTY4LjM0NDY2ODYwCTE2NzAyNzI3NDkJYWRfNjNfMA==&l=OAk1OGVmN2Y5ZWIzNTk0YzY3YWYyMDQwYTUzYjYwNjE5MgkwCTM1CTAJZmMyNTg1Y2I2YTMzNGNkZTk5NzY0OTQzMTFiYjhhNzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyNzI3NDkJMC4wMDAzODUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c2363ef12b9c0abf89be339a5d9337e1
6a0c55a41411725da9bea77867e7a90fdb68625d
de58cde25ccb3b6ada563191a783c77628a97f2ba32a1922678f4fff80ee5e7c
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjP0smD2rWv0_0&v=YzQxNTVlYzFjNWQ4ZjE0OGNkMzFmYmFmNmFkZWQwZjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZTU2ZWM5ZGFlNzQuOTA5OTc0NTEJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGU1NmVjOWRiMTY4LjM0NDY2ODYwCTE2NzAyNzI3NDkJYWRfNjNfMA==&l=OAk1OGVmN2Y5ZWIzNTk0YzY3YWYyMDQwYTUzYjYwNjE5MgkwCTM1CTAJZmMyNTg1Y2I2YTMzNGNkZTk5NzY0OTQzMTFiYjhhNzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyNzI3NDkJMC4wMDAzODUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Mon, 05 Dec 2022 20:39:09 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 05 Dec 2022 20:39:09 GMT
location: http://xml.sedodna.com/click?i=jP0smD2rWv0_0
x-cache-miss-from: parking-d7dbd8c4d-tggpp
server: NginX
xml.sedodna.com/click?i=jP0smD2rWv0_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=jP0smD2rWv0_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=jP0smD2rWv0_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://dipaka-ead.com/zcvisitor/de389272-74dc-11ed-b821-12e705bee7fb/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9604
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:39:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 64395
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 82504
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 82165
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 82590
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 82240
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 34367
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dipaka-ead.com/zcvisitor/de389272-74dc-11ed-b821-12e705bee7fb/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
3.208.247.235200 1.1 kB URL HTTP/1.1 dipaka-ead.com/zcvisitor/de389272-74dc-11ed-b821-12e705bee7fb/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 971130891727ba7f23f7e9814616d8b9
47741fad7029fcba55433f8299b2df91eb9285cd
78380b87725152c950ec9e7d4d5d8c171f270d35e2e377b6797fec48ab5200ed
GET /zcvisitor/de389272-74dc-11ed-b821-12e705bee7fb/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 05 Dec 2022 20:39:10 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: JJPSoAUj
dipaka-ead.com/zcredirect?visitid=de389272-74dc-11ed-b821-12e705bee7fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.208.247.235200 356 B URL HTTP/1.1 dipaka-ead.com/zcredirect?visitid=de389272-74dc-11ed-b821-12e705bee7fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0ee7eaf7e2d7e9f41b410f3669530380
2a4a7a4f210869acd649406b498ca009d0004ebf
3dea6845d5f7003097823f07b70da6e7eea07b7116f09870213b90eb5404017d
GET /zcredirect?visitid=de389272-74dc-11ed-b821-12e705bee7fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/de389272-74dc-11ed-b821-12e705bee7fb/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 05 Dec 2022 20:39:10 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: OzXsCJNu
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fd3734a7e3fb5b355300880e87358a8d
094de452f6902ada77214386b2ae977ed055e16b
10e0eff317372ffa44bcee29d23c4e65ca7a6dc77ae58b67409606404e9740ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10E0EFF317372FFA44BCEE29D23C4E65CA7A6DC77AE58B67409606404E9740EA"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3582
Expires: Mon, 05 Dec 2022 21:38:52 GMT
Date: Mon, 05 Dec 2022 20:39:10 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=porraceous-llama&s3=xray-het-k8eyddjp0l
78.46.197.88200 OK 353 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=porraceous-llama&s3=xray-het-k8eyddjp0l
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (353), with no line terminators
Hash c3b4f29bf07b95651b2792eab40ec57b
ea50dc678f168af248814d5b97e678a59b7904e5
b8194875ed4759c5141c2dd5abbcd76a2ee5b5470f25b965c1e64762a9453261
GET /s/r6?s=623619497&s2=porraceous-llama&s3=xray-het-k8eyddjp0l HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 42d1cdac52693c358da0c3e30c9345e8=f325da3271df30ef31b1d2a3265108530803b61cdd33389823d74736581707a3a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2242d1cdac52693c358da0c3e30c9345e8%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Tue, 06-Dec-2022 20:39:10 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 353
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 20:39:10 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3593b5b70a2eb78f89ea0691317d9c5d
a4a6bbead73743725cad87f8b2ab486de8298f30
48dd695e066b8602411762b2985b2d73faf7052d30ab18ed2970c3d74b5106cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48DD695E066B8602411762B2985B2D73FAF7052D30AB18ED2970C3D74B5106CD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10856
Expires: Mon, 05 Dec 2022 23:40:06 GMT
Date: Mon, 05 Dec 2022 20:39:10 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=porraceous-llama&s3=xray-het-k8eyddjp0l&s5=cf
5.9.110.29200 OK 616 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=porraceous-llama&s3=xray-het-k8eyddjp0l&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Hash dd024f37fff97e062b1b2c304cce665e
8967d3c37f6fecd901906ff6b604af55921ff02a
901ff6830d2754c1627f4776053e140c40cf72b305dcbb82bbaec65a38d58ece
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=porraceous-llama&s3=xray-het-k8eyddjp0l&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:39:10 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: 2a09f8247c8d9d937773ae1579742722=6acff34047fb847989cb4515b4b8cc05bc2df4d5bf1c73bba1b71430985841f4a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%222a09f8247c8d9d937773ae1579742722%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Tue, 06-Dec-2022 20:39:10 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DZVRvbW0rN2MvejdmNlQ5RENzd2tCVDk5UFlnSHEyTWFZaWpvTmpXU2N6ZjlpVEIxZmFFUXZsVloyREp0elEwOFBrQlgySVhUSDUweTZhaHM5Mm9JaXFZOVB6QnNvQkJiWG9BMDRVTHZtL2wvV3AvNUF2SlpyNGEwbTRYMElmS0lPV1plT25WSlZNdmRSbS85Slo1QU5CNHZUYUxSbFlCOHo1bm1yYTFFVWJFejAwdz0%3D%26i%3Dleo_lt0D2KU48_EA%26placementId%3D3c9346bee65ad8de4676673a92c55a34&h=5b64749c0ffc54c4792c5b601c2617d9
5.9.110.29200 OK 544 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DZVRvbW0rN2MvejdmNlQ5RENzd2tCVDk5UFlnSHEyTWFZaWpvTmpXU2N6ZjlpVEIxZmFFUXZsVloyREp0elEwOFBrQlgySVhUSDUweTZhaHM5Mm9JaXFZOVB6QnNvQkJiWG9BMDRVTHZtL2wvV3AvNUF2SlpyNGEwbTRYMElmS0lPV1plT25WSlZNdmRSbS85Slo1QU5CNHZUYUxSbFlCOHo1bm1yYTFFVWJFejAwdz0%3D%26i%3Dleo_lt0D2KU48_EA%26placementId%3D3c9346bee65ad8de4676673a92c55a34&h=5b64749c0ffc54c4792c5b601c2617d9
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash cb6f9dae3a03a93355243060cea19585
9f5e9e84a786d34e4064c236a102fec29703e83a
4e15bcae4b4cf6a4126859895dd0050aff5238f1e4e85806b528c5a608f40097
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DZVRvbW0rN2MvejdmNlQ5RENzd2tCVDk5UFlnSHEyTWFZaWpvTmpXU2N6ZjlpVEIxZmFFUXZsVloyREp0elEwOFBrQlgySVhUSDUweTZhaHM5Mm9JaXFZOVB6QnNvQkJiWG9BMDRVTHZtL2wvV3AvNUF2SlpyNGEwbTRYMElmS0lPV1plT25WSlZNdmRSbS85Slo1QU5CNHZUYUxSbFlCOHo1bm1yYTFFVWJFejAwdz0%3D%26i%3Dleo_lt0D2KU48_EA%26placementId%3D3c9346bee65ad8de4676673a92c55a34&h=5b64749c0ffc54c4792c5b601c2617d9 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 2a09f8247c8d9d937773ae1579742722=6acff34047fb847989cb4515b4b8cc05bc2df4d5bf1c73bba1b71430985841f4a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%222a09f8247c8d9d937773ae1579742722%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:39:11 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b820de7943a1c9a56253dd1af476dd94
c5adc4242ac452aeac015eff52575ca9e820281d
475635b6695de9727ed59e748f096863a5861568e0bcaa2e4211eff80fbbbe45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "475635B6695DE9727ED59E748F096863A5861568E0BCAA2E4211EFF80FBBBE45"
Last-Modified: Sun, 04 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7436
Expires: Mon, 05 Dec 2022 22:43:07 GMT
Date: Mon, 05 Dec 2022 20:39:11 GMT
Connection: keep-alive
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=0bab3711b4c6e5b9a33099629ed25b67c850b9621e18800c5034cc226bbbabfb&custom2=SRdytlITOR16&custom3=false
143.204.55.124200 OK 32 kB URL HTTP/2 api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=0bab3711b4c6e5b9a33099629ed25b67c850b9621e18800c5034cc226bbbabfb&custom2=SRdytlITOR16&custom3=false
IP 143.204.55.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 27e4194fbb33d8144808b9124031a772
c769adb66795eb5f5df3043423606692b1b103ae
ff8115edfc78b5b28746cb6d218749cc42530edc5f882fef1d2a83440bc770c0
GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=0bab3711b4c6e5b9a33099629ed25b67c850b9621e18800c5034cc226bbbabfb&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 31805
x-gravitee-transaction-id: f1c1a266-555d-4e6d-81a2-66555d2e6d5c
x-gravitee-request-id: f1c1a266-555d-4e6d-81a2-66555d2e6d5c
leadid: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670
clickid: 107698148_1670272751475_320502
country: no
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
set-cookie: datadome=2JUvPTfA51_bufurn4cIHghnEZbBv90djnUoSMAcOpCL32W0o2wF1HGlh0e6Okme4OsLXpAeNRC7eFwW49aRBYnXah_PEOr8_bovnCAE1JJ_Q8uJmuXvHfeWRe~zlZc4; Max-Age=31536000; Expires=Tue, 05 Dec 2023 20:39:11 GMT; SameSite=Lax; Path=/; Domain=.kelkoo.net; Secure
kelkooID=a4c6294-184e4039773-1787c; Max-Age=31536000; Expires=Tue, 05 Dec 2023 20:39:11 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
x-datadome: protected
request-time: PT0.017948S
x-robots-tag: noindex,nofollow
referrer-policy: origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Mon, 05 Dec 2022 20:39:11 GMT
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rWGoXsh1j9apRJQvh-ih6WxBOFDxZr7Dq4Bspts4-SSxVOC7MHKyXQ==
X-Firefox-Spdy: h2
dd.kelkoogroup.net/tags.js
