Report - fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021

Report Overview

Submitted URL
fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
IP
96.47.230.69
ASN
#8100 ASN-QUADRANET-GLOBAL
Submitted
2022-11-06 19:38:29
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
wapi.lipscore.com	318267	2018-02-11T14:12:58Z	2023-03-10T18:15:19Z	1.5 kB	13 kB	151.101.86.217
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	3.4 kB	8.9 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	3.2 kB	93.184.220.29
api.kelkoogroup.net	468795	2020-06-09T06:00:09Z	2023-03-10T14:42:23Z	706 B	1.1 kB	143.204.55.124
status.thawte.com	5123	2017-11-27T13:33:51Z	2023-03-10T05:17:36Z	1.0 kB	2.4 kB	93.184.220.29
dd.kelkoogroup.net	unknown	2022-06-24T12:22:42Z	2023-03-10T15:28:26Z	550 B	44 kB	54.230.111.47
www.safa.no	unknown	2017-01-29T14:52:33Z	2023-03-07T10:38:36Z	11 kB	2.5 MB	78.41.126.166
policy.app.cookieinformation.com	34976	2018-04-03T19:08:34Z	2023-03-09T23:01:40Z	1.3 kB	16 kB	152.199.21.175
cdn.clerk.io	73670	2015-08-11T11:40:58Z	2023-03-10T18:12:51Z	352 B	55 kB	52.29.221.108
fkunismuh.org	unknown	2016-01-13T15:43:03Z	2023-03-07T18:59:23Z	1.7 kB	1.7 kB	185.107.56.192
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-10T16:21:16Z	797 B	1.9 kB	142.250.74.130
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	954 B	33 kB	216.58.207.195
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	1.6 kB	2.2 kB	142.250.74.164
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	722 B	349 B	31.13.72.36
api-js.datadome.co	8155	2017-10-11T16:14:56Z	2023-03-10T13:53:51Z	470 B	506 B	16.170.34.207
s.kk-resources.com	38577	2018-08-25T08:32:23Z	2023-03-09T22:15:05Z	360 B	3.3 kB	143.204.55.92
s.kelkoogroup.net	316265	2017-09-04T15:00:28Z	2023-03-10T09:33:41Z	892 B	1.1 kB	185.60.164.26
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-10T05:21:21Z	342 B	1.0 kB	104.18.32.68
no-go.kelkoogroup.net	unknown	2017-10-30T15:27:38Z	2023-03-10T13:06:59Z	7.1 kB	35 kB	95.211.116.27
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	5.5 kB	11 kB	142.250.74.35
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
clever-redirect.com	unknown	2021-02-09T07:24:33Z	2023-03-10T13:06:57Z	527 B	875 B	78.46.197.88
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	143.204.42.158
api.clerk.io	60284	2015-08-03T11:58:50Z	2023-03-10T18:30:18Z	3.8 kB	87 kB	52.28.115.137
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:43Z	775 B	558 B	216.239.32.36
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
dipaka-ead.com	unknown	2022-10-31T14:23:43Z	2023-03-09T07:08:17Z	1.1 kB	2.7 kB	3.208.247.235
api.yadore.com	591567	2017-11-28T10:59:40Z	2023-03-10T15:28:25Z	780 B	452 B	88.99.112.6
safa.no	unknown	2015-06-04T06:05:07Z	2023-02-22T08:32:36Z	554 B	1.1 kB	78.41.126.166
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	775 B	757 B	142.250.74.35
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	483 B	1.1 kB	64.233.165.154
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.69.181.45
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	68 kB	34.120.237.76
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-10T06:43:06Z	380 B	22 kB	142.250.74.174
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	758 B	133 kB	142.250.74.168
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	1.3 kB	674 B	142.250.74.174
static.lipscore.com	483894	2015-01-29T16:18:57Z	2023-03-10T18:15:17Z	2.8 kB	136 kB	54.230.111.43
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	414 B	746 B	142.250.74.10
lookandfind.me	35702	2021-03-08T13:58:51Z	2023-03-10T13:06:58Z	1.6 kB	2.0 kB	5.9.110.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-06	medium	fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (48)

	URL	Size	First Seen	Last Seen
	cdn.clerk.io/clerk.js	90 kB	2023-03-10	2023-03-10
Pretty URL cdn.clerk.io/clerk.js IP 52.29.221.108 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:11:51 Last Seen2023-03-10 22:40:04 Times Seen1 Hash 0ef9881bc00a3d81ca08a27ea2bd84b9 c01f83b7806a041ed9261f7771f501f0e847ffda 34ad5bd3a512346bba28ed19e5a0ead936c8e7ee36baf269915c122d7d26cf3c Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-10	2023-10-31
Pretty URL connect.facebook.net/en_US/fbevents.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:19:33 Last Seen2023-10-31 18:18:05 Times Seen6 Hash 8938d4fc65afd3422bf533482ca33a53 2d92351d88fc6fd59cdac7d801753ac64ba52277 f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Loading...

	api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0	7.5 kB	2023-03-10	2023-03-10
Pretty URL api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0 IP 52.28.115.137 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:04 Last Seen2023-03-10 22:40:04 Times Seen1 Hash 05e228ed87e0d80e8f925014ba87abe1 d328a06d7c91785714ffe5d2f934cef24bc96146 678e420170a1a0475f8b656a6aeb2228e868d22113f138f1bee567da0424ad3c Loading...

	lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89	363 B	2023-03-10	2023-03-10
Pretty URL lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89 IP 5.9.110.29 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:04 Last Seen2023-03-10 22:40:04 Times Seen1 Hash d6570f46f399013b5a5d32775642566f 3a23da507990003cc42456b208f4a874d31bf698 29887938e1976f8a94e0a2697aa4a3913abf0730a6c5f4b822a91d9200c2aceb Loading...

	no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9	9.3 kB	2023-03-10	2023-03-10
Pretty URL no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9 IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:04 Last Seen2023-03-10 22:40:04 Times Seen1 Hash 1ee90004a420825f79d8653a1cea5dbf 8e6309d503b658ccc73d0359f8a3bd1ffe6bb449 95429ba44e264fc7d6df6b547def3228b4d1ebc0c0b9c5bd9ae625b2624e033f Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	359 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2023-03-10 22:40:04 Times Seen1 Hash 881936c6978326e6323fccd79bc3b1ac ad4d09ba2107fd3220d0713f87448b8d94257296 f1293f706250d91af5ab9bc63365989f69564ec8288b96c48e9d30e92a07d22c Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	224 B	2023-03-10	2024-01-14
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2024-01-14 18:20:23 Times Seen5 Hash 7d2ff79e9c743c9bb3912e2250a05ba2 869d161f0b19a3d66b2bcd717facd637d3684102 fd4a4e2a015dd4ee6beff4921313481db8e6467cb0d3740550c556b3b48276cb Loading...

	www.safa.no/Plugins/Widgets.Clerk/Content/custClerk.js	1.5 kB	2023-03-10	2024-03-04
Pretty URL www.safa.no/Plugins/Widgets.Clerk/Content/custClerk.js IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:19 Last Seen2024-03-04 00:09:38 Times Seen2 Hash cbf031813c59cfd4e902317f71745b7b 510f06dd1444f9b5adf879a818dd9effcf6e8cc3 f672051f9b210d9979cc65640db20d986f978c0034eba2e96964ce7001ebfeab Loading...

	connect.facebook.net/signals/config/447038315672833?v=2.9.89&r=stable	300 kB	2023-03-10	2023-03-10
Pretty URL connect.facebook.net/signals/config/447038315672833?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 706591bd04e0016052fc2a8800a0928f 1776fce923b96adcbbff6c90a56e83e744ec33a8 eeb3c4f378fa3f49e92df162ae2127ed24d4b8bf3dca84bc76a2fc73350daf35 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1667763501233&cv=11&fst=1667763501233&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1076399580.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/833441087/?random=1667763501233&cv=11&fst=1667763501233&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1076399580.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 2b41fa394bf57573ce1339ed07f5cf34 b481da2102ff543d2ab5a466828d6d56a794cf02 37bff01f0ff228655118c12c72c836c70332c837323d8e821145ce6e73cf8660 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5DG42RZ	188 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5DG42RZ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash e2e863d4dceb4487fceda47aa12ec94b 8b4c9858307e78e0465f5c7aafe05c37cd72effe f61bf49e13c889c3a5fb659eb422bbd873522913f4468abc09aa8e3894f1626c Loading...