65.9.44.68200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 65.9.44.68:0
File type ASCII text, with very long lines (65432)
Hash 1e9601b9f2fcd0d1d742e87fd046749c
88431bfdad7d8be4cf62396a57aebcec0de09827
4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: kelkooID=a4c6294-184e4039773-1787c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 43164
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 15:19:16 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 f59f3000d5bbed733e1102d0cab025be.cloudfront.net (CloudFront), 1.1 3a4d5aad46ae3a82da414d69565389aa.cloudfront.net (CloudFront)
date: Mon, 05 Dec 2022 20:19:34 GMT
cache-control: max-age=3600, public
expires: Mon, 05 Dec 2022 21:19:31 GMT
etag: "33bf8-5edac1cc94a7f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR50-P2, ARN54-C1
x-amz-cf-id: PKNnpdI2O7kMMiEz4UiLo0yVKX9t3P9il6Kf_3bqVC5AcWeg5w9iOQ==
age: 1180
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e5ad4121411ba414363ddb3e423cf8c
fe08cede309cac27b94c7c99975b6cb10eea3036
6d457360466f2b57f859d0aa9c1b919329087d57f455fa6a7e81a93c0260c571
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3872
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:11 GMT
Last-Modified: Mon, 05 Dec 2022 19:34:39 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e5ad4121411ba414363ddb3e423cf8c
fe08cede309cac27b94c7c99975b6cb10eea3036
6d457360466f2b57f859d0aa9c1b919329087d57f455fa6a7e81a93c0260c571
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2649
Cache-Control: max-age=164150
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:11 GMT
Etag: "638e2acc-1d7"
Expires: Wed, 07 Dec 2022 18:15:01 GMT
Last-Modified: Mon, 05 Dec 2022 17:30:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b8ff770ecf4222f59f873d069030e1babf5871a759bafa9e464a7de18fc097ed4b3725da613a08f8dd8f17771f5ff7fb0c323dd77665c14b21a48d017da4f890ed28ad723906a7bdac34ab7ed037adf6e4eaf30edb0a53fa978c18ebca6c38b14add31018e4111abed9c97147e8456bc672cbaae4e0c125689d74ab37c1bc09f5717735cee17ee5f0049d8ad110518717a3b870f9f72db5629ee5f99e680c74914dc2275bbdc72da17fc1bc9b33c794c8f98b40be04d0461889cfc9181d3ac8e69355168872be80ce9477d3cdbb1c0cc012b70ddc47fd37bf&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&clickId=107698148_1670272751475_320502
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b8ff770ecf4222f59f873d069030e1babf5871a759bafa9e464a7de18fc097ed4b3725da613a08f8dd8f17771f5ff7fb0c323dd77665c14b21a48d017da4f890ed28ad723906a7bdac34ab7ed037adf6e4eaf30edb0a53fa978c18ebca6c38b14add31018e4111abed9c97147e8456bc672cbaae4e0c125689d74ab37c1bc09f5717735cee17ee5f0049d8ad110518717a3b870f9f72db5629ee5f99e680c74914dc2275bbdc72da17fc1bc9b33c794c8f98b40be04d0461889cfc9181d3ac8e69355168872be80ce9477d3cdbb1c0cc012b70ddc47fd37bf&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&clickId=107698148_1670272751475_320502
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b8ff770ecf4222f59f873d069030e1babf5871a759bafa9e464a7de18fc097ed4b3725da613a08f8dd8f17771f5ff7fb0c323dd77665c14b21a48d017da4f890ed28ad723906a7bdac34ab7ed037adf6e4eaf30edb0a53fa978c18ebca6c38b14add31018e4111abed9c97147e8456bc672cbaae4e0c125689d74ab37c1bc09f5717735cee17ee5f0049d8ad110518717a3b870f9f72db5629ee5f99e680c74914dc2275bbdc72da17fc1bc9b33c794c8f98b40be04d0461889cfc9181d3ac8e69355168872be80ce9477d3cdbb1c0cc012b70ddc47fd37bf&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&clickId=107698148_1670272751475_320502 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Cookie: kelkooID=a4c6294-184e4039773-1787c; _ga=GA1.2.239388554.1670272748; _gid=GA1.2.1966610024.1670272748
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:39:11 GMT
Request-Time: PT0.002826S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=67
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b8ff770ecf4222f59f873d069030e1babf5871a759bafa9e464a7de18fc097ed4b3725da613a08f8dd8f17771f5ff7fb0c323dd77665c14b21a48d017da4f890ed28ad723906a7bdac34ab7ed037adf6e4eaf30edb0a53fa978c18ebca6c38b14add31018e4111abed9c97147e8456bc672cbaae4e0c125689d74ab37c1bc09f5717735cee17ee5f0049d8ad110518717a3b870f9f72db5629ee5f99e680c74914dc2275bbdc72da17fc1bc9b33c794c8f98b40be04d0461889cfc9181d3ac8e69355168872be80ce9477d3cdbb1c0cc012b70ddc47fd37bf&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&clickId=107698148_1670272751475_320502&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-184e4039773-1787c%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b8ff770ecf4222f59f873d069030e1babf5871a759bafa9e464a7de18fc097ed4b3725da613a08f8dd8f17771f5ff7fb0c323dd77665c14b21a48d017da4f890ed28ad723906a7bdac34ab7ed037adf6e4eaf30edb0a53fa978c18ebca6c38b14add31018e4111abed9c97147e8456bc672cbaae4e0c125689d74ab37c1bc09f5717735cee17ee5f0049d8ad110518717a3b870f9f72db5629ee5f99e680c74914dc2275bbdc72da17fc1bc9b33c794c8f98b40be04d0461889cfc9181d3ac8e69355168872be80ce9477d3cdbb1c0cc012b70ddc47fd37bf&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&clickId=107698148_1670272751475_320502&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-184e4039773-1787c%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b8ff770ecf4222f59f873d069030e1babf5871a759bafa9e464a7de18fc097ed4b3725da613a08f8dd8f17771f5ff7fb0c323dd77665c14b21a48d017da4f890ed28ad723906a7bdac34ab7ed037adf6e4eaf30edb0a53fa978c18ebca6c38b14add31018e4111abed9c97147e8456bc672cbaae4e0c125689d74ab37c1bc09f5717735cee17ee5f0049d8ad110518717a3b870f9f72db5629ee5f99e680c74914dc2275bbdc72da17fc1bc9b33c794c8f98b40be04d0461889cfc9181d3ac8e69355168872be80ce9477d3cdbb1c0cc012b70ddc47fd37bf&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&clickId=107698148_1670272751475_320502&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-184e4039773-1787c%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: kelkooID=a4c6294-184e4039773-1787c; _ga=GA1.2.239388554.1670272748; _gid=GA1.2.1966610024.1670272748
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Date: Mon, 05 Dec 2022 20:39:11 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670
clickId: 107698148_1670272751475_320502
country: no
Location: https://fjellsport.no/?kk=a4c6294-184e4039773-1787c&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.016054S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=1gdCnY5-oLbWq97GF~FzFXl4ntkeQC_ILmh7Knfb2btsr5GVNt73pdM_Rf6oT-HC2dOT1eEU4QDlnURqJ3W-GH7ypxbcyguyRxNjtJyRNI79oCXJoXFH~YC0zP0zoyee; Max-Age=31536000; Expires=Tue, 05 Dec 2023 20:39:11 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=50
Connection: Keep-Alive
Content-Type: text/plain
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash 2539f83412007fff2a2347e7e8967eb7
2bb248db10981c7098b07717737f86bd867db662
32d7ac5befab628b1278eaac38195dc91ac41f58da7f2f950e6165cdfc2029cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127663
Date: Mon, 05 Dec 2022 20:39:11 GMT
Etag: "638da69e-1d7"
Expires: Wed, 07 Dec 2022 08:06:54 GMT
Last-Modified: Mon, 05 Dec 2022 08:06:54 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4ded1750dc7e0bef188a5520fb9fef28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: -sJzzPepHlp1RkieC4cC3XpdPBHycvI7GjslNvb4m14KZUnusDb5wA==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fjellsport.no/?kk=a4c6294-184e4039773-1787c&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
13.49.24.99302 Found 0 B URL HTTP/2 fjellsport.no/?kk=a4c6294-184e4039773-1787c&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
IP 13.49.24.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?kk=a4c6294-184e4039773-1787c&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: fjellsport.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:39:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.fjellsport.no/
server: Apache/2.4.25 (Debian)
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3D0bab3711b4c6e5b9a33099629ed25b67c850b9621e18800c5034cc226bbbabfb%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=239388554.1670272748&tid=UA-168544891-6&_gid=1966610024.1670272748&_r=1&cd1=&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&cd3=7246223&cd4=a4c6294-184e4039773-1787c&cd5=&cd6=%7C7246223%7C&z=750382608
142.250.74.110200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3D0bab3711b4c6e5b9a33099629ed25b67c850b9621e18800c5034cc226bbbabfb%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=239388554.1670272748&tid=UA-168544891-6&_gid=1966610024.1670272748&_r=1&cd1=&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&cd3=7246223&cd4=a4c6294-184e4039773-1787c&cd5=&cd6=%7C7246223%7C&z=750382608
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3D0bab3711b4c6e5b9a33099629ed25b67c850b9621e18800c5034cc226bbbabfb%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=239388554.1670272748&tid=UA-168544891-6&_gid=1966610024.1670272748&_r=1&cd1=&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670272751488_2334670&cd3=7246223&cd4=a4c6294-184e4039773-1787c&cd5=&cd6=%7C7246223%7C&z=750382608 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://api.kelkoogroup.net
date: Mon, 05 Dec 2022 20:39:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c9e6eeb0fcf858388d4ea2906736e3a
a796bb7d99c2c5e5c4dd86b833fee27624ff2050
6b507382b91e7b6f05eac238da2fe41ea202c418bbd9417ad58fe8058a749c9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 968
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:12 GMT
Etag: "638d8637-117"
Last-Modified: Mon, 05 Dec 2022 20:23:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
www.fjellsport.no/
104.18.22.72200 OK 31 kB IP 104.18.22.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (23410)
Hash 90ca22aae8b8e51b3b54bd5d6b4f9995
b167f6bbec70e31d3f82ae8c09cf41002104b67e
d7c5dd52ba080e0ed81dab3b1727f23f437798e2468777e472ea7ce77a19189e
GET / HTTP/1.1
Host: www.fjellsport.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:12 GMT
content-type: text/html; charset=utf-8
cf-ray: 774f96fdde5c1bfa-OSL
age: 104
cache-control: no-store
expires: Tue, 06 Dec 2022 00:39:12 GMT
last-modified: Mon, 05 Dec 2022 20:37:28 GMT
link: </static/runtime.9bcc6d07974d9789f6e2.117.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/main.206f14442aac966def65.117.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/vendors~main.5b7af246f2ce7d5dd4a2.117.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/globals.87ce85a24e10be7d960b.css>; rel="preload"; as="style", </static/static.1e0bc3ed470a45a8fb7e.css>; rel="preload"; as="style", </static/f785bde0ec212bfab70652799e038381.woff2>; rel="preload"; as="font"; crossorigin="anonymous"
vary: Accept-Encoding
cf-cache-status: HIT
request-context: appId=cid-v1:0c613cf3-3219-4402-8e44-accd6521a7dc
x-cache-load-time: 8ms
x-cache-status: REVALIDATING
x-original-cache-control: public, s-maxage=30, stale-while-revalidate=900, stale-if-error=1800
x-original-date: Mon, 05 Dec 2022 20:37:28 GMT
x-worker-time: 8ms
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 2.6 kB IP 142.250.74.131:0
Hash 1ba871df9be7528198fba334bbde82e9
8e434b9ec42fc402efd30835d8e5c54cf98f4767
cd2ee9a234011c7db2255318e99f22448644404fc4939dada9527a64c4d6f298
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54b66b098ae06a7eac7344b2203df698
cafe6d7a0718f771111a4b7b2725ccc51f81681e
9b2f9961c81ad999a010edde19710f00711402979e707d7578abb503fe035501
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5596
Cache-Control: max-age=158814
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:12 GMT
Etag: "638e0a73-1d7"
Expires: Wed, 07 Dec 2022 16:46:06 GMT
Last-Modified: Mon, 05 Dec 2022 15:12:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtm.js?id=GTM-TP3749N
142.250.74.168200 OK 90 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TP3749N
IP 142.250.74.168:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7b0cc4f8afcca1904f076e049ce420f0
6ec3f3e69594369375477469cc74e9176f1a2ccd
ea616633ae325bd54af77b947066cf7301ef4000d686cf436e1fb0dbbc354f83
GET /gtm.js?id=GTM-TP3749N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 20:39:12 GMT
expires: Mon, 05 Dec 2022 20:39:12 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88084
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54b66b098ae06a7eac7344b2203df698
cafe6d7a0718f771111a4b7b2725ccc51f81681e
9b2f9961c81ad999a010edde19710f00711402979e707d7578abb503fe035501
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5596
Cache-Control: max-age=158814
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:12 GMT
Etag: "638e0a73-1d7"
Expires: Wed, 07 Dec 2022 16:46:06 GMT
Last-Modified: Mon, 05 Dec 2022 15:12:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdn.livechatinc.com/tracking.js
95.101.10.171200 OK 29 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 245600cc88f71c04cc31b246eb36b776
d440280b6e5b466966a8bef31d5a390fd38b37dd
86d19a4faceeeccc7e2e3ec08374cb627f3b1bc0a35b493e996844b03d404c95
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:42 GMT
x-amz-version-id: XiT9l9I6GGKdmfwcYLWex5TUwoVUOWV5
server: AmazonS3
content-encoding: br
etag: W/"72abe41f23b1a5d3b25350cc7025a805"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: bwIR4_UDSxo-vPVaAaGQ3o-EOTZssKr9kEeOGJqAlkMVRfQ61Rcw1Q==
content-length: 26062
cache-control: max-age=28800
expires: Tue, 06 Dec 2022 04:39:12 GMT
date: Mon, 05 Dec 2022 20:39:12 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
151.101.86.248200 OK 84 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 84088, version 1.66\012- data
Hash f7b12903dd7a2d536ceb2b7cd1dba2c1
82d12ab89c971973141475ecbefa5da97ad57195
3760e89dfff6078afcdc5404e4735e266a4799babd9fa853ff388c702e992c5f
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84027
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: "f7b12903dd7a2d536ceb2b7cd1dba2c1"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 12726140
X-Served-By: cache-ord1745-ORD, cache-chi-kigq8000169-CHI, cache-bma1654-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 39649
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.101200 OK 1.5 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.101:0
File type ASCII text, with very long lines (858), with no line terminators
Hash e6909e3a98c28fe5eb2bec16a1cd0cc8
b84fa1ffe0f54be8d6dcb1becb2d44534db76517
973b21f2e1240b975bcdfa8643f47783be767cdc774e7d981ebf6e2681792001
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I8pEoya-5QPaWTyRKC2eJT12VPyhK50dzKUtssR99t5u_blfRyEEdA==
age: 1063747
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
151.101.86.248200 OK 87 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 87350, version 1.66\012- data
Hash db1a27b35e26398fef4be920ea96078d
436a76d889fe34eaf1c213447d3d94a5dc3adedd
847a8377ef2e424408f08c04f34697edd3ceca9f8a6455678493dd69e5d0bd47
GET /fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 87344
Last-Modified: Thu, 19 May 2022 07:59:23 GMT
ETag: "db1a27b35e26398fef4be920ea96078d"
x-goog-generation: 1652947162999500
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 87344
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 13171241
X-Served-By: cache-ord1746-ORD, cache-chi-klot8100076-CHI, cache-bma1626-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 30925
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.86.248200 OK 90 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 89536, version 1.66\012- data
Hash 216b12b5a9657850b1b324e158454f8e
b02b14e1ed70d323167efa295ceb8ba156a37fab
81c0ae5eb7c7ea1bca274d51be67818e3f2577e63c9f2ee766b20e8964335db9
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89529
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: "216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 7350791
X-Served-By: cache-chi-kigq8000140-CHI, cache-bma1651-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 146977
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
151.101.86.248200 OK 86 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
IP 151.101.86.248:0
File type Web Open Font Format (Version 2), TrueType, length 85622, version 1.66\012- data
Hash 0e196bce574e01f42fc686e3e6dc4f76
330b633667a9533638955e725e53a760904170eb
94591008ecb9d40b575e52b72bd30dc31bab0b064ba132766fb80f95f85d27aa
GET /fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 85585
Last-Modified: Thu, 19 May 2022 07:59:22 GMT
ETag: "0e196bce574e01f42fc686e3e6dc4f76"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 13171242
X-Served-By: cache-ord1740-ORD, cache-chi-kigq8000179-CHI, cache-bma1672-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 154357
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
open.spotifycdn.com/cdn/generated-locales/embed/en.29c44fb2.json
151.101.86.249200 OK 1.1 kB URL HTTP/1.1 open.spotifycdn.com/cdn/generated-locales/embed/en.29c44fb2.json
IP 151.101.86.249:0
Hash 5d155b58648839b96e04fd9f04420f7e
e95e67c24745fe4198342e2a1cb66640acbfd68d
f40b981e3a53b747c617625b6ee79dfc382bf09a46d4ebe927a64dfbc8ebe24d
GET /cdn/generated-locales/embed/en.29c44fb2.json HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 787
Last-Modified: Mon, 28 Nov 2022 10:17:48 GMT
ETag: "f57f67fc530f2a44773d8334d2dd4c0f"
x-goog-generation: 1669630668582813
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 787
Content-Type: application/json
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 641826
X-Served-By: cache-chi-klot8100158-CHI, cache-bma1639-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 56, 113
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
open.spotifycdn.com/cdn/build/embed/vendor~embed.6be60370.css
151.101.86.249200 OK 986 B URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed/vendor~embed.6be60370.css
IP 151.101.86.249:0
File type ASCII text, with very long lines (8973), with no line terminators
Hash 39a0174cdd7c50425083a2e6bff8c6a4
e29b8f814712215e08857dee1eed008d12cdb200
1dd80bd71dfd3edc5807c2ec9c1e37ee57c3ed72225879e31f16388b178c3a2f
GET /cdn/build/embed/vendor~embed.6be60370.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 986
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "39a0174cdd7c50425083a2e6bff8c6a4"
x-goog-generation: 1658745142492300
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 986
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 11527388
X-Served-By: cache-chi-kigq8000077-CHI, cache-bma1628-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 88928
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9240310&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__5sysmg7isfu
95.101.10.171200 OK 272 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9240310&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__5sysmg7isfu
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 2d7f4ae1ebf4ed9da6fb92475ca9cd11
2d32b27998b402d8f7832419a18dbd506baf9b3c
95e3879a23e198b0f97e0404a7a40ee565a0a94426a8661b970acd733094958d
GET /v3.3/customer/action/get_dynamic_configuration?license_id=9240310&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__5sysmg7isfu HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://www.fjellsport.no/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://www.fjellsport.no/
content-length: 272
date: Mon, 05 Dec 2022 20:39:13 GMT
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed/embed.e9e4d34c.js
151.101.86.249200 OK 51 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed/embed.e9e4d34c.js
IP 151.101.86.249:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash f79a35c82cfadba5ed623e4f8bd40ec7
ac01984b26c31aef71dfb4f11c0840e4e174f419
318a5e52a5eb1d7072112c7fc0305a6d977188b9bb6d830b5674e74a142e0198
GET /cdn/build/embed/embed.e9e4d34c.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 51244
Last-Modified: Mon, 05 Dec 2022 19:35:50 GMT
ETag: "f79a35c82cfadba5ed623e4f8bd40ec7"
x-goog-generation: 1670268950585531
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 51244
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 3547
X-Served-By: cache-chi-klot8100154-CHI, cache-bma1661-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 31, 429
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
151.101.86.248200 OK 73 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP 151.101.86.248:0