	policy.app.cookieinformation.com/cookiesharingiframe.html	8.7 kB	2023-03-07	2023-04-05
Pretty URL policy.app.cookieinformation.com/cookiesharingiframe.html IP 152.199.21.175 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:49 Last Seen2023-04-05 01:51:56 Times Seen17 Hash c215e635963479bb608d0d51a3b2e663 c038b4a883b9b4af730318b682f2de7760b544a3 0c5d25bcd67384edeb838583fe32f3b9f9126d2efad207e8d0e3f5a75352b10d Loading...

	api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3	47 B	2023-03-10	2023-03-10
Pretty URL api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3 IP 52.28.115.137 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 799a2088a5543cb9931a2c7ba9764091 9787ee4021f24c849a835ea5c9eac8afb92f2eed ad90db516c4d23be9c8061f7102216bf803e6a2cf7ac25be2060b3ff0ea74d02 Loading...

	api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2	47 B	2023-03-10	2023-03-10
Pretty URL api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2 IP 52.28.115.137 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 0c0d4c4e379a0f4efd445ba7ade5c1e6 fc1c14d3d30c18bc8e33f2f95accb28160ab99c9 b66be014be5a580bd958aae83b16b5780da49080306b59228beae509313b6a2a Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	584 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:19 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 48ba3b1557e8f0c301fb97a8dfabbbbf 99cfde6ed1417fdc76e3ee09ce419b3796e2fe63 acba8921d5522090bf7da55791c30f4ce1fe38613fcfbf3bac3f21c4c74290f2 Loading...

	static.lipscore.com/assets/no/lipscore-v1.js	251 kB	2023-03-10	2023-03-11
Pretty URL static.lipscore.com/assets/no/lipscore-v1.js IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:17:36 Last Seen2023-03-11 09:38:34 Times Seen1 Hash b15ce6e66de74c81bc3fb399ce313981 ea96dba157ee74d7d63ac1b2c8965b0c767ae434 688be3d90d86548a8d5db14179dce873054ded5cb527d95d9178a6e0c8ef4e23 Loading...

	s.kk-resources.com/leadtag.js	6.9 kB	2023-03-07	2023-03-17
Pretty URL s.kk-resources.com/leadtag.js IP 143.204.55.92 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2023-03-17 12:43:10 Times Seen1 Hash a061caddf9a72996f38089e304bcd23e 8ff3f9a24060381804f08f536577c042461e1ad3 c2fc5dec89e84862f73de94802749b7b94af9ee4af0b6c3d653b965318188e44 Loading...

	dipaka-ead.com/zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false	113 B	2023-03-10	2023-03-10
Pretty URL dipaka-ead.com/zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false IP 3.208.247.235 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash f1cf5ca5fc8126ff26202aa2e7edaa49 c32439676b5bfafec38db48509ae1e24e9dfff26 dbfda78b7ddc419e2df1375126bfea7d723bcc66f276990570c19ed1584c4a08 Loading...

	dd.kelkoogroup.net/tags.js	211 kB	2023-03-08	2024-03-22
Pretty URL dd.kelkoogroup.net/tags.js IP 54.230.111.47 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:51:26 Last Seen2024-03-22 06:11:43 Times Seen215 Hash 2e7b5d238f4788f6685292f1691990dd 3dfb224ff6f123b604569bba6d6051c16375cc70 5795c162503a8a8db1b67d8e38ff5b901d6278579c73750bb6641a69f54baad5 Loading...

	apis.google.com/js/platform.js?onload=renderBadge	55 kB	2023-03-10	2023-03-11
Pretty URL apis.google.com/js/platform.js?onload=renderBadge IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:16:22 Last Seen2023-03-11 13:28:18 Times Seen1 Hash c173bf28b2a3275a3a1f43ce71ec130c 4378f509d2f96d309268b853ef0503b7100749e2 3fd4e2ea43226ec11b16b45a5a84babb1a012b86d3fcc4e3037c45831ec35475 Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	129 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 78622c52d395b56f53b42b1dec12cbfb 63e94c448f90b1be64e66e1e461fb1ce22562217 99f7c5fe223d5fe1abdca458eb22475cc7f1e64076bb3c8958520a83da126c7d Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	760 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 36286e880337a0b8597e7697853df44e 2c264ad090b8b2e7124870e079fab8ad165c4979 d08306eab70aa62b52ffc72c9fe7f8f352f3edf07b7417a5c4c180a819c399f9 Loading...

	www.googletagmanager.com/gtag/js?id=AW-833441087&l=dataLayer&cx=c	137 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=AW-833441087&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 9c075965e07405ec8b751b3454a5b2c0 1e3d33d8f99fc91627366e90f99e28bf137499b2 2abebeabe29a5708b95aa1bd65da70b3a5ab21dd121a420a47c0ceb04d960b74 Loading...

	www.google.com/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-20
Pretty URL www.google.com/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-20 17:48:03 Times Seen63949 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4	30 B	2023-03-08	2024-02-17
Pretty URL api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4 IP 52.28.115.137 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:50:47 Last Seen2024-02-17 03:31:41 Times Seen5 Hash a3adf8313b284a45f8213e46ccf875f4 e3426acd71e58b6a501133feb833943e509fe27a 20722281646418de55f741fb45c44727bd093277dfacc43fa0fa0476a9e20cb9 Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	415 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 518b034f679011ceeaee285bccbc6fb5 9b9cf3ddd888ed5e0d744597de3504b266fd291c 6962048c19afc30f55c1c06b553fd30ddd84bd5eea1e5a58b5d41c3fbd0ea685 Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	331 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:19 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 7dc049d2571c8f13226f03fce8138de8 edf5d8dd61f15259f81bebd425281ca72508fb98 a151e4e6b40f23e27d5871aa9730339e42154217f175edf5bd5da7c4f7b0e909 Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	220 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:19 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 40c5b6415b101de7455b7b045c2944cf 8a06cf145a2aed2af3cffaef261275d2241bc95f e313dd4bcaa4157401b5ee7968c5eae85d15657140c6d17d688d6c189c1dadca Loading...

	www.googletagmanager.com/gtag/js?id=AW-718127358	137 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=AW-718127358 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 14fcc983e16968b190319cc2423942dd a28aa70f758c5c71d53bbb3d2fa88e5edd728ac2 ba0bd1095df557e79b0166ed7d2a4d9e5b6dd4a9aabd57821a51f2cdc5fe5d2e Loading...

	api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A3%2C%22template%22%3A%22home-page-visitor-complementary%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_1	7.5 kB	2023-03-10	2023-03-10
Pretty URL api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A3%2C%22template%22%3A%22home-page-visitor-complementary%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash e7a5809e3ef2fc33fda2fe4efc951b88 a71403eee33987ed9e925a07c94d5624a0abbf25 c9332c3b898b8b55c6eba9862de275de8231b581b6280cc1d3ef0aa217845978 Loading...

	www.googletagmanager.com/gtag/js?id=G-1XYPHFZS1G	228 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-1XYPHFZS1G IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 97a1825a0fdffc654b0b052662bdaf57 c5e746339447d04a48052f27787d1fa7a61e8003 eefe45269953c45950909e75d1e6d7f99ac8d9f53738ff40974cbef49eb247fd Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	129 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 9c63f1aee34e527d0f0e1f98b91c0fb7 7c181b4416d57e039fd20fa8c3e138b008f83c00 4f3bbc80a969110d13c8fb5ba0e404e25cb9499ced3dc7f190fd235d233824de Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	185 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 2bcf70cb69b44bb8e8f0f7e235a53d89 98ee08b42fe0c0d532c4b63e12f96cae9190e383 8dd1ab20bc49c5310548af1fd0484a48813934606e7b4391269d14e7ae68f080 Loading...

	clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem	166 B	2023-03-10	2023-03-10
Pretty URL clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem IP 78.46.197.88 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash a1a9c08b3afdfbcb585a2df1c714698a d2a121e0e47b2b7b246eb32b2c98931823f5eaca e85ce435ed7e4cb8494ed9967719c15cfd1a9a234bf3128799c9cba55cfb90f8 Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	137 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:19 Last Seen2023-03-10 22:40:05 Times Seen1 Hash c70e02b4ce7061369148a16dca0eb1dc 410d57ee4eb989ecc52b3e1950a87b46a8273c09 3acd90fd920cf6cfd8facf6a227861719f8224c67289b9f51ff0a1282b68f38c Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	774 B	2023-03-10	2023-03-10
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:19 Last Seen2023-03-10 22:40:05 Times Seen1 Hash d788c162e91f151a8662dbc172baaa10 16acc4b3bd70506aee388c78abe90ce4dd2c589a 1bb3f94fbba305ee2ef8f113d5ba03340f08eeb8a30965602d6311bc2c2c6ec1 Loading...