Hash 3a44175c8de3dd4ab2da0641cc8033e4
272165fc4441ee6887ba7f735b3cf194fb0df93f
3b0af57fe7f27ad8730dae8ea5094d417e466692d40b01a5959b3027445d5d11
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84027
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: "f7b12903dd7a2d536ceb2b7cd1dba2c1"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:12 GMT
Age: 12726139
X-Served-By: cache-ord1745-ORD, cache-chi-kigq8000169-CHI, cache-bma1651-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 146789
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
open.spotifycdn.com/cdn/build/embed/embed.53f841f2.css
151.101.86.249200 OK 14 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed/embed.53f841f2.css
IP 151.101.86.249:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 3ceb22d974343103c1a99c4fbf253f50
cb7bb5d0ba9e4fffdc3b81213a99639883444266
85df17530a035d637627b5f45129a4f5c7c18a84f7c7d5a93d48ef9eee3a313b
GET /cdn/build/embed/embed.53f841f2.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 14415
Last-Modified: Fri, 02 Dec 2022 18:01:54 GMT
ETag: "3ceb22d974343103c1a99c4fbf253f50"
x-goog-generation: 1670004114067675
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 14415
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 268428
X-Served-By: cache-chi-klot8100145-CHI, cache-bma1628-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 5, 9957
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9240310&version=a2fb162d3655d456397b7117a50bebbc_75ad11d2d1c3176be554a3e49bc118fc&language=nb&group_id=1&jsonp=__lc_localization
95.101.10.171200 OK 4.2 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9240310&version=a2fb162d3655d456397b7117a50bebbc_75ad11d2d1c3176be554a3e49bc118fc&language=nb&group_id=1&jsonp=__lc_localization
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11461), with no line terminators
Hash f1d9abdb05feec4e468c300b7cca511f
eb0a86be2872bd34a1b27e7c3917b2aaefc6e166
6567906c9f21c2e77d3160eef4281fa139ebc0814074cf310342b411fed5947a
GET /v3.3/customer/action/get_localization?license_id=9240310&version=a2fb162d3655d456397b7117a50bebbc_75ad11d2d1c3176be554a3e49bc118fc&language=nb&group_id=1&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=521
expires: Mon, 05 Dec 2022 20:47:54 GMT
date: Mon, 05 Dec 2022 20:39:13 GMT
content-length: 4202
X-Firefox-Spdy: h2
i.scdn.co/image/ab67656300005f1f8eb9a0586fce67a1bbb30fcf
151.101.86.248200 OK 28 kB URL HTTP/1.1 i.scdn.co/image/ab67656300005f1f8eb9a0586fce67a1bbb30fcf
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7065cbc20c021e1319a5a82c9d11898b
c4a7b3b4f83cdada58dd39d965012ad2341a2fef
b523c2e7cae7359eea1fa6c9040ad1b32e8c9fda51cedd0294241bb7aeddc8aa
GET /image/ab67656300005f1f8eb9a0586fce67a1bbb30fcf HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 27858
Last-Modified: Fri, 11 Nov 2022 10:52:49 GMT
ETag: "7065cbc20c021e1319a5a82c9d11898b"
x-goog-generation: 1668163969230748
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 27858
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 292614
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000059-CHI, cache-bma1634-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 6
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
open.spotifycdn.com/cdn/build/embed/vendor~embed.cb2c768d.js
151.101.86.249200 OK 69 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed/vendor~embed.cb2c768d.js
IP 151.101.86.249:0
Hash 6f3e85a9867f8c1e87f393ee1344782f
9a3e0b1e33cd0bca903fbdb82e43aa71ec23d165
80cf78eadecdac25834fa2be80c9a96f5eba43069c0295d800ec8d14123f7fba
GET /cdn/build/embed/vendor~embed.cb2c768d.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 298444
Last-Modified: Tue, 29 Nov 2022 12:06:21 GMT
ETag: "4fa8712b092adc4725983130b1893e41"
x-goog-generation: 1669723581139080
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 298444
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 548817
X-Served-By: cache-chi-kigq8000025-CHI, cache-bma1673-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 60, 96
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
secure.livechatinc.com/customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0
95.101.10.171200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Mon, 05 Dec 2022 20:39:13 GMT
content-length: 2558
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
95.101.10.171200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash 59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c
GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KRZ5qY3S6wWN4VNRccKoF7BePVPI3Don6q8brFnES9YRVMRNFa6dUg==
content-length: 14934
cache-control: max-age=31536000
expires: Tue, 05 Dec 2023 20:39:13 GMT
date: Mon, 05 Dec 2022 20:39:13 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
95.101.10.171200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 524812952e0af015a7b1f7621b66446d
52de20770b835fc95c42ee8fb8c929ce889f1f41
9c6a9bc16e05afce31697dd6ef2530653501be1ea8af90e1905d9949d014a9ba
GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 3z0MqrtYJwDVzlpO1T2r-MCn1qEvKCP5UEkGrywqDO42yfk2tNbFgw==
content-length: 66502
cache-control: max-age=31536000
expires: Tue, 05 Dec 2023 20:39:13 GMT
date: Mon, 05 Dec 2022 20:39:13 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a96568eb8b64c9a7f14ed261eeb154c
e1f77bf90c9918366262652921ba75d0d01a8665
09d2f1f31fdeb96697b4168f81624bc65647c0038cd3e57ff5ec00c0b0a8b73c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09D2F1F31FDEB96697B4168F81624BC65647C0038CD3E57FF5EC00C0B0A8B73C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4481
Expires: Mon, 05 Dec 2022 21:53:54 GMT
Date: Mon, 05 Dec 2022 20:39:13 GMT
Connection: keep-alive
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
95.101.10.171200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Tue, 05 Dec 2023 20:39:13 GMT
date: Mon, 05 Dec 2022 20:39:13 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
95.101.10.171200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Tue, 05 Dec 2023 20:39:13 GMT
date: Mon, 05 Dec 2022 20:39:13 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.20.0
34.120.195.249200 OK 2 B URL HTTP/2 o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.20.0
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.20.0 HTTP/1.1
Host: o22381.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 432
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:39:13 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a96568eb8b64c9a7f14ed261eeb154c
e1f77bf90c9918366262652921ba75d0d01a8665
09d2f1f31fdeb96697b4168f81624bc65647c0038cd3e57ff5ec00c0b0a8b73c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09D2F1F31FDEB96697B4168F81624BC65647C0038CD3E57FF5EC00C0B0A8B73C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4481
Expires: Mon, 05 Dec 2022 21:53:54 GMT
Date: Mon, 05 Dec 2022 20:39:13 GMT
Connection: keep-alive
open.spotifycdn.com/cdn/build/embed/spotify_player_o.36a0cebb.js
151.101.86.249200 OK 8.1 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed/spotify_player_o.36a0cebb.js
IP 151.101.86.249:0
File type ASCII text, with very long lines (30313)
Hash 4f81ae04f14838edb8dd20220492c985
a9e9d846424c6aeda567b575cf4983b441c73c24
da1c5ea265d496f77f5cd5744b657ef77224c1605f2e8118bfbfe365f42db119
GET /cdn/build/embed/spotify_player_o.36a0cebb.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 8148
Last-Modified: Thu, 01 Dec 2022 12:53:04 GMT
ETag: "4f81ae04f14838edb8dd20220492c985"
x-goog-generation: 1669899184302508
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8148
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 368542
X-Served-By: cache-chi-kigq8000071-CHI, cache-bma1661-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 134, 13248
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
open.spotifycdn.com/cdn/build/embed/347.c90bba38.js
151.101.86.249200 OK 52 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed/347.c90bba38.js
IP 151.101.86.249:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 82ca94c9356982c11f2b21e7884b55bb
68ce7103cd917520648985e4fd996a6364fb439c
12ea91064c49167a9d9d8af1455264f18acc27f2793b9e1fd67b8686a1d969de
GET /cdn/build/embed/347.c90bba38.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 51990
Last-Modified: Tue, 29 Nov 2022 12:06:21 GMT
ETag: "82ca94c9356982c11f2b21e7884b55bb"
x-goog-generation: 1669723581072408
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 51990
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:13 GMT
Age: 548818
X-Served-By: cache-chi-klot8100132-CHI, cache-bma1673-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 14, 19074
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 110 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b97c4bcca83f3ba4ab73b7fb46502868
30e6085561396224af3b2cbafde6d40b345c6a34
570c3465fc1aca594c89c74bc04cb36b99d8f55add9c005f042b883307271367
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Mon, 05 Dec 2022 20:39:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.kk-resources.com/leadtag.js
108.157.229.109200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 108.157.229.109:0
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 83adf4de-41d4-4255-adf4-de41d47255ce
X-Gravitee-Request-Id: 83adf4de-41d4-4255-adf4-de41d47255ce
Request-Time: 7
Accept-Ranges: bytes
Last-Modified: Tue, 12 Jul 2022 13:48:05 GMT
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 20:01:38 GMT
Cache-Control: public, max-age=3600
ETag: "01eb894c46b26432f1c6dc225e35b2f1bfc24a0c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 3130c9b603e4215bb05d32cd39e3843c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: bgeF_DKC0WMXiYE6Fxti0ZfbIXJf7D0oD3Ctf-bOcAu-W1zEEgZR_w==
Age: 2256
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Mon, 05 Dec 2022 20:39:14 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Mon, 05 Dec 2022 20:39:14 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
11203568.fls.doubleclick.net/activityi;src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F?