	www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono	4.8 kB	2023-03-08	2024-03-04
Pretty URL www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:48:48 Last Seen2024-03-04 00:09:38 Times Seen4 Hash 8a31110101b5be83abd5c4f216c5228c ed5b0a67a4dffb9ca5bdb7eb002ee03c04f5ffae f726f278e9b33ddc475a11298abddb56312f63203aec13463a13760e5c2c6a53 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf	444 B	2023-03-10	2023-03-10
Pretty URL fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf IP 185.107.56.192 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash f87edc3b0887fd2caf044c4e004685c9 a1979213f632275692855facdb67864bfebaf792 06271a5bebfa72fa40d4cb9af30d8fc4f04444e3f9683709d9cf972bf08f1c50 Loading...

	dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51	748 B	2023-03-10	2023-03-10
Pretty URL dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 IP 3.208.247.235 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 941abace09f4817dd549c1129ebe0845 1918bb70b22c40dc65303b8948296e80cacf127c 0245e8e8a6e886f101243cc74c1b10c4d36609cf6dbd0bf250b2826bc83faa04 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 09:14:22 Times Seen37059145 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.safa.no/js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM	2.0 kB	2023-03-10	2023-03-12
Pretty URL www.safa.no/js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM IP 78.41.126.166 ASN #44764 Bitpro Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:46:20 Last Seen2023-03-12 07:18:47 Times Seen1 Hash e9dbe32e22d24e7498aad5f41c5c464c cf0f05f28d67da97ee1d542dc1faad3dda7de577 d2524718af1700f35a72a021e5eec9956350e8e9637cd60bc6ccfda177ee89ec Loading...

	www.googletagmanager.com/gtag/js?id=AW-833441087	137 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=AW-833441087 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:18:47 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 1ab8315d78f5c379e786046c8f0988f7 1f4794fdbc1c13b6b082ac6e32edf32d19b52754 3a39cff2f80694a44979244c8c4d162170655d2128fbec2bbd66577f1a55b4dc Loading...

	no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9	19 kB	2023-03-10	2023-03-10
Pretty URL no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9 IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 3c21414e9638325e288088658934226c 935589917e70e4ff079867afa79a2e3eb390c822 3f23f6e3d71e1d6c5e30183edb7f0036c424c07372754a4e66efbf4451870be5 Loading...

	no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9	1.6 kB	2023-03-10	2023-03-10
Pretty URL no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9 IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 2ee1af9ade9d08599b55813dd0fa08b2 db4f3dd57dff4ddd0e513312ced6c521ed3d0941 2141ead50d94d29ba148810a8605a866326523ebaadd53a5fde59b779358d878 Loading...

	policy.app.cookieinformation.com/uc.js	33 kB	2023-03-08	2023-03-11
Pretty URL policy.app.cookieinformation.com/uc.js IP 152.199.21.175 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:31:34 Last Seen2023-03-11 08:34:59 Times Seen1 Hash 5c8ae34b938406927a5a5bb4929eaad9 3ad00ea1811970cb40dd01f456f8e6871078c195 3760e2e1a168ee0a0b02065eb77c942e0fd27630fcee32b9cb056009ffdea8b5 Loading...

	policy.app.cookieinformation.com/e71ed9/safa.no/nb.js	81 kB	2023-03-10	2023-03-10
Pretty URL policy.app.cookieinformation.com/e71ed9/safa.no/nb.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash 228aca89a2225009a744993a6a437fe7 c81706bd8e96f4f237b6ead039c4726eb2ee1496 f5b076a0d0125ab88ef5d667845f1b95f1b2215a165ee26b62a246dac1257bfa Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:40:05 Last Seen2023-03-10 22:40:05 Times Seen1 Hash ca1d057fad050f03542c31d7a721925b bf5dee079a6606e8f595fbac64cb76c4a7657c48 ace6a65137a3af724a35751c26b9d09459f7ab6f6976787a9cddbf62209f97f9 Loading...

HTTP Transactions (110)

URL IP Response Size

fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf

185.107.56.192

200 OK

548 B

URL HTTP/1.1
fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
IP
185.107.56.192:0
ASN
#43350 NForce Entertainment B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (548), with no line terminators
Size
548 B (548 bytes)
Hash
75f2f9f6185553c6b1e1c60dfe742b75
917dd5a0b63cd5a44427d48dacb8b92e839bee46
1be87eb3a085800e604ef018e1116eca0bb2cffc58d5c4bf7780a458f4616056

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf HTTP/1.1
Host: fkunismuh.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 548
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 19:38:17 GMT
server: nginx
set-cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645; path=/; domain=.fkunismuh.org; expires=Fri, 24 Nov 2090 22:52:24 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17033
Expires: Mon, 07 Nov 2022 00:22:11 GMT
Date: Sun, 06 Nov 2022 19:38:18 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2247
Cache-Control: max-age=142212
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:18 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:08:30 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9580
Expires: Sun, 06 Nov 2022 22:17:58 GMT
Date: Sun, 06 Nov 2022 19:38:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ERM323KxasrOAilOk/N5PXLsbByEwtDJLGfq1+pQdT+FqAbc8is7fQLtqEYiglDQx60QD0M6GYE=
x-amz-request-id: E1TS9N1X33Z3WPRK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 19:10:34 GMT
age: 1664
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 19:38:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fkunismuh.org/favicon.ico

185.107.56.192

404 Not Found

9 B

URL HTTP/1.1
fkunismuh.org/favicon.ico
IP
185.107.56.192:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: fkunismuh.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
Cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645

HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 06 Nov 2022 19:38:17 GMT
server: nginx

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4130
Cache-Control: max-age=139042
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:19 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:15:41 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Nzc3MDY5NywiaWF0IjoxNjY3NzYzNDk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2loYzQ1ZGVpcjB2cWI1YWcyY250b2UiLCJuYmYiOjE2Njc3NjM0OTcsInRzIjoxNjY3NzYzNDk3ODk1OTE3fQ.jvSATaB2rxkfLD8hwPYute2zQINKkbgz4TGHGehy1io&sid=901d6bee-5e0a-11ed-a753-fe05b26df645

185.107.56.192

302 Found

11 B

URL HTTP/1.1
fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Nzc3MDY5NywiaWF0IjoxNjY3NzYzNDk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2loYzQ1ZGVpcjB2cWI1YWcyY250b2UiLCJuYmYiOjE2Njc3NjM0OTcsInRzIjoxNjY3NzYzNDk3ODk1OTE3fQ.jvSATaB2rxkfLD8hwPYute2zQINKkbgz4TGHGehy1io&sid=901d6bee-5e0a-11ed-a753-fe05b26df645
IP
185.107.56.192:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Nzc3MDY5NywiaWF0IjoxNjY3NzYzNDk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2loYzQ1ZGVpcjB2cWI1YWcyY250b2UiLCJuYmYiOjE2Njc3NjM0OTcsInRzIjoxNjY3NzYzNDk3ODk1OTE3fQ.jvSATaB2rxkfLD8hwPYute2zQINKkbgz4TGHGehy1io&sid=901d6bee-5e0a-11ed-a753-fe05b26df645 HTTP/1.1
Host: fkunismuh.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
Cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 06 Nov 2022 19:38:18 GMT
location: http://dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645; path=/; domain=.fkunismuh.org; expires=Fri, 24 Nov 2090 22:52:26 GMT; max-age=2147483647; HttpOnly

push.services.mozilla.com/

54.69.181.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.181.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W3HIudcT72Y67gv87OF1gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 15mEbyp8A+ajOLIIhHMmJS+vCyY=

dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51

3.208.247.235

200

998 B

URL HTTP/1.1
dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
998 B (998 bytes)
Hash
85a793d2d96f793a797f2e1dbf4710ee
8101fc9dc3714beaf2b3709abec495dfe5aa616d
6d3f6b41990975c6076e438bf5c83122231bdba2bc4296b0b5e62baca07d6c21

HTTP Headers

GET /zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fkunismuh.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 06 Nov 2022 19:38:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: jsPYtoHm

dipaka-ead.com/zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false

3.208.247.235

200

356 B

URL HTTP/1.1
dipaka-ead.com/zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP
3.208.247.235:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
356 B (356 bytes)
Hash
abebddefed8d08d7e03b2650cdf29291
ba08da48f1857d8ed6cd81af63e5ded7999286dd
d1e7a94fdca73216c281ee7df142a14369718b83b4ca6577eca794d02ab6ca2a

HTTP Headers

GET /zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 06 Nov 2022 19:38:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: JLMwcJIz