142.250.74.38200 OK 240 B URL HTTP/2 11203568.fls.doubleclick.net/activityi;src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (456), with no line terminators
Hash 9bbb623fcf5db4bd006914b45819317f
049245ebea5743dc730a7def71e4b07eaf14cf92
f6676bb08fdeae4c3670d0fa1c348242e51e2d090520921d13dc9360c91ab5b3
GET /activityi;src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F? HTTP/1.1
Host: 11203568.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 20:39:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 240
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 20:54:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
142.250.74.34200 OK 240 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (455), with no line terminators
Hash 1a3ae443bec006dec9aee410433eb912
d077fd2998aaded5624de006e6fcde5cfe3ae625
e20ba5426c1b4469b4156224bd5f787674af0e8c2266a61b1d2fd78cce64210b
GET /ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11203568.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 20:39:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 1057
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 20:39:14 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 858
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 20:39:14 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.livechatinc.com/customer/token
95.101.10.171200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash c5ebf84a45e8188e1ce5cbd06e53c881
9dd4253f5f297499daece4d6afcae148bcc8d470
0e3d40f825aa14168db580118280937b0270961cf3502f25e7d5373554f5879d
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 189
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Mon, 05 Dec 2022 20:39:14 GMT
set-cookie: __lc_cid=61d55cdc-767a-4f54-7ea6-a929cd2ea4d1; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 05 Dec 2024 20:39:14 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=64801a641a95b231bf423bfa1bc44e9467cbf7658fbee0878344848d9f70c2bfa5be3ea40573a7e26323006db047ea405e03e6d7e27b7130c0d82738dac5; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 05 Dec 2024 20:39:14 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=61d55cdc-767a-4f54-7ea6-a929cd2ea4d1; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 05 Dec 2024 20:39:14 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=64801a641a95b231bf423bfa1bc44e9467cbf7658fbee0878344848d9f70c2bfa5be3ea40573a7e26323006db047ea405e03e6d7e27b7130c0d82738dac5; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 05 Dec 2024 20:39:14 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1670272784&tag=152b76228431a8fbdd92ba76b55ded36e9e25123; Path=/; Expires=Mon, 05 Dec 2022 20:39:44 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2079
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Last-Modified: Mon, 05 Dec 2022 20:04:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 18:41:08 GMT
expires: Mon, 05 Dec 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 7086
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=303EA4C7AE2764B503D3B6B6AFD265D4; domain=.bing.com; expires=Sat, 30-Dec-2023 20:39:14 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DAF5215A759040AC8E9BF98DA02AFB72 Ref B: OSL30EDGE0521 Ref C: 2022-12-05T20:39:14Z
date: Mon, 05 Dec 2022 20:39:13 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: max-age=153281
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:13:55 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=3012777046566;gtm=2wgbu0;auiddc=1346785463.1670272750;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 20:39:14 GMT
expires: Mon, 05 Dec 2022 20:39:14 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fQf5zKd5YcMoUPmbu5cHZVTtvrFct7ipFQaN9RFmjeRkbpHDzx9cTW6QRybX5Mral7byHOzFIhvu0WM5pAVqbw==
content-length: 27340
x-fb-trip-id: 1904183273
date: Mon, 05 Dec 2022 20:39:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: max-age=153281
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:14 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:13:55 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
static.criteo.net/js/ld/ld.js
178.250.2.130200 OK 15 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.2.130:0
Hash 7185b520f4c4a84a75354f253bd06b3d
41d72657d9b4e0c0bcc73bf173f76af08b00acdb
66947c36ee5e90e25d99a4f0e0177834a71ae3beaea2a9e32a83ab6af10656ca
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:39:14 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Tue, 06 Dec 2022 20:39:14 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/check_goals?license_id=9240310
95.101.10.171200 OK 0 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/check_goals?license_id=9240310
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v3.3/customer/action/check_goals?license_id=9240310 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type
access-control-allow-origin: https://secure.livechatinc.com
vary: Accept-Encoding
content-length: 0
date: Mon, 05 Dec 2022 20:39:15 GMT
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 931
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 20:39:14 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5820557&tm=gtm002&Ver=2&mid=6ad600b9-a438-46ab-b2f1-acb42682f6f3&sid=e041a06074dc11edb24da31256e4ff87&vid=e041a87074dc11edad40d37a475e2a3f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=2542&evt=pageLoad&sv=1&rn=733181
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5820557&tm=gtm002&Ver=2&mid=6ad600b9-a438-46ab-b2f1-acb42682f6f3&sid=e041a06074dc11edb24da31256e4ff87&vid=e041a87074dc11edad40d37a475e2a3f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=2542&evt=pageLoad&sv=1&rn=733181
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5820557&tm=gtm002&Ver=2&mid=6ad600b9-a438-46ab-b2f1-acb42682f6f3&sid=e041a06074dc11edb24da31256e4ff87&vid=e041a87074dc11edad40d37a475e2a3f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=2542&evt=pageLoad&sv=1&rn=733181 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0844B078CD266BAC0A73A209CCD36A9D; domain=.bing.com; expires=Sat, 30-Dec-2023 20:39:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91FB873735294F41A7DBFF08D8E64150 Ref B: OSL30EDGE0521 Ref C: 2022-12-05T20:39:15Z
date: Mon, 05 Dec 2022 20:39:14 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/5820557.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5820557.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5820557.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=2B245BE59BDD6BB10EB049949A286AE7; domain=.bing.com; expires=Sat, 30-Dec-2023 20:39:15 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD07BEA70A40450097E05669A55AFE16 Ref B: OSL30EDGE0521 Ref C: 2022-12-05T20:39:15Z
date: Mon, 05 Dec 2022 20:39:14 GMT
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 955
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 20:39:14 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1379067-1&cid=1196731414.1670272752&jid=76944637&gjid=1942154159&_gid=563491577.1670272752&_u=YCDAgEABAAAAAEgCI~&z=1881988483
173.194.222.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1379067-1&cid=1196731414.1670272752&jid=76944637&gjid=1942154159&_gid=563491577.1670272752&_u=YCDAgEABAAAAAEgCI~&z=1881988483
IP 173.194.222.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1379067-1&cid=1196731414.1670272752&jid=76944637&gjid=1942154159&_gid=563491577.1670272752&_u=YCDAgEABAAAAAEgCI~&z=1881988483 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.fjellsport.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 20:39:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/check_goals?license_id=9240310
95.101.10.171200 OK 2 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/check_goals?license_id=9240310
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v3.3/customer/action/check_goals?license_id=9240310 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer dal:6q9FMxdkQ_iro6OwixUQRw
Content-Length: 74
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
content-type: application/json
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 2
date: Mon, 05 Dec 2022 20:39:15 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1670272752438&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670272752436.1686871491&it=1670272752280&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1670272752438&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670272752436.1686871491&it=1670272752280&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1670272752438&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670272752436.1686871491&it=1670272752280&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 05 Dec 2022 20:39:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash df6a1aaea058311c1166e483d7152460
dfe0a3b792ad95be7daf19f44f2edfe03e42bebe
8da4ee56739b4ef3d5e325c637a2255401195583ad8d85363b07e7b346b829ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1989
Cache-Control: max-age=164231
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Etag: "638e2db5-138"
Expires: Wed, 07 Dec 2022 18:16:26 GMT
Last-Modified: Mon, 05 Dec 2022 17:43:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
IP 178.250.0.157:0
Hash 4b17116c74daeff5c56d486aba3370bf
acce0083da9d10e36b9ce130fac1923eae1d91dc
d51c968cd60daa85fdbfb47fee4bda472475a160f84d3ba1ad71d275a3f71bdf
GET /syncframe?topUrl=www.fjellsport.no&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=e27207ea-f85d-4fd6-9eb9-ee270f3f25b2; expires=Sat, 30 Dec 2023 20:39:14 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 852701
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1379067-1&cid=1196731414.1670272752&jid=76944637&_u=YCDAgEABAAAAAEgCI~&z=100216396
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1379067-1&cid=1196731414.1670272752&jid=76944637&_u=YCDAgEABAAAAAEgCI~&z=100216396
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1379067-1&cid=1196731414.1670272752&jid=76944637&_u=YCDAgEABAAAAAEgCI~&z=100216396 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 20:39:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:14 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=5RTGFV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFEUWJNeCUyQjdKYWtLUWRpT2VJcmdCSUdubnBjVlFwSXIlMkJCb0pVYzVlRkx0; expires=Sat, 30 Dec 2023 20:39:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 218054
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-8LCQQ72GE4>m=2oebu0&_p=333608136&cid=1196731414.1670272752&ul=en-us&sr=1280x1024&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1670272751&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-8LCQQ72GE4>m=2oebu0&_p=333608136&cid=1196731414.1670272752&ul=en-us&sr=1280x1024&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1670272751&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8LCQQ72GE4>m=2oebu0&_p=333608136&cid=1196731414.1670272752&ul=en-us&sr=1280x1024&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1670272751&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.fjellsport.no
date: Mon, 05 Dec 2022 20:39:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2a40dc5f613c39bb08e452d5e9e5e1d5
eef03a46d8b2005e339837e5cea6b74003e988dd
2988d82dbcb3f62b84a6f7625dacaec5f9ca55cb2b8160785d4507a53cfcfd31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2160
Cache-Control: max-age=136661
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Etag: "638dc158-139"
Expires: Wed, 07 Dec 2022 10:36:56 GMT
Last-Modified: Mon, 05 Dec 2022 10:00:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2a40dc5f613c39bb08e452d5e9e5e1d5
eef03a46d8b2005e339837e5cea6b74003e988dd
2988d82dbcb3f62b84a6f7625dacaec5f9ca55cb2b8160785d4507a53cfcfd31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2160
Cache-Control: max-age=136661
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Etag: "638dc158-139"
Expires: Wed, 07 Dec 2022 10:36:56 GMT
Last-Modified: Mon, 05 Dec 2022 10:00:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2cd4e561f1ad90375522bec33bb9c57
94ec018dc1991d5d0b00c2b99c1d52c873ce2d7c
d34d6f434bebd00c1026fdaa7cb7b3fd2c514d681cb7fddfc0627014b9bd7eee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D34D6F434BEBD00C1026FDAA7CB7B3FD2C514D681CB7FDDFC0627014B9BD7EEE"
Last-Modified: Mon, 05 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20069
Expires: Tue, 06 Dec 2022 02:13:44 GMT
Date: Mon, 05 Dec 2022 20:39:15 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-py6W3uPtd12UTjg7uREmtnaGsQCEcP8ZY1Ypjw
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-py6W3uPtd12UTjg7uREmtnaGsQCEcP8ZY1Ypjw
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-py6W3uPtd12UTjg7uREmtnaGsQCEcP8ZY1Ypjw HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2cd4e561f1ad90375522bec33bb9c57
94ec018dc1991d5d0b00c2b99c1d52c873ce2d7c
d34d6f434bebd00c1026fdaa7cb7b3fd2c514d681cb7fddfc0627014b9bd7eee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D34D6F434BEBD00C1026FDAA7CB7B3FD2C514D681CB7FDDFC0627014B9BD7EEE"
Last-Modified: Mon, 05 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20069
Expires: Tue, 06 Dec 2022 02:13:44 GMT
Date: Mon, 05 Dec 2022 20:39:15 GMT
Connection: keep-alive
ag.gbc.criteo.com/newidsd
178.250.6.247200 OK 510 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.247:0
Hash ff972afa0ea40248de5ba99e586128a3
1e28b4ce06c76becd4bd0a60e85ab6ed0b951de3
6d127166e0dfccd3933161af99761143e99d8e80cda7941d7a11c702ff65dabc
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 118180
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:39:15 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 1008760
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-J821buPtd12UTjg7uREmtnaGsQDtazvIXzXqJA
2.18.172.23200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-J821buPtd12UTjg7uREmtnaGsQDtazvIXzXqJA
IP 2.18.172.23:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-J821buPtd12UTjg7uREmtnaGsQDtazvIXzXqJA HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3132743553580240000V10; Expires=Tue, 05 Dec 2023 20:39:15 GMT; domain=.media.net; Path=/;
data-c-ts=1670272755;Expires=Wed, 04 Jan 2023 20:39:15 GMT;path=/;domain=.media.net;
data-c=k-J821buPtd12UTjg7uREmtnaGsQDtazvIXzXqJA~~3;Expires=Wed, 04 Jan 2023 20:39:15 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Mon, 05 Dec 2022 20:39:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 20:39:15 GMT
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MNHH7ePtd12UTjg7uREmtnaGsQB0zxPQEi8qcw
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MNHH7ePtd12UTjg7uREmtnaGsQB0zxPQEi8qcw
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-MNHH7ePtd12UTjg7uREmtnaGsQB0zxPQEi8qcw HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:39:15 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-MNHH7ePtd12UTjg7uREmtnaGsQB0zxPQEi8qcw&C=1
cf-ray: 774f97140c23b527-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y45W86UsHI.5wsclPfmPiQAA; Path=/; Domain=casalemedia.com; Expires=Tue, 05 Dec 2023 20:39:15 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=689; Path=/; Domain=casalemedia.com; Expires=Sun, 05 Mar 2023 20:39:15 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=689; Path=/; Domain=casalemedia.com; Expires=Sun, 05 Mar 2023 20:39:15 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY%2BOe8KrMgMLOtlvRWsQQLQctUHVF5qtjASl83smmef4LOsBJc%2Bz7FK14EpfJeKu6xfMAPFaQDgfKHQlY3WcGcML%2Bkc6Dr5ssptuiyHEbAge8RTY4Q0J%2BcvdYGnV0MIgyoJ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_cm&google_hm=ay1RdXpEUGVQdGQxMlVUamc3dVJFbXRuYUdzUUQ5UzFUNHp0alBqdw
142.250.74.162302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_cm&google_hm=ay1RdXpEUGVQdGQxMlVUamc3dVJFbXRuYUdzUUQ5UzFUNHp0alBqdw
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7c1f389f2d857dedab9c77588805aa87
dde383c8f31cfcf6538b7dd4b2e6bfccaee9007e
326a8cbe7e8e425a1377c8cd39c9dc2f97bac880aaaaa564fc6ce7e916f90525
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_cm&google_hm=ay1RdXpEUGVQdGQxMlVUamc3dVJFbXRuYUdzUUQ5UzFUNHp0alBqdw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_cm=&google_hm=ay1RdXpEUGVQdGQxMlVUamc3dVJFbXRuYUdzUUQ5UzFUNHp0alBqdw&google_tc=
date: Mon, 05 Dec 2022 20:39:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 20:54:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d27fd2680313b3918e17b38080c6d2a
55dd64eacda90f27d3feeb321e459e6300bea215
0b240b7b6e40de91769829ab07af9335c920927a7babd05ff377dd1c37239ca9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2169
Cache-Control: max-age=104633
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Etag: "638d4433-1d7"
Expires: Wed, 07 Dec 2022 01:43:08 GMT
Last-Modified: Mon, 05 Dec 2022 01:06:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_cm=&google_hm=ay1RdXpEUGVQdGQxMlVUamc3dVJFbXRuYUdzUUQ5UzFUNHp0alBqdw&google_tc=
142.250.74.162302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_cm=&google_hm=ay1RdXpEUGVQdGQxMlVUamc3dVJFbXRuYUdzUUQ5UzFUNHp0alBqdw&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8cced5d048ae56d12e52560aeb01f4b1
9b8d42c70b5d7b75418343b7f9e5bd68d2512c1b
7f65cc0b42ffc18c58755175eef9b5fbc20089f20d30a7620cb9be015c593466
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_cm=&google_hm=ay1RdXpEUGVQdGQxMlVUamc3dVJFbXRuYUdzUUQ5UzFUNHp0alBqdw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_error=3
date: Mon, 05 Dec 2022 20:39:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b569f060793904eb0de638d47baa8762
570a9c6d871b088cf232ff05a0624c64873013e6
5b310f2f3f6b17afc411b4dd2e154790a82ae6f7066bc41149655e19a53aa566
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2013
Cache-Control: max-age=157737
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:15 GMT
Etag: "638e143f-13a"
Expires: Wed, 07 Dec 2022 16:28:12 GMT
Last-Modified: Mon, 05 Dec 2022 15:54:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.210.212307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 20:39:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 7fedcfc5-ea6b-4e12-bcb5-23c03953f8e2
Set-Cookie: uuid2=3468516246278313853; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 20:39:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MNHH7ePtd12UTjg7uREmtnaGsQB0zxPQEi8qcw&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MNHH7ePtd12UTjg7uREmtnaGsQB0zxPQEi8qcw&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-MNHH7ePtd12UTjg7uREmtnaGsQB0zxPQEi8qcw&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: image/gif
content-length: 43
cf-ray: 774f97148d4fb527-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVZKu%2FcrHbrgqo%2BrvQw6oLoS8ocVECcCGKodKoYnrfcjGRB1RLXt0zRZBbf4XboVEbDeqlh46ySkrmrVZcM3CzCNzz36w9kemWYiqsuU1MmySJLNowS0j8Cx4DZilZvIXT1R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 152 B IP 178.250.2.146:0
Hash 2ee2136f986e2f36adf182d16d6761b8
0bd2d53af424f05099047de8626c921037c85ba2
146b0b96c925a0492f5ea6f14c907916ac65cd983d985079bf4d10f3ca58a2d6
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=5RTGFV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFEUWJNeCUyQjdKYWtLUWRpT2VJcmdCSUdubnBjVlFwSXIlMkJCb0pVYzVlRkx0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zfwMNl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFEUWJNeCUyQjdKYWtLUWRpT2VJcmdCTERjY3F0S3dxTlVvM3hiUmQxMzNrWA; expires=Sat, 30 Dec 2023 20:39:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 389570
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0WIA0-Ptd12UTjg7uREmtnaGsQCuf3AsQpVzng&expires=30
69.173.144.139204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0WIA0-Ptd12UTjg7uREmtnaGsQCuf3AsQpVzng&expires=30
IP 69.173.144.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-0WIA0-Ptd12UTjg7uREmtnaGsQCuf3AsQpVzng&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8f8616739ae988cd796002fe2e4982e4
b7872e505e4468334284899e2ec94e2ebce62766
083f3b8ab5589e2115fc7df8bcb46cfc0b5c86f238fc39117027aecf1ee5d4cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1876
Cache-Control: max-age=155066
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638e0a5a-1d7"
Expires: Wed, 07 Dec 2022 15:43:42 GMT
Last-Modified: Mon, 05 Dec 2022 15:12:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-iG5BAuPtd12UTjg7uREmtnaGsQAmx81A3fBtwA
185.86.139.57200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-iG5BAuPtd12UTjg7uREmtnaGsQAmx81A3fBtwA
IP 185.86.139.57:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-iG5BAuPtd12UTjg7uREmtnaGsQAmx81A3fBtwA HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Mon, 05 Dec 2022 20:39:15 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8828782104591595491; expires=Fri, 05 Jan 2024 20:39:16 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 05 Jan 2024 20:39:16 GMT; domain=smartadserver.com; path=/
csync=79:k-iG5BAuPtd12UTjg7uREmtnaGsQAmx81A3fBtwA; expires=Tue, 05 Dec 2023 20:39:16 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Unse5uPtd12UTjg7uREmtnaGsQAUSSrrnhLjtQ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Unse5uPtd12UTjg7uREmtnaGsQAUSSrrnhLjtQ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-Unse5uPtd12UTjg7uREmtnaGsQAUSSrrnhLjtQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:39:16 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Unse5uPtd12UTjg7uREmtnaGsQAUSSrrnhLjtQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBPRWjmMCEHwYjYzL-ulLvFjsaXlFq0QFEgEBAQGoj2OYYwAAAAAA_eMAAA&S=AQAAAvts5ZjTkrGPV8P2Ffq4XXg; Expires=Wed, 6 Dec 2023 02:39:16 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash 732da84d0f02b079717f6196a91b0cbf
4aa26ee061153de217cd0098217e5f0b9a19e48c
80a09e5996432d95c843d9cdedc5e2ce3a2b7d42936674b76524af0f54de7142
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 20:39:16 GMT
Last-Modified: Mon, 05 Dec 2022 20:02:33 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 4ded1750dc7e0bef188a5520fb9fef28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: ozJzwsNTyseueCSso_flM-dGr7PoOkP4Y5FWOHpjJV2oCpWp1k156Q==
Age: 2203
eb2.3lift.com/xuid?mid=2711&xuid=k-yB7qOuPtd12UTjg7uREmtnaGsQCILxEJNEuBjw&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-yB7qOuPtd12UTjg7uREmtnaGsQCILxEJNEuBjw&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-yB7qOuPtd12UTjg7uREmtnaGsQCILxEJNEuBjw&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:16 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 87d77caa93c0f5450496e4f9985a5b20
2118b1cb1777f75f96d42316dc8fbd308ed2a2ab
d4714fd75d9faab869b8258bbeb08a352f776156dd45a8d83f44e1d3e5d4ff12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1112
Cache-Control: max-age=153228