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8b7699a41cd18913d6479728394918f6
83a129be58905b32042c1c4b7f86cf4901a7b812
9f1c4537e8e180879eb970deeef397a989a6f08a37404cc94a6c19419d501cc3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F1C4537E8E180879EB970DEEEF397A989A6F08A37404CC94A6C19419D501CC3"
Last-Modified: Sun, 06 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10718
Expires: Sun, 06 Nov 2022 22:36:57 GMT
Date: Sun, 06 Nov 2022 19:38:19 GMT
Connection: keep-alive

clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem

78.46.197.88

200 OK

347 B

URL HTTP/2
clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem
IP
78.46.197.88:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (347), with no line terminators
Size
347 B (347 bytes)
Hash
f909a8f31c015f730fa50f5e46d59630
c13f79bb5831f03898c3bf715f4b3d5bed4d9e28
879914ee6d08a25ec44e40ccd8990caa80d98971580e884ac24af53c3c45efa8

HTTP Headers

GET /s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 3ab871ebd06159edc0f2ce56d5887800=40c6df967326c762c0727eb9d1b962182d6ddbbf48b66d1432ea756dd452a0bfa%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223ab871ebd06159edc0f2ce56d5887800%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 07-Nov-2022 19:38:19 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 347
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 19:38:19 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
370d89dc2bfb0b066c7e4ab5f90e651f
ec3454a36cd598b7c9294dde6937350dad4959b3
8da2fb6adf8edd92fe869ce30c965b3af27d2ecbf3c826606c4ef6907b5373aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DA2FB6ADF8EDD92FE869CE30C965B3AF27D2ECBF3C826606C4EF6907B5373AA"
Last-Modified: Fri, 04 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Sun, 06 Nov 2022 22:59:58 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive

lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=safa.no&s1=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem&s5=cf

5.9.110.29

200 OK

616 B

URL HTTP/1.1
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=safa.no&s1=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem&s5=cf
IP
5.9.110.29:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Size
616 B (616 bytes)
Hash
6811f9c72dba946d6c5de7946920d830
0c5e53ae703c226c3ae041eda78a5ef7d6b67561
b8e4e827ec5a6f166d31d91aaf3d1eeb85ae358748c68f2db42785e8c2e4fd13

HTTP Headers

GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=safa.no&s1=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:20 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: f7b1fc5977248f044de0a7a19541891f=01b215a707de04fd64723ec66792a85a4072610adc6af643ef6ddfd637725108a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22f7b1fc5977248f044de0a7a19541891f%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 07-Nov-2022 19:38:20 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89

5.9.110.29

200 OK

544 B

URL HTTP/1.1
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89
IP
5.9.110.29:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Size
544 B (544 bytes)
Hash
be03d7f483d91339cc72649095d11877
4e400b72c4c01c8fae9d27e02c0281c8817e4a7d
a50e6f5a1acbe1611f63fbcc8cbcd4c78e216c23b24de797fd228b1558243b23

HTTP Headers

GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: f7b1fc5977248f044de0a7a19541891f=01b215a707de04fd64723ec66792a85a4072610adc6af643ef6ddfd637725108a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22f7b1fc5977248f044de0a7a19541891f%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:20 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2dd970cda7cf0677b8bd9f595148ba06
846cd6846fe5905417f35bacfd5a1a9b33388c56
e82012a70a0f2449861b7036919ba238317b20271868ca8ca37a0ce9883cc522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82012A70A0F2449861B7036919BA238317B20271868CA8CA37A0CE9883CC522"
Last-Modified: Sat, 05 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10463
Expires: Sun, 06 Nov 2022 22:32:43 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive

api.yadore.com/v2/r/deeplink?e=aGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0=&i=QWSh2QhipKmFF_Lz&placementId=d0123e31c95b61d04b31c5b20ca5f142

88.99.112.6

302 Found

0 B

URL HTTP/2
api.yadore.com/v2/r/deeplink?e=aGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0=&i=QWSh2QhipKmFF_Lz&placementId=d0123e31c95b61d04b31c5b20ca5f142
IP
88.99.112.6:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/r/deeplink?e=aGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0=&i=QWSh2QhipKmFF_Lz&placementId=d0123e31c95b61d04b31c5b20ca5f142 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 19:38:20 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.24
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11535 bytes)
Hash
b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 78570
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8961 bytes)
Hash
dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 78827
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8309 bytes)
Hash
3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:07 GMT
age: 76873
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 47421
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14415 bytes)
Hash
fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 77142
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7573 bytes)
Hash
b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 50797
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false

143.204.55.124

302 Found

0 B

URL HTTP/2
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false
IP
143.204.55.124:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
x-gravitee-transaction-id: 2df9ac31-8721-4b13-b9ac-3187214b1359
x-gravitee-request-id: 2df9ac31-8721-4b13-b9ac-3187214b1359
vary: Origin
request-time: 10
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Sun, 06 Nov 2022 19:38:20 GMT
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: df79KpB6KQANrcRuCza33YeuLAXAL0mIeM2hP5GXort2kdFsHwC1Gw==
X-Firefox-Spdy: h2

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8726479dab7dac401fb7a77c0e979dc0
276158181f7e060c08a5b3340f11fda4cba7eec9
0b7d63c2a7db26ee5af0854bdd13021cc9c8d0f7d3e8c8c9a98c52e933a6668f

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4786
Cache-Control: max-age=169926
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:21 GMT
Etag: "6367ef41-1d7"
Expires: Tue, 08 Nov 2022 18:50:27 GMT
Last-Modified: Sun, 06 Nov 2022 17:30:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9

95.211.116.27

200 OK

31 kB

URL HTTP/1.1
no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Size
31 kB (31381 bytes)
Hash
24df4210e20b229730c49a6f4c2c281a
991c8a8aa9fd6310df106ec17634ecc1a44acb3c
8fb97ef28c9d99eebf94a3ee40cbc4e3902d42d685323676ac98152935c2f280

HTTP Headers

GET /ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239
clickId: 107698147_1667763501603_6578635
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.012467S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 31381
Set-Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; Max-Age=31536000; Expires=Mon, 06 Nov 2023 19:38:21 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6293-1844e737a23-1baff7; Max-Age=31536000; Expires=Mon, 06 Nov 2023 19:38:21 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=79
Connection: Keep-Alive

no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635

95.211.116.27

200 OK

68 B

URL HTTP/1.1
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
Request-Time: PT0.001591S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=84
Connection: Keep-Alive

dd.kelkoogroup.net/tags.js

54.230.111.47

200 OK

43 kB

URL HTTP/2
dd.kelkoogroup.net/tags.js
IP
54.230.111.47:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65432)
Size
43 kB (43000 bytes)
Hash
a9f75aaa24c508083c6eda2912cb2929
c47edaa4aa173610bef816ec6078b8385b271bca
092fecd8bdaf2416d3c813569c99ca72665726b2231a01308c07db16489ca93d

HTTP Headers

GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 43000
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 30 Sep 2022 11:57:45 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront), 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 18:43:53 GMT
cache-control: max-age=3600, public
expires: Sun, 06 Nov 2022 19:43:53 GMT
etag: "33929-5e9e3b3bbc8ac-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: wh27dJlsyCNEyUokQVS7MCSREaCetPQphJ5u4uRxuMKnjGiTJs-yJA==
age: 3268
X-Firefox-Spdy: h2

no-go.kelkoogroup.net/favicon.ico

95.211.116.27

403 Forbidden

0 B

URL HTTP/1.0
no-go.kelkoogroup.net/favicon.ico
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7; _ga=GA1.2.1010994381.1667763499; _gid=GA1.2.131996177.1667763499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635

95.211.116.27

200 OK

0 B

URL HTTP/1.1
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7; _ga=GA1.2.1010994381.1667763499; _gid=GA1.2.131996177.1667763499
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
Request-Time: PT0.002795S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=76
Connection: Keep-Alive

no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635&url=https%3A%2F%2Fsafa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono

95.211.116.27

303 See Other

0 B

URL HTTP/1.1
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635&url=https%3A%2F%2Fsafa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635&url=https%3A%2F%2Fsafa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7; _ga=GA1.2.1010994381.1667763499; _gid=GA1.2.131996177.1667763499
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 303 See Other
Date: Sun, 06 Nov 2022 19:38:21 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239
clickId: 107698147_1667763501603_6578635
country: no
Location: https://safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.012525S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=yoIcQ2QDo0mBlhfPnEK1YI8ibeKnAXvVo6aChdJg_M0KBfQycHIMdIKnjbjAxJkhpwiGNcrzFZFYgXKVxaRFz1qbQ8O3.8kFb7VWCWgxymvTOyL7Hth2llxZZd9saU1; Max-Age=31536000; Expires=Mon, 06 Nov 2023 19:38:21 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=83
Connection: Keep-Alive
Content-Type: text/plain

ocsp.usertrust.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f26acca175080eaa0766c39e475028f
429d591885bf4095cef9b25c9abd4a89a291ad1c
89d9741b1c571c4689076efbed04b968c9534e8b2b5bfa6bfe4e6f01d4679645

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 01:51:17 GMT
Expires: Sat, 12 Nov 2022 01:51:16 GMT
Etag: "429d591885bf4095cef9b25c9abd4a89a291ad1c"
Cache-Control: max-age=603812,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 977
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 766049ff182fb4fd-OSL

api-js.datadome.co/js/

16.170.34.207

200 OK

235 B

URL HTTP/2
api-js.datadome.co/js/
IP
16.170.34.207:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
235 B (235 bytes)
Hash
13fb48919d542863c3c4c5109be68a3b
ca3f6fbe3eafb5645cee3d55471fc4b55bdd9b99
463abd96ab3db1f575408d9337c82611fa4c0138653147e03339d2c3d6aed6b7

HTTP Headers

POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4161
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:21 GMT
content-type: application/json;charset=utf-8
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2

safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono

78.41.126.166

301 Moved Permanently

245 B

URL HTTP/2
safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
245 B (245 bytes)
Hash
0f790fb89d4f46f2224ef7435ddf875c
75bc548f6dfa1d118f2dca1c59890e20b54e6f0e
bc55542eddbbcacf8e337ebd5dfe0a11835edbd9c9b7c195bcdbbeab172ceee3

HTTP Headers

GET /?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
content-length: 245
X-Firefox-Spdy: h2

www.safa.no/Themes/Pacific/Content/fonts/pacific.woff

78.41.126.166

200 OK

24 kB

URL HTTP/2
www.safa.no/Themes/Pacific/Content/fonts/pacific.woff
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
Web Open Font Format, TrueType, length 23484, version 0.0\012- data
Size
24 kB (23484 bytes)
Hash
46f8cd64da4657654eef94f0f7020364
b984f14a5076a29cd47570baefc1980d548fe928
fc2a5a9d7cc27b6b1f145862e807597f2eb2b029299d3edde3002a444f1c534b

HTTP Headers

GET /Themes/Pacific/Content/fonts/pacific.woff HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 23484
content-type: application/font-woff
last-modified: Fri, 19 Aug 2022 06:17:52 GMT
accept-ranges: bytes
etag: "1d8b393698f33bc"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

www.safa.no/images/thumbs/0002285_0000013_logo%20Safa.png

78.41.126.166

200 OK

6.0 kB

URL HTTP/2
www.safa.no/images/thumbs/0002285_0000013_logo%20Safa.png
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
PNG image data, 100 x 82, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5973 bytes)
Hash
0cfc0debfeed752febb696499c5693ca
8762c9bbf89d5bcc5970737cc80d8fb0d34711d7
c1b327c558175a1b88014b38277f23151d1b9aaffc88856caef4b7911bca0b00

HTTP Headers

GET /images/thumbs/0002285_0000013_logo%20Safa.png HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 5973
content-type: image/png
last-modified: Tue, 27 Sep 2022 11:24:05 GMT
accept-ranges: bytes
etag: "1d8d263a6d4efd5"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
12a1f191d3251cadd0fce23ca14e1a5d
a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864
95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f7a069160620a4e6d57b682ac5699ab9
b9b220ee8020e6454eda1fe07a46484583603aa1
330829b027cf342f1048468b54ab7f6045a6c8dc8abe08e434e08712c2c5cf80

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/platform.js?onload=renderBadge

142.250.74.174

200 OK

21 kB

URL HTTP/2
apis.google.com/js/platform.js?onload=renderBadge
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20990 bytes)
Hash
ceb5143f72cecedb2617a2f576b753f3
a5dbe82489d80dcdad67013f550da60360d4aa7f
f88e9f63060b7139054356c9b3431fb08583601fbb20db88d15c85197546c4eb

HTTP Headers

GET /js/platform.js?onload=renderBadge HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20990
date: Sun, 06 Nov 2022 19:38:22 GMT
expires: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c3f94152ccfd81c7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-718127358

142.250.74.168

200 OK

53 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-718127358
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
53 kB (52797 bytes)
Hash
2317dd3ec30aa9907a1fb80c1fad4d83
bd2fabdee35623f94bd4aab2fe56a02412d573d0
bec8dcee74b7c31a2342067ca7b387e43bfb420604d9957de91c614e45eacc7f

HTTP Headers

GET /gtag/js?id=AW-718127358 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 19:38:22 GMT
expires: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52797
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-1XYPHFZS1G

142.250.74.168

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-1XYPHFZS1G
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (25381)
Size
79 kB (78623 bytes)
Hash
1c7dc57189a502fcede6091d1a3aeda1
3768743a9fbf01a8fc00e4be1a90f343c362e5e9
80c14d82e79087426b51ef62474574cddb646c9150bc83a94a91a9cdf5099366

HTTP Headers

GET /gtag/js?id=G-1XYPHFZS1G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 19:38:22 GMT
expires: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
12a1f191d3251cadd0fce23ca14e1a5d
a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864
95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

policy.app.cookieinformation.com/uc.js

152.199.21.175

200 OK

11 kB

URL HTTP/2
policy.app.cookieinformation.com/uc.js
IP
152.199.21.175:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (33201), with no line terminators
Size
11 kB (10617 bytes)
Hash
803dc77701fa106ebad867ea084ad410
bffef1e16b61ef42cdd92b60f021786d04646fb5
efe8976543bf8defbc2f85118fa1de4bfc21d7df01282da387258a04214b5ce4

HTTP Headers

GET /uc.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 250
cache-control: max-age=300
content-md5: XIrjS5OEBpJ6Wlu0kp6q2Q==
content-type: application/javascript
date: Sun, 06 Nov 2022 19:38:22 GMT
etag: 0x8DAA768C92C8C0C
expires: Sun, 06 Nov 2022 19:43:22 GMT
last-modified: Thu, 06 Oct 2022 07:02:51 GMT
server: ECAcc (ska/F74D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f8f2a60f-801e-000c-7d16-f2af45000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 10617
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1667763500676%26.sig%3DaZC6JqvRBkIpv_aKKkjKIQ.C7xg-%26affiliationId%3D96965886%26comId%3D100540395%26country%3Dno%26cpcId%3D554084%26merchantName%3DSafa.no%26searchId%3D1076100343626728_1667763500667_11546309%26service%3D30%26url%3Dhttps%253A%252F%252Fsafa.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3D08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100540395%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Safa.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1010994381.1667763499&tid=UA-168544891-6&_gid=131996177.1667763499&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&cd3=100540395&cd4=a4c6293-1844e737a23-1baff7&cd5=&cd6=96965886%7C100540395%7C&z=1957388013

142.250.74.174

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1667763500676%26.sig%3DaZC6JqvRBkIpv_aKKkjKIQ.C7xg-%26affiliationId%3D96965886%26comId%3D100540395%26country%3Dno%26cpcId%3D554084%26merchantName%3DSafa.no%26searchId%3D1076100343626728_1667763500667_11546309%26service%3D30%26url%3Dhttps%253A%252F%252Fsafa.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3D08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100540395%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Safa.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1010994381.1667763499&tid=UA-168544891-6&_gid=131996177.1667763499&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&cd3=100540395&cd4=a4c6293-1844e737a23-1baff7&cd5=&cd6=96965886%7C100540395%7C&z=1957388013
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1667763500676%26.sig%3DaZC6JqvRBkIpv_aKKkjKIQ.C7xg-%26affiliationId%3D96965886%26comId%3D100540395%26country%3Dno%26cpcId%3D554084%26merchantName%3DSafa.no%26searchId%3D1076100343626728_1667763500667_11546309%26service%3D30%26url%3Dhttps%253A%252F%252Fsafa.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3D08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100540395%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Safa.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1010994381.1667763499&tid=UA-168544891-6&_gid=131996177.1667763499&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&cd3=100540395&cd4=a4c6293-1844e737a23-1baff7&cd5=&cd6=96965886%7C100540395%7C&z=1957388013 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sun, 06 Nov 2022 19:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

policy.app.cookieinformation.com/cookiesharingiframe.html

152.199.21.175

200 OK

2.8 kB

URL HTTP/2
policy.app.cookieinformation.com/cookiesharingiframe.html
IP
152.199.21.175:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8796), with no line terminators
Size
2.8 kB (2809 bytes)
Hash
38b0c27bfe707a0a42357037aa383ab0
9d2d54988f33e1ae150b0b8d72eb872e8e25a1de
2acdd3af21fc12f2ea614042901183a4f6073cf2658f24d73c835090bcd27245