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638e0628-1d7"
Expires: Wed, 07 Dec 2022 15:13:04 GMT
Last-Modified: Mon, 05 Dec 2022 14:54:32 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Unse5uPtd12UTjg7uREmtnaGsQAUSSrrnhLjtQ&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Unse5uPtd12UTjg7uREmtnaGsQAUSSrrnhLjtQ&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-Unse5uPtd12UTjg7uREmtnaGsQAUSSrrnhLjtQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 20:39:16 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBPRWjmMCEPOhh1W9qR5ZWURoTwMPlHcFEgEBAQGoj2OYYwAAAAAA_eMAAA&S=AQAAAonzyIfKvQMcXZJWEnlOim4; Expires=Wed, 6 Dec 2023 02:39:16 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.210.212302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 20:39:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 8cedad81-1e50-47de-a024-4ffae68cc500
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b967016c92599586200298d67c900ac5
14a6fd8d84b435e154c0ae357a9f8dc24c16e9eb
b266fccee1baec0b93927cf1385b1a3e6987424f00cbf0ac879fcc8f212df56c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1948
Cache-Control: max-age=122406
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638d8a7e-1d7"
Expires: Wed, 07 Dec 2022 06:39:22 GMT
Last-Modified: Mon, 05 Dec 2022 06:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cm.adform.net/pixel?adform_pid=15&adform_pc=k-13jlf-Ptd12UTjg7uREmtnaGsQDny9QUcxVD4A
37.157.4.23200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-13jlf-Ptd12UTjg7uREmtnaGsQDny9QUcxVD4A
IP 37.157.4.23:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-13jlf-Ptd12UTjg7uREmtnaGsQDny9QUcxVD4A HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:39:16 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 11 Oct 2017 13:40:08 GMT
etag: "59de1f38-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:39:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=364051,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f9714be8eb500-OSL
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 5f640598e1e97eb4d3de7a9da940012c
b1a6c6f1c4230984f258866c322394018d26716d
215906ab0eed2a15c1da17721cf3a97ea573865fcb6173707418695724e67ca5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 20:39:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 19:24:18 GMT
Expires: Tue, 06 Dec 2022 19:24:18 GMT
ETag: "b1a6c6f1c4230984f258866c322394018d26716d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8143bd9d8124bff472031f5a6c43b60
c24d85a627fe9a02eff77c793b3bb18c783a4a1d
2a6fdf4dea606e038755907f7a5285e0ab6fb3f7ae1718e4bef7cf9c363e7cf1
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3550
Cache-Control: max-age=91981
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638d0d63-1d7"
Expires: Tue, 06 Dec 2022 22:12:17 GMT
Last-Modified: Sun, 04 Dec 2022 21:13:07 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash 90efd5c68640e00126e7714ac498de8e
a44af37087906e85006f9f3c3701892d6c0d073f
5e02501ddc39a9f9766be1a50ff32d4081c7c4c47f2f3939ae9899ae23e6ad82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102677
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638d3d35-1d7"
Expires: Wed, 07 Dec 2022 01:10:33 GMT
Last-Modified: Mon, 05 Dec 2022 00:37:09 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 301faf3f65621d2ccd9fad88788c128a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: yQYmiGKlM5lYB3oN1xg3Cf4sNJptXdijgFVCCxSf5zYxvARYEPjOCw==
Age: 2004
x.bidswitch.net/sync?dsp_id=46&user_id=k-LUbTn-Ptd12UTjg7uREmtnaGsQBA6kFT3JtJEw&expires=30
35.158.226.123302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-LUbTn-Ptd12UTjg7uREmtnaGsQBA6kFT3JtJEw&expires=30
IP 35.158.226.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-LUbTn-Ptd12UTjg7uREmtnaGsQBA6kFT3JtJEw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:39:16 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-LUbTn-Ptd12UTjg7uREmtnaGsQBA6kFT3JtJEw&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=7e373358-b294-4728-a8fb-dd57a6f1cbb5; path=/; expires=Tue, 05-Dec-2023 20:39:16 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670272756; path=/; expires=Tue, 05-Dec-2023 20:39:16 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670272756; path=/; expires=Tue, 05-Dec-2023 20:39:16 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670272756; path=/; expires=Tue, 05-Dec-2023 20:39:16 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ad43a7a8b270f41308175b62db5732a
12ba23791d4af270f78c4fcfc3fb09636398a651
cd9c4f87165c07494f088237baa4a4838772881e30a7d96bdf1f42a98b188894
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD9C4F87165C07494F088237BAA4A4838772881E30A7D96BDF1F42A98B188894"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4539
Expires: Mon, 05 Dec 2022 21:54:55 GMT
Date: Mon, 05 Dec 2022 20:39:16 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash c3039f447e5381df673431542bd667d1
e1c45aab2303975e93067fde96266955cb495111
b60d63d9601d73c8eac317311def5f9affde6eb9d46f4c6b4cb8a366da8ee1e7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118756
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638d7afb-1d7"
Expires: Wed, 07 Dec 2022 05:38:32 GMT
Last-Modified: Mon, 05 Dec 2022 05:00:43 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 4ded1750dc7e0bef188a5520fb9fef28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: E3D-yF1Ul_J6X2Nf8-zat5__x_JwG4ZypGD9P7SCpZ8gl1OoI7e5Mg==
Age: 2269
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 85a4ac12d2d5d8c814f0c95238ea0172
6cb21575937477e09d3d057c6023963f1ef72c6e
62518be811240258603750f839f96ad9640b223d5a3a0e5bd83371784968eebd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1979
Cache-Control: max-age=135018
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638dbba3-1d7"
Expires: Wed, 07 Dec 2022 10:09:34 GMT
Last-Modified: Mon, 05 Dec 2022 09:36:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/ibs:dpid=28645&dpuuid=
3.248.49.44302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 3.248.49.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcscanary-prod-irl1-1-v052-0f73f706c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=30200223130513117711597390777760832873; Max-Age=15552000; Expires=Sat, 03 Jun 2023 20:39:16 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: mFMrJiRTQE8=
Content-Length: 0
Connection: keep-alive
e1.emxdgt.com/put?d=d53&uid=k-nmUzx-Ptd12UTjg7uREmtnaGsQCGIr5T7Ts_MJphu35eqvMB
18.156.32.70204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-nmUzx-Ptd12UTjg7uREmtnaGsQCGIr5T7Ts_MJphu35eqvMB
IP 18.156.32.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-nmUzx-Ptd12UTjg7uREmtnaGsQCGIr5T7Ts_MJphu35eqvMB HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Mon, 05 Dec 2022 20:39:15 GMT
content-length: 0
X-Firefox-Spdy: h2
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-qknLe-Ptd12UTjg7uREmtnaGsQDoFO3caKBHUg
18.159.182.69302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-qknLe-Ptd12UTjg7uREmtnaGsQDoFO3caKBHUg
IP 18.159.182.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-qknLe-Ptd12UTjg7uREmtnaGsQDoFO3caKBHUg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:39:16 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-qknLe-Ptd12UTjg7uREmtnaGsQDoFO3caKBHUg
set-cookie: tuuid=ef98109b-48e7-40ec-904c-a8e4b45d6b44; Expires=Sun, 05 Mar 2023 20:39:16 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670272756; Expires=Sun, 05 Mar 2023 20:39:16 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-yi7k5OPtd12UTjg7uREmtnaGsQD9krY601riKA
23.43.133.70204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-yi7k5OPtd12UTjg7uREmtnaGsQD9krY601riKA
IP 23.43.133.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-yi7k5OPtd12UTjg7uREmtnaGsQD9krY601riKA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sun, 04 Dec 2022 20:39:16 GMT
Date: Mon, 05 Dec 2022 20:39:16 GMT
Connection: keep-alive
Set-Cookie: id=627c6873-543b-4d5e-9cea-2170ea572bf5; Path=/; Domain=prod.svc.y6b.de; Expires=Tue, 05-Dec-2023 20:39:16 GMT; Max-Age=31536000; Secure; SameSite=None
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-YcU2fOPtd12UTjg7uREmtnaGsQBbAMtJ8wR1og
3.120.29.10204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-YcU2fOPtd12UTjg7uREmtnaGsQBbAMtJ8wR1og
IP 3.120.29.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-YcU2fOPtd12UTjg7uREmtnaGsQBbAMtJ8wR1og HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 20:39:16 GMT
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-LUbTn-Ptd12UTjg7uREmtnaGsQBA6kFT3JtJEw&expires=30
35.158.226.123200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-LUbTn-Ptd12UTjg7uREmtnaGsQBA6kFT3JtJEw&expires=30
IP 35.158.226.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-LUbTn-Ptd12UTjg7uREmtnaGsQBA6kFT3JtJEw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:16 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-KJODqePtd12UTjg7uREmtnaGsQAM_jU50zWQdg
141.95.98.64200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-KJODqePtd12UTjg7uREmtnaGsQAM_jU50zWQdg
IP 141.95.98.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-KJODqePtd12UTjg7uREmtnaGsQAM_jU50zWQdg HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Mon, 05-Dec-2022 20:44:16 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Mon, 05-Dec-2022 20:44:16 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Mon, 05-Dec-2022 20:44:16 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Mon, 05-Dec-2022 20:44:16 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Mon, 05-Dec-2022 20:44:16 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Mon, 05-Dec-2022 20:44:16 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Mon, 05 Dec 2022 20:39:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-HrzQ9OPtd12UTjg7uREmtnaGsQCMtXU4anEysw
185.64.189.110502 Bad Gateway 166 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-HrzQ9OPtd12UTjg7uREmtnaGsQCMtXU4anEysw
IP 185.64.189.110:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 261b1f079fa0a5c0c32d181e43440c05
300ee04911225728b015abd82d7ca5f43f999b79
c79255f6cb550eaa07d6e90d859b8c1abe81658115ae8175e74b67ac22c7ed87
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-HrzQ9OPtd12UTjg7uREmtnaGsQCMtXU4anEysw HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
server: nginx
date: Mon, 05 Dec 2022 20:39:14 GMT
content-type: text/html; charset=UTF-8
content-length: 166
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-qknLe-Ptd12UTjg7uREmtnaGsQDoFO3caKBHUg
18.159.182.69200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-qknLe-Ptd12UTjg7uREmtnaGsQDoFO3caKBHUg
IP 18.159.182.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-qknLe-Ptd12UTjg7uREmtnaGsQDoFO3caKBHUg HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:16 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
3.248.49.44200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 3.248.49.44:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: DfmWBC4TQQU=
Content-Length: 59
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZP0qruPtd12UTjg7uREmtnaGsQDxshjZbGHQjw
64.202.112.127200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZP0qruPtd12UTjg7uREmtnaGsQDxshjZbGHQjw