HTTP Headers

GET /cookiesharingiframe.html HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 161
cache-control: max-age=300
content-md5: xqkKVmywb8mz//pJblCHTA==
content-type: text/html
date: Sun, 06 Nov 2022 19:38:22 GMT
etag: 0x8DAA768C92B059E
expires: Sun, 06 Nov 2022 19:43:22 GMT
last-modified: Thu, 06 Oct 2022 07:02:51 GMT
server: ECAcc (ska/F76C)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: bdabc50f-201e-0093-4916-f2e347000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet, noindex, noarchive, nosnippet
content-length: 2809
X-Firefox-Spdy: h2

policy.app.cookieinformation.com/cookie-data/safa.no/cabl.json

152.199.21.175

200 OK

342 B

URL HTTP/2
policy.app.cookieinformation.com/cookie-data/safa.no/cabl.json
IP
152.199.21.175:0
ASN
#15133 EDGECAST

File type
JSON data\012- , ASCII text, with very long lines (1356), with no line terminators
Size
342 B (342 bytes)
Hash
abaa001c31d2ce5efa95cf84f77eea74
29f9895134c87f251d74a3f2b4d3c797b3f00fc4
a1ce59c2a1853eb772a3e356bc8f3120cddd7402787507a05980c3cb1cecd2de

HTTP Headers

GET /cookie-data/safa.no/cabl.json HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 52
cache-control: max-age=300
content-md5: fmd06eG6jcWUcF46GNRDjg==
content-type: application/json
date: Sun, 06 Nov 2022 19:38:22 GMT
etag: 0x8DAB731BA7699B5
expires: Sun, 06 Nov 2022 19:43:22 GMT
last-modified: Wed, 26 Oct 2022 09:09:03 GMT
server: ECAcc (ska/F6CB)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c582396a-801e-007e-3b17-f2a80a000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 342
X-Firefox-Spdy: h2

www.safa.no/Themes/Pacific/Content/img/newsletter.png

78.41.126.166

200 OK

3.2 kB

URL HTTP/2
www.safa.no/Themes/Pacific/Content/img/newsletter.png
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
PNG image data, 132 x 127, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3223 bytes)
Hash
d8971bf04cf03a6815370ee8d7d768e7
96e31e2a4fffb1696458a7f08d01f552092efc23
6fe1db299597012679ac86a57e81db4363dcab50dff6280f1daa00819196d72f

HTTP Headers

GET /Themes/Pacific/Content/img/newsletter.png HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 3223
content-type: image/png
last-modified: Fri, 19 Aug 2022 06:17:52 GMT
accept-ranges: bytes
etag: "1d8b393698f6497"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:21 GMT
expires: Thu, 02 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 345841
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 345854
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.safa.no/js/Homepage.Footer.scripts.js?v=UeUKNGCOaWexJG8WfOv2gfVBYcE

78.41.126.166

200 OK

329 kB

URL HTTP/2
www.safa.no/js/Homepage.Footer.scripts.js?v=UeUKNGCOaWexJG8WfOv2gfVBYcE
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
data
Size
329 kB (329054 bytes)
Hash
11260b96ad68b4c78c08cdff8b5aafc7
4881208001fa581dfa9a5d0848dd9d6c7566bb13
beab1a3429165930aad5e4e54f378f3274792bf7ceda9dd6548a5ec7eb4fcb76

HTTP Headers

GET /js/Homepage.Footer.scripts.js?v=UeUKNGCOaWexJG8WfOv2gfVBYcE HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 10:18:52 GMT
etag: "UeUKNGCOaWexJG8WfOv2gfVBYcE"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

static.lipscore.com/assets/no/lipscore-v1.js

54.230.111.43

200 OK

69 kB

URL HTTP/1.1
static.lipscore.com/assets/no/lipscore-v1.js
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (589)
Size
69 kB (69223 bytes)
Hash
31919f2ebd34913a34c679b6565a7307
8356a452cbf5f7fed09b0d473e6e141443570d1c
cb5296297d969a79b5cf24993a97e06032be7e306ec9ab5f21cd979777eb7001

HTTP Headers

GET /assets/no/lipscore-v1.js HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 69223
Connection: keep-alive
Date: Sun, 06 Nov 2022 09:10:39 GMT
Last-Modified: Fri, 04 Nov 2022 09:03:00 GMT
ETag: "31919f2ebd34913a34c679b6565a7307"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KLbO_8E2FFF8pVOiNYT1hjP856piEMR6Ds_QbvczmbpBOCdJTVjtJA==
Age: 37664

www.safa.no/Plugins/Widgets.Clerk/Content/custClerk.js

78.41.126.166

200 OK

12 kB

URL HTTP/2
www.safa.no/Plugins/Widgets.Clerk/Content/custClerk.js
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (63852), with CRLF, LF line terminators
Size
12 kB (12461 bytes)
Hash
c700b717a29bf2452f9ab570fb613c17
c5b9aef2338b1f3e72f192522fd3318aae964396
4a904ba4349d22b0c7e7f4225c9c90706dac50f47f415fd098be45e81ae8130d

HTTP Headers

GET /Plugins/Widgets.Clerk/Content/custClerk.js HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 08:45:34 GMT
accept-ranges: bytes
etag: "1d8b215b6e5cedc"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.lipscore.com/assets/lipscore-v1.css

54.230.111.43

200 OK

12 kB

URL HTTP/1.1
static.lipscore.com/assets/lipscore-v1.css
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
12 kB (11566 bytes)
Hash
ad324c13384f3748c4d121fab666b608
de2833b8d80bd2ca7b1a077086e803fa9f947cc5
7597379ecb627246ef4309081cce9d17780443654ffe9270a33448189e4dfdfb

HTTP Headers

GET /assets/lipscore-v1.css HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 11566
Connection: keep-alive
Date: Sun, 06 Nov 2022 09:09:09 GMT
Last-Modified: Fri, 04 Nov 2022 09:03:11 GMT
ETag: "ad324c13384f3748c4d121fab666b608"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D3PQtxXUDJV6wXzoVjdwUEI4DnT5_fniw4PkYdvTg-fr5ju-cpFivQ==
Age: 37754

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a8e8ada6177bcc8015ee7d659a2b6bc2
83edfb5edc6aadee54e419588321ad90580032ec
21bf067dbffdaa86153aacd785fea7ce8485235f841d2d5bdc1dbfee4580080e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162750
Date: Sun, 06 Nov 2022 19:38:22 GMT
Etag: "6367dfe2-1d7"
Expires: Tue, 08 Nov 2022 16:50:52 GMT
Last-Modified: Sun, 06 Nov 2022 16:25:06 GMT
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SER2QLixk9_D7ft9WspLi3O3U09-UE9RNFivz2A1Qdnd5ZIcLSXtCA==
Age: 1546

static.lipscore.com/assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2

54.230.111.43

200 OK

17 kB

URL HTTP/1.1
static.lipscore.com/assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 16692, version 1.0\012- data
Size
17 kB (16692 bytes)
Hash
d65113b6da7ba4bd0a59dbda5a7e24d4
929ecf3ad6ab03123a7bad0609b4b8ba1623d4e8
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

HTTP Headers

GET /assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 16692
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:16:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:02:16 GMT
ETag: "d65113b6da7ba4bd0a59dbda5a7e24d4"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:02:14 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xPhmrOgbH5Kid0ONlgS2zaKF4DbdIZ0av3zvBpsEIawW0J1h_r2jPA==
Age: 192109

www.safa.no/js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM

78.41.126.166

200 OK

18 kB

URL HTTP/2
www.safa.no/js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
HTML document, ASCII text, with very long lines (3046)
Size
18 kB (18237 bytes)
Hash
c8e717434fb254048bbca7f0344ede01
e46cfcfbbd4dcab05ccaddd34915fc56ddf6b4c3
f4e1abc58d8d540bedac64e2d323915fcad2aa1715f7e4ab027a860f4899223b

HTTP Headers

GET /js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 13:31:38 GMT
etag: "7ZRpFuQJP1oTXdVTILK9VSdNZaM"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

www.safa.no/favicon.ico

78.41.126.166

200 OK

18 kB

URL HTTP/2
www.safa.no/favicon.ico
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
18 kB (18094 bytes)
Hash
ce73e7420b1416d5f999b02b21fa741d
b11f814926d4a1f1f0509c0a09aedd321d89687f
b1ab769d102b9d51135e4d3e78ab15e9eda7542f672e59a2b75580b2737b66f8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 18094
content-type: image/x-icon
last-modified: Fri, 23 Sep 2022 06:09:40 GMT
accept-ranges: bytes
etag: "1d8cf1310c32cae"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6f642067f3f53e7afdb0ba3b4566692b
ce7e9cc1a03b361ee1f816b478341659f59a819e
977d2102566e465e112bcdddbefd589a56f1866590721ba5fee049e94404790b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5171
Cache-Control: max-age=151596
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Etag: "6367a627-1d7"
Expires: Tue, 08 Nov 2022 13:44:58 GMT
Last-Modified: Sun, 06 Nov 2022 12:18:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

cdn.clerk.io/clerk.js

52.29.221.108

200 OK

54 kB

URL HTTP/2
cdn.clerk.io/clerk.js
IP
52.29.221.108:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65406)
Size
54 kB (54242 bytes)
Hash
8f817fd16f42ec32a7cb04afb9f465d7
4bb4f04fa1977708e8f62bb56ab4053b138bce44
68e7977025b07cb2518d3a04e9703ccdd0db23430dd65cebd0e0f7d3e703e907