IP 64.202.112.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-ZP0qruPtd12UTjg7uREmtnaGsQDxshjZbGHQjw HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:39:16 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 40ec9957b4741fbfe84f0e92176e7bf3
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:39:16 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 947464
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash c793d25d05987b284ed6869098da29d1
4f45182a4e549abbc8b5cdba214ae7e241ab3d7a
a7dc917901fe52b0aeb686cb99f34f39feb4ea983aba518c1480c60bb4a6c1ae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143710
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638ddd8c-1d7"
Expires: Wed, 07 Dec 2022 12:34:26 GMT
Last-Modified: Mon, 05 Dec 2022 12:01:16 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 301faf3f65621d2ccd9fad88788c128a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: mFZDkyN03KTCohKfQlldmpoZ1-T-g7rBvcQ_ITi8q0jaLfFmFYFddw==
Age: 1990
sync-criteo.ads.yieldmo.com/sync?id=k-REDh8ePtd12UTjg7uREmtnaGsQDgrL4sJCawbg&pn_id=criteo&ext=1
54.194.137.201200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-REDh8ePtd12UTjg7uREmtnaGsQDgrL4sJCawbg&pn_id=criteo&ext=1
IP 54.194.137.201:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-REDh8ePtd12UTjg7uREmtnaGsQDgrL4sJCawbg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:16 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g615a0049cd6ddb5aced%7C1670272756323%7C0%7C; Domain=.yieldmo.com; Expires=Tue, 05-Dec-2023 20:39:16 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-REDh8ePtd12UTjg7uREmtnaGsQDgrL4sJCawbg; Domain=ads.yieldmo.com; Expires=Tue, 05-Dec-2023 20:39:16 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f6ea289668229920eb646b0178f8a432
51418c31042db3b08ffa3c50a1d7809dc8393ad8
c50efd970149388f8bab4669b66cab41ab381d6347b0489885dc33a4d0d32343
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:39:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 15:11:53 GMT
Expires: Sat, 10 Dec 2022 15:11:52 GMT
Etag: "51418c31042db3b08ffa3c50a1d7809dc8393ad8"
Cache-Control: max-age=411755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774f971618b0b500-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31f4b98f25ba62d56005d5840a7d3524
a6ce4f1fa2ea0d9dfebad598b1f801f368d1a456
1e7a1d556639280d8cd6eefd71daf01ba22bc1505e52a271ba4eba53334e9c03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 496
Cache-Control: max-age=142211
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638ddd87-1d7"
Expires: Wed, 07 Dec 2022 12:09:27 GMT
Last-Modified: Mon, 05 Dec 2022 12:01:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash 8d5534f87ba320d9725ab911d34a5c67
4b7056ac8c9b17b014f751909530416c9d62387b
42ed49fb698f55a0d66a4a2085e76b83c3d4ffa865d601131ef2d45b33ac6c06
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162692
Date: Mon, 05 Dec 2022 20:39:16 GMT
Etag: "638e26a6-1d7"
Expires: Wed, 07 Dec 2022 17:50:48 GMT
Last-Modified: Mon, 05 Dec 2022 17:13:10 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 4ded1750dc7e0bef188a5520fb9fef28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: HHZVR7bogoI9kEI62fZLBwP6210Q1fqalGDCUMKo-ZCF1X_4cqepJQ==
Age: 2258
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.209.49.216204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.209.49.216:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 20:39:16 GMT
set-cookie: _kuid_=PPYA9IIq; Expires=Sat, 03-Jun-23 20:39:16 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n002-dub-prod.krxd.net
x-request-time: D=26 t=1670272756
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Z2HRk-Ptd12UTjg7uREmtnaGsQAsO-LPu-2qFw
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Z2HRk-Ptd12UTjg7uREmtnaGsQAsO-LPu-2qFw
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Z2HRk-Ptd12UTjg7uREmtnaGsQAsO-LPu-2qFw HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=cd6075a63cb0db8ee8de89d3d6c4e483; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 20:39:16 GMT
content-length: 49
x-envoy-upstream-service-time: 102
server: ayl-lb-fra02
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 110 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8370bd57dc69aa67afd91cfc05e37744
88e4e55c8f841f6a8ab63f1ee735e80c4dbfb911
0d4d07cffccb58de67e83c01e658f869a5226a6e1d9c179737ce2d40eb39db3b
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Mon, 05 Dec 2022 20:39:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=fjellsport.no&sn=FirefoxSyncframe&so=0&topUrl=www.fjellsport.no&info=zfwMNl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFEUWJNeCUyQjdKYWtLUWRpT2VJcmdCTERjY3F0S3dxTlVvM3hiUmQxMzNrWA&idsd=1680890722,-885981817&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=fjellsport.no&sn=FirefoxSyncframe&so=0&topUrl=www.fjellsport.no&info=zfwMNl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFEUWJNeCUyQjdKYWtLUWRpT2VJcmdCTERjY3F0S3dxTlVvM3hiUmQxMzNrWA&idsd=1680890722,-885981817&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=onetag&domain=fjellsport.no&sn=FirefoxSyncframe&so=0&topUrl=www.fjellsport.no&info=zfwMNl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFEUWJNeCUyQjdKYWtLUWRpT2VJcmdCTERjY3F0S3dxTlVvM3hiUmQxMzNrWA&idsd=1680890722,-885981817&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1221326
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QuzDPePtd12UTjg7uREmtnaGsQD9S1T4ztjPjw&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 270574
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
open.spotify.com/embed/episode/4MXnvADhZdaVuim8vWXAbp?utm_source=generator&theme=0
35.186.224.25200 OK 0 B URL HTTP/2 open.spotify.com/embed/episode/4MXnvADhZdaVuim8vWXAbp?utm_source=generator&theme=0
IP 35.186.224.25:0
GET /embed/episode/4MXnvADhZdaVuim8vWXAbp?utm_source=generator&theme=0 HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=f2f3a48713ac9914063a70368bba6531; path=/; expires=Tue, 05 Dec 2023 20:39:12 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fepisode%2F4MXnvADhZdaVuim8vWXAbp%3Fsp_cid%3Df2f3a48713ac9914063a70368bba6531%26device%3Ddesktop%26utm_source%3Dgenerator; path=/; expires=Tue, 06 Dec 2022 20:39:12 GMT; domain=.spotify.com; samesite=none; secure; httponly
content-encoding: gzip
x-envoy-upstream-service-time: 24
sp-trace-id: f7316c8621511d94
server: envoy
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
95.101.10.171200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
GET /widget/static/js/iframe.5a8c73ef.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:45 GMT
x-amz-version-id: P0PTNAbmnutUEWx5JwIuKC0qV1oD8pjU
server: AmazonS3
content-encoding: br
etag: W/"662ab831ab34600ffa4072f565bdfd64"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: lgzoSQDGhSWKO0aZ80LsSOwg_NKJhupDI1c63Z7_KdGmhlw5_gST8w==
content-length: 206714
cache-control: max-age=31536000
expires: Tue, 05 Dec 2023 20:39:13 GMT
date: Mon, 05 Dec 2022 20:39:13 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.28200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.28:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 148648
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 517995
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-b-lp4ePtd12UTjg7uREmtnaGsQD3mPG92G3IFQ
3.214.101.176200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-b-lp4ePtd12UTjg7uREmtnaGsQD3mPG92G3IFQ
IP 3.214.101.176:0
GET /sync?UICR=k-b-lp4ePtd12UTjg7uREmtnaGsQD3mPG92G3IFQ HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:16 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=28291&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=6ut9O19HNENsbHNORXpaWXRKWlAxZnM4SVY2S25CMm1pTTAxdHpTblE4TSUyQkFYTzVObmxreWswJTJGSkpQTnNuM2h5RE81TUZ5Y1BRY2E5aTczQzlVendtRnZKMkMzbkNRcDhXbDNIbVpUdlRrcldLMzRZNXY5ZjIlMkIwcGNUbTQyJTJCRElWWmV0d3hsM2tFWmd1R2QlMkZWNSUyQmloMzNxR2clM0QlM0Q&tld=fjellsport.no&fu=https%253A%252F%252Fwww.fjellsport.no%252F&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=48417
178.250.0.163200 OK 0 B URL HTTP/2 sslwidget.criteo.com/event?a=28291&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=6ut9O19HNENsbHNORXpaWXRKWlAxZnM4SVY2S25CMm1pTTAxdHpTblE4TSUyQkFYTzVObmxreWswJTJGSkpQTnNuM2h5RE81TUZ5Y1BRY2E5aTczQzlVendtRnZKMkMzbkNRcDhXbDNIbVpUdlRrcldLMzRZNXY5ZjIlMkIwcGNUbTQyJTJCRElWWmV0d3hsM2tFWmd1R2QlMkZWNSUyQmloMzNxR2clM0QlM0Q&tld=fjellsport.no&fu=https%253A%252F%252Fwww.fjellsport.no%252F&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=48417
IP 178.250.0.163:0
GET /event?a=28291&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=6ut9O19HNENsbHNORXpaWXRKWlAxZnM4SVY2S25CMm1pTTAxdHpTblE4TSUyQkFYTzVObmxreWswJTJGSkpQTnNuM2h5RE81TUZ5Y1BRY2E5aTczQzlVendtRnZKMkMzbkNRcDhXbDNIbVpUdlRrcldLMzRZNXY5ZjIlMkIwcGNUbTQyJTJCRElWWmV0d3hsM2tFWmd1R2QlMkZWNSUyQmloMzNxR2clM0QlM0Q&tld=fjellsport.no&fu=https%253A%252F%252Fwww.fjellsport.no%252F&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=48417 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 20:39:15 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 14534549
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api.yadore.com/v2/r/deeplink?e=ZVRvbW0rN2MvejdmNlQ5RENzd2tCVDk5UFlnSHEyTWFZaWpvTmpXU2N6ZjlpVEIxZmFFUXZsVloyREp0elEwOFBrQlgySVhUSDUweTZhaHM5Mm9JaXFZOVB6QnNvQkJiWG9BMDRVTHZtL2wvV3AvNUF2SlpyNGEwbTRYMElmS0lPV1plT25WSlZNdmRSbS85Slo1QU5CNHZUYUxSbFlCOHo1bm1yYTFFVWJFejAwdz0=&i=leo_lt0D2KU48_EA&placementId=3c9346bee65ad8de4676673a92c55a34
88.99.112.2302 Found 0 B URL HTTP/2 api.yadore.com/v2/r/deeplink?e=ZVRvbW0rN2MvejdmNlQ5RENzd2tCVDk5UFlnSHEyTWFZaWpvTmpXU2N6ZjlpVEIxZmFFUXZsVloyREp0elEwOFBrQlgySVhUSDUweTZhaHM5Mm9JaXFZOVB6QnNvQkJiWG9BMDRVTHZtL2wvV3AvNUF2SlpyNGEwbTRYMElmS0lPV1plT25WSlZNdmRSbS85Slo1QU5CNHZUYUxSbFlCOHo1bm1yYTFFVWJFejAwdz0=&i=leo_lt0D2KU48_EA&placementId=3c9346bee65ad8de4676673a92c55a34
IP 88.99.112.2:0
ASN #24940 Hetzner Online GmbH
GET /v2/r/deeplink?e=ZVRvbW0rN2MvejdmNlQ5RENzd2tCVDk5UFlnSHEyTWFZaWpvTmpXU2N6ZjlpVEIxZmFFUXZsVloyREp0elEwOFBrQlgySVhUSDUweTZhaHM5Mm9JaXFZOVB6QnNvQkJiWG9BMDRVTHZtL2wvV3AvNUF2SlpyNGEwbTRYMElmS0lPV1plT25WSlZNdmRSbS85Slo1QU5CNHZUYUxSbFlCOHo1bm1yYTFFVWJFejAwdz0=&i=leo_lt0D2KU48_EA&placementId=3c9346bee65ad8de4676673a92c55a34 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 20:39:11 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=0bab3711b4c6e5b9a33099629ed25b67c850b9621e18800c5034cc226bbbabfb&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
151.101.86.248200 OK 0 B URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
IP 151.101.86.248:0
GET /fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 85585
Last-Modified: Thu, 19 May 2022 07:59:22 GMT
ETag: "0e196bce574e01f42fc686e3e6dc4f76"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 20:39:12 GMT
Age: 13171241
X-Served-By: cache-ord1740-ORD, cache-chi-kigq8000179-CHI, cache-bma1621-BMA
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 148477
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
static.hotjar.com/c/hotjar-75470.js?sv=7
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-75470.js?sv=7
IP 143.204.55.37:0
GET /c/hotjar-75470.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 20:38:28 GMT
cache-control: max-age=60
etag: W/bb31bfe6376775e76c9dc2cafe933de8
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3L2txxcb4wn80EDyAOv-P9hw4At5UqnOs0sWf0fsmOOFz2Chy6fQVQ==
age: 44
X-Firefox-Spdy: h2