HTTP Headers

GET /clerk.js HTTP/1.1
Host: cdn.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:22 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 27 Oct 2022 09:42:55 GMT
vary: Accept-Encoding
etag: W/"635a529f-15f85"
expires: Sun, 06 Nov 2022 20:38:22 GMT
cache-control: max-age=3600
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6f642067f3f53e7afdb0ba3b4566692b
ce7e9cc1a03b361ee1f816b478341659f59a819e
977d2102566e465e112bcdddbefd589a56f1866590721ba5fee049e94404790b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5172
Cache-Control: max-age=151596
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Etag: "6367a627-1d7"
Expires: Tue, 08 Nov 2022 13:44:59 GMT
Last-Modified: Sun, 06 Nov 2022 12:18:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

s.kk-resources.com/leadtag.js

143.204.55.92

200 OK

2.6 kB

URL HTTP/1.1
s.kk-resources.com/leadtag.js
IP
143.204.55.92:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (6910)
Size
2.6 kB (2595 bytes)
Hash
b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0

HTTP Headers

GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: a16ce3d2-c771-4739-ace3-d2c771a739aa
X-Gravitee-Request-Id: a16ce3d2-c771-4739-ace3-d2c771a739aa
ETag: "01eb894c46b26432f1c6dc225e35b2f1bfc24a0c"
Request-Time: 3
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 12 Jul 2022 13:48:05 GMT
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 19:34:08 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PZt0IXzA-HUaNWZV5MtRaxzoHq-cSNB1-iZTcmEYqhYqw6alpqCR9Q==
Age: 255

googleads.g.doubleclick.net/pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.130

200 OK

953 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2123), with no line terminators
Size
953 B (953 bytes)
Hash
057ce3df8e2b1b3f17046db5a06a169b
4eab03219ec142f77c07ae10b38aaef0635cdb4b
6b97fbfd96945cbb7eb0190d40589c194b9c7f7205874547b5c57dcccd51ef87

HTTP Headers

GET /pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 953
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 19:53:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8726479dab7dac401fb7a77c0e979dc0
276158181f7e060c08a5b3340f11fda4cba7eec9
0b7d63c2a7db26ee5af0854bdd13021cc9c8d0f7d3e8c8c9a98c52e933a6668f

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: max-age=171706
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Etag: "6367ef41-1d7"
Expires: Tue, 08 Nov 2022 19:20:09 GMT
Last-Modified: Sun, 06 Nov 2022 17:30:41 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8726479dab7dac401fb7a77c0e979dc0
276158181f7e060c08a5b3340f11fda4cba7eec9
0b7d63c2a7db26ee5af0854bdd13021cc9c8d0f7d3e8c8c9a98c52e933a6668f

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4788
Cache-Control: max-age=169926
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Etag: "6367ef41-1d7"
Expires: Tue, 08 Nov 2022 18:50:29 GMT
Last-Modified: Sun, 06 Nov 2022 17:30:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

s.kelkoogroup.net/k.gif

185.60.164.26

200 OK

0 B

URL HTTP/1.1
s.kelkoogroup.net/k.gif
IP
185.60.164.26:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 3327db86-c805-4a31-a7db-86c805ca310a
X-Gravitee-Request-Id: 3327db86-c805-4a31-a7db-86c805ca310a
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://www.safa.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Sun, 06 Nov 2022 19:38:23 GMT
content-length: 0

s.kelkoogroup.net/k.gif

185.60.164.26

200 OK

43 B

URL HTTP/1.1
s.kelkoogroup.net/k.gif
IP
185.60.164.26:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
ETag: a2Vsa29vSWQ9YTRjNjI5My0xODQ0ZTczN2EyMy0xYmFmZjc=
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: fc43d884-b982-4883-83d8-84b982488372
X-Gravitee-Request-Id: fc43d884-b982-4883-83d8-84b982488372
ETag: a2Vsa29vSWQ9YTRjNjI5My0xODQ0ZTczN2EyMy0xYmFmZjc=
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 0
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://www.safa.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Sun, 06 Nov 2022 19:38:23 GMT
Content-Type: image/gif
content-length: 43

api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3

52.28.115.137

200 OK

106 B

URL HTTP/2
api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3
IP
52.28.115.137:0
ASN
#16509 AMAZON-02

File type
data
Size
106 B (106 bytes)
Hash
721d6cb7395843baa537497914455e45
8092888d3d3de8113642d719da8adae6370b5173
9034b8f3763dd33ab7cf43b38d3bf0bef8e60c30445768d2b08395c9db2c7931

HTTP Headers

GET /v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bf55a5e3b388533c18f4eed310ed28b9
3d9564cad00a8349f63a5c72118b0776524d0eb7
97c32c42968f5f4acf571408533a411b992720182a1477dc95fd792eedbcc624

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2

52.28.115.137

200 OK

86 kB

URL HTTP/2
api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2
IP
52.28.115.137:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (64424)
Size
86 kB (86107 bytes)
Hash
65f66b689ee052d07b031124a9c59fe5
caa17b40836d1939e29a4c9a3e840f2975370a7e
9a54f704f90b7fb67d79c854b72b5a439bed15f03ceac936a91cd68dec0a79b0

HTTP Headers

GET /v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4

142.250.74.164

302 Found

63 B

URL HTTP/2
www.google.com/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wapi.lipscore.com/initial_data/settings/show?api_key=b4b4a5c50cf8ab660690232d&invitation_template_id=&lang=

151.101.86.217

200 OK

9.0 kB

URL HTTP/2
wapi.lipscore.com/initial_data/settings/show?api_key=b4b4a5c50cf8ab660690232d&invitation_template_id=&lang=
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (8974), with no line terminators
Size
9.0 kB (8974 bytes)
Hash
de0faba687a9b60f7c01bd1a7527f816
b7aeed061944b7d8f1529c529e9ea01f91fe9729
7f52bf119cbc13ed5d2f4f92055c07d06b08353b09e64fe59ca1fe321513c09c

HTTP Headers

GET /initial_data/settings/show?api_key=b4b4a5c50cf8ab660690232d&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 8a033d6c-f2b4-43ea-af97-236f727b14af
x-runtime: 0.033499
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 19:38:23 GMT
age: 475587
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1667763503.412939,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.safa.no
content-length: 8974
X-Firefox-Spdy: h2

wapi.lipscore.com/hit?api_key=b4b4a5c50cf8ab660690232d

151.101.86.217

200 OK

0 B

URL HTTP/2
wapi.lipscore.com/hit?api_key=b4b4a5c50cf8ab660690232d
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hit?api_key=b4b4a5c50cf8ab660690232d HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Sun, 06 Nov 2022 19:38:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1667763503.417009,VS0,VE0
access-control-allow-origin: https://www.safa.no
content-length: 0
X-Firefox-Spdy: h2

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787

64.233.165.154

302 Found

366 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
366 B (366 bytes)
Hash
2937bc2f9de501ccb29ad97e17c7d085
972c131c8172b41f4bccc971bf5bf8d8e9b6b960
a74a8205d13dead3fc2ff987b2a0c829769d46efc9b22da6d7aff9db948738f6

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=447038315672833&ev=PageView&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1667763501342&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667763501340.1134489202&it=1667763500984&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=447038315672833&ev=PageView&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1667763501342&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667763501340.1134489202&it=1667763500984&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=447038315672833&ev=PageView&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1667763501342&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667763501340.1134489202&it=1667763500984&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-1XYPHFZS1G&gtm=2oeb20&_p=1604192142&cid=17337051.1667763501&ul=en-us&sr=1280x1024&_s=1&sid=1667763500&sct=1&seg=0&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Safa.%20Safa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-1XYPHFZS1G&gtm=2oeb20&_p=1604192142&cid=17337051.1667763501&ul=en-us&sr=1280x1024&_s=1&sid=1667763500&sct=1&seg=0&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Safa.%20Safa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-1XYPHFZS1G&gtm=2oeb20&_p=1604192142&cid=17337051.1667763501&ul=en-us&sr=1280x1024&_s=1&sid=1667763500&sct=1&seg=0&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Safa.%20Safa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.safa.no
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

wapi.lipscore.com/initial_data/products/show?api_key=b4b4a5c50cf8ab660690232d&internal_id=service_review&widgets=srw_t&translate_to_lang=no

151.101.86.217

200 OK

1.9 kB

URL HTTP/2
wapi.lipscore.com/initial_data/products/show?api_key=b4b4a5c50cf8ab660690232d&internal_id=service_review&widgets=srw_t&translate_to_lang=no
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1879), with no line terminators
Size
1.9 kB (1901 bytes)
Hash
3326050f99c718bb2d16c76bff8a0f17
ec9eb83416fa3e149fb5cfe7a10598588522c3d6
d0cfdad13805464808ba6d0c53efe5ed7d1b962578097148c9aa449c04855a6b

HTTP Headers

GET /initial_data/products/show?api_key=b4b4a5c50cf8ab660690232d&internal_id=service_review&widgets=srw_t&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 6bda9b1c-e8fe-4f6a-b98d-e5822e97679a
x-runtime: 0.799813
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 19:38:23 GMT
age: 142653
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667763504.520637,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.safa.no
content-length: 1901
X-Firefox-Spdy: h2

www.safa.no/images/thumbs/0002286_0005212_Joggesett_h%C3%B8st2022.jpeg

78.41.126.166

200 OK

775 kB

URL HTTP/2
www.safa.no/images/thumbs/0002286_0005212_Joggesett_h%C3%B8st2022.jpeg
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2022:08:29 13:24:59], progressive, precision 8, 1920x540, components 3\012- data
Size
775 kB (775221 bytes)
Hash
b0e4d86f637368006fa4dd81d9fae006
a82c1306d01b255758062d287040057184fd9de7
a2d55ced85b8397ae9e0cf7d4a12f5ac08635bec275b69734311539cdd7ebe9e

HTTP Headers

GET /images/thumbs/0002286_0005212_Joggesett_h%C3%B8st2022.jpeg HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7; .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; kk_au=1.1.1076399580.1667763501; _fbp=fb.1.1667763501340.1134489202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 775221
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 12:47:49 GMT
accept-ranges: bytes
etag: "1d8d26f59555cb5"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2

static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff

54.230.111.43

200 OK

1.2 kB

URL HTTP/1.1
static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, CFF, length 1192, version 1.0\012- data
Size
1.2 kB (1192 bytes)
Hash
c6d2fba8756c3e43a3dbd5c708550121
691694201280898a21a535ff904712c0c8da4545
3db7852ef1e0fa9f2bbf21800b7a600ceece16e69f5781b0c205984c1ac460ee

HTTP Headers

GET /assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 1192
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:23:54 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:03:59 GMT
ETag: "c6d2fba8756c3e43a3dbd5c708550121"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:03:58 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ChbESOJfdiHa1TafraN19xQA7eCWn7GI1X-1OJlXgIO3IeJJ5JLrTg==
Age: 191670

static.lipscore.com/assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2

54.230.111.43

200 OK

16 kB

URL HTTP/1.1
static.lipscore.com/assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 16408, version 1.0\012- data
Size
16 kB (16408 bytes)
Hash
875ba54801f7cf83ea70abf613fab665
a747343db86c1ba5d10d6cb1814fd6ac6db42b65
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

HTTP Headers

GET /assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 16408
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:16:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:02:33 GMT
ETag: "875ba54801f7cf83ea70abf613fab665"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:02:32 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -DnnEb2eLOrbAjjcqtf7T1AxbOSCa-5D4efbHMHIkG0DQfFbY-Aipw==
Age: 192110

static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2

54.230.111.43

200 OK

18 kB

URL HTTP/1.1
static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 17768, version 1.0\012- data
Size
18 kB (17768 bytes)
Hash
b42f06e6ecc6ae551b010ba0ff4fa6a3
363c4ff155d5e82e88d9dfe31e129dcf62b4dced
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0

HTTP Headers

GET /assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 17768
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:16:39 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:04:39 GMT
ETag: "b42f06e6ecc6ae551b010ba0ff4fa6a3"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:04:38 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y7r2NuM9XncbuDr4Hf3XEwl_x92LAfwLGevWTmg_fauRqcEaV3FOuw==
Age: 192105

www.safa.no/images/thumbs/0001183.jpeg

78.41.126.166

200 OK

643 kB

URL HTTP/2
www.safa.no/images/thumbs/0001183.jpeg
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x540, components 3\012- data
Size
643 kB (642667 bytes)
Hash
d49b34b879d8eb36cf3f2ba8c651d596
6d74b8ba1248e71b24d24cf299f283ff1b99fbaf
a467c6e98fb7940eb374bcf3e599ce3696e866fc828d84f1e627d7028c27fae0

HTTP Headers

GET /images/thumbs/0001183.jpeg HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7; .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; kk_au=1.1.1076399580.1667763501; _fbp=fb.1.1667763501340.1134489202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 642667
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 11:59:19 GMT
accept-ranges: bytes
etag: "1d8d26892d60beb"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2

www.safa.no/images/thumbs/0002001.jpeg

78.41.126.166

200 OK

637 kB

URL HTTP/2
www.safa.no/images/thumbs/0002001.jpeg
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CC 2018 (Windows)2021:10:05 14:10:18\003, datetime=2021:10:05 14:10:18\003], baseline, precision 8, 1920x540, components 3\012- data
Size
637 kB (636853 bytes)
Hash
6754247715e6af3da599f3b7376a5dd0
5181c3363ef3336d92c6113626663cae9f604fca
0db629ba7f108e0338234b6e7f3179a9829142dd1f2ff70429edda91611809b6

HTTP Headers

GET /images/thumbs/0002001.jpeg HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7; .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; kk_au=1.1.1076399580.1667763501; _fbp=fb.1.1667763501340.1134489202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 636853
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 11:59:19 GMT
accept-ranges: bytes
etag: "1d8d26892d67235"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2

www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono

78.41.126.166

200 OK

0 B

URL HTTP/2
www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: nb-NO
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-miniprofiler-ids: ["34c069ca-5886-4659-a24e-0e4ee3804bd0"]
set-cookie: .Nop.Customer=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; expires=Mon, 06 Nov 2023 19:38:22 GMT; path=/; secure; httponly
.Nop.Culture=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; expires=Mon, 06 Nov 2023 19:38:22 GMT; path=/
.Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; path=/; secure; samesite=strict; httponly
.Nop.TempData=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; samesite=lax; httponly
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

www.safa.no/css/Homepage.Head.styles.css?v=HqzdkuxbfK4Kq6VcpcT_LCY6y5Y

78.41.126.166

200 OK

0 B

URL HTTP/2
www.safa.no/css/Homepage.Head.styles.css?v=HqzdkuxbfK4Kq6VcpcT_LCY6y5Y
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/Homepage.Head.styles.css?v=HqzdkuxbfK4Kq6VcpcT_LCY6y5Y HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/css; charset=UTF-8
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 06:23:18 GMT
etag: "HqzdkuxbfK4Kq6VcpcT_LCY6y5Y"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

www.safa.no/getquickviewbutton?_=1667763500392

78.41.126.166

200 OK

0 B

URL HTTP/2
www.safa.no/getquickviewbutton?_=1667763500392
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /getquickviewbutton?_=1667763500392 HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: nb-NO
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-miniprofiler-ids: ["cf5e85d3-157c-422a-a661-435b861ad3af"]
set-cookie: .Nop.Customer=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; expires=Mon, 06 Nov 2023 19:38:23 GMT; path=/; secure; httponly
.Nop.Culture=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; expires=Mon, 06 Nov 2023 19:38:23 GMT; path=/
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 19:38:22 GMT
date: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.safa.no/css/digiCust.css?v=qJXQpOnKMXO0fOETDN8ga041-9Y

78.41.126.166

200 OK

0 B

URL HTTP/2
www.safa.no/css/digiCust.css?v=qJXQpOnKMXO0fOETDN8ga041-9Y
IP
78.41.126.166:0
ASN
#44764 Bitpro

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/digiCust.css?v=qJXQpOnKMXO0fOETDN8ga041-9Y HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/css; charset=UTF-8
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 07:22:36 GMT
etag: "qJXQpOnKMXO0fOETDN8ga041-9Y"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2

api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0

52.28.115.137

200 OK

0 B

URL HTTP/2
api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0
IP
52.28.115.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4

52.28.115.137

200 OK

0 B

URL HTTP/2
api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4
IP
52.28.115.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations