fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
185.107.56.192200 OK 548 B URL HTTP/1.1 fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
IP 185.107.56.192:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (548), with no line terminators
Hash 75f2f9f6185553c6b1e1c60dfe742b75
917dd5a0b63cd5a44427d48dacb8b92e839bee46
1be87eb3a085800e604ef018e1116eca0bb2cffc58d5c4bf7780a458f4616056
Analyzer Verdict Alert fortinet Phishing
GET /perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf HTTP/1.1
Host: fkunismuh.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 548
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 19:38:17 GMT
server: nginx
set-cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645; path=/; domain=.fkunismuh.org; expires=Fri, 24 Nov 2090 22:52:24 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17033
Expires: Mon, 07 Nov 2022 00:22:11 GMT
Date: Sun, 06 Nov 2022 19:38:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2247
Cache-Control: max-age=142212
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:18 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:08:30 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9580
Expires: Sun, 06 Nov 2022 22:17:58 GMT
Date: Sun, 06 Nov 2022 19:38:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ERM323KxasrOAilOk/N5PXLsbByEwtDJLGfq1+pQdT+FqAbc8is7fQLtqEYiglDQx60QD0M6GYE=
x-amz-request-id: E1TS9N1X33Z3WPRK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 19:10:34 GMT
age: 1664
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 19:38:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fkunismuh.org/favicon.ico
185.107.56.192404 Not Found 9 B URL HTTP/1.1 fkunismuh.org/favicon.ico
IP 185.107.56.192:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: fkunismuh.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
Cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 06 Nov 2022 19:38:17 GMT
server: nginx
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4130
Cache-Control: max-age=139042
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:19 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:15:41 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Nzc3MDY5NywiaWF0IjoxNjY3NzYzNDk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2loYzQ1ZGVpcjB2cWI1YWcyY250b2UiLCJuYmYiOjE2Njc3NjM0OTcsInRzIjoxNjY3NzYzNDk3ODk1OTE3fQ.jvSATaB2rxkfLD8hwPYute2zQINKkbgz4TGHGehy1io&sid=901d6bee-5e0a-11ed-a753-fe05b26df645
185.107.56.192302 Found 11 B URL HTTP/1.1 fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Nzc3MDY5NywiaWF0IjoxNjY3NzYzNDk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2loYzQ1ZGVpcjB2cWI1YWcyY250b2UiLCJuYmYiOjE2Njc3NjM0OTcsInRzIjoxNjY3NzYzNDk3ODk1OTE3fQ.jvSATaB2rxkfLD8hwPYute2zQINKkbgz4TGHGehy1io&sid=901d6bee-5e0a-11ed-a753-fe05b26df645
IP 185.107.56.192:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Nzc3MDY5NywiaWF0IjoxNjY3NzYzNDk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2loYzQ1ZGVpcjB2cWI1YWcyY250b2UiLCJuYmYiOjE2Njc3NjM0OTcsInRzIjoxNjY3NzYzNDk3ODk1OTE3fQ.jvSATaB2rxkfLD8hwPYute2zQINKkbgz4TGHGehy1io&sid=901d6bee-5e0a-11ed-a753-fe05b26df645 HTTP/1.1
Host: fkunismuh.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fkunismuh.org/perpustakaan/repository/coin-master-hack-apk-april-12-2021_GM406889139.pdf
Cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 06 Nov 2022 19:38:18 GMT
location: http://dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=901d6bee-5e0a-11ed-a753-fe05b26df645; path=/; domain=.fkunismuh.org; expires=Fri, 24 Nov 2090 22:52:26 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W3HIudcT72Y67gv87OF1gw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 15mEbyp8A+ajOLIIhHMmJS+vCyY=
dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
3.208.247.235200 998 B URL HTTP/1.1 dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 85a793d2d96f793a797f2e1dbf4710ee
8101fc9dc3714beaf2b3709abec495dfe5aa616d
6d3f6b41990975c6076e438bf5c83122231bdba2bc4296b0b5e62baca07d6c21
GET /zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fkunismuh.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 06 Nov 2022 19:38:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: jsPYtoHm
dipaka-ead.com/zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
3.208.247.235200 356 B URL HTTP/1.1 dipaka-ead.com/zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash abebddefed8d08d7e03b2650cdf29291
ba08da48f1857d8ed6cd81af63e5ded7999286dd
d1e7a94fdca73216c281ee7df142a14369718b83b4ca6577eca794d02ab6ca2a
GET /zcredirect?visitid=90afaef2-5e0a-11ed-9910-0a74c3dec137&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/90afaef2-5e0a-11ed-9910-0a74c3dec137/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 06 Nov 2022 19:38:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: JLMwcJIz
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b7699a41cd18913d6479728394918f6
83a129be58905b32042c1c4b7f86cf4901a7b812
9f1c4537e8e180879eb970deeef397a989a6f08a37404cc94a6c19419d501cc3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F1C4537E8E180879EB970DEEEF397A989A6F08A37404CC94A6C19419D501CC3"
Last-Modified: Sun, 06 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10718
Expires: Sun, 06 Nov 2022 22:36:57 GMT
Date: Sun, 06 Nov 2022 19:38:19 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem
78.46.197.88200 OK 347 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (347), with no line terminators
Hash f909a8f31c015f730fa50f5e46d59630
c13f79bb5831f03898c3bf715f4b3d5bed4d9e28
879914ee6d08a25ec44e40ccd8990caa80d98971580e884ac24af53c3c45efa8
GET /s/r6?s=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 3ab871ebd06159edc0f2ce56d5887800=40c6df967326c762c0727eb9d1b962182d6ddbbf48b66d1432ea756dd452a0bfa%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223ab871ebd06159edc0f2ce56d5887800%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 07-Nov-2022 19:38:19 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 347
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 19:38:19 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 370d89dc2bfb0b066c7e4ab5f90e651f
ec3454a36cd598b7c9294dde6937350dad4959b3
8da2fb6adf8edd92fe869ce30c965b3af27d2ecbf3c826606c4ef6907b5373aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DA2FB6ADF8EDD92FE869CE30C965B3AF27D2ECBF3C826606C4EF6907B5373AA"
Last-Modified: Fri, 04 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Sun, 06 Nov 2022 22:59:58 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=safa.no&s1=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem&s5=cf
5.9.110.29200 OK 616 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=safa.no&s1=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Hash 6811f9c72dba946d6c5de7946920d830
0c5e53ae703c226c3ae041eda78a5ef7d6b67561
b8e4e827ec5a6f166d31d91aaf3d1eeb85ae358748c68f2db42785e8c2e4fd13
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=safa.no&s1=623619497&s2=badious-buzzard&s3=oscar-ret-1ozqwe6nem&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:20 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: f7b1fc5977248f044de0a7a19541891f=01b215a707de04fd64723ec66792a85a4072610adc6af643ef6ddfd637725108a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22f7b1fc5977248f044de0a7a19541891f%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 07-Nov-2022 19:38:20 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89
5.9.110.29200 OK 544 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash be03d7f483d91339cc72649095d11877
4e400b72c4c01c8fae9d27e02c0281c8817e4a7d
a50e6f5a1acbe1611f63fbcc8cbcd4c78e216c23b24de797fd228b1558243b23
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DaGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0%3D%26i%3DQWSh2QhipKmFF_Lz%26placementId%3Dd0123e31c95b61d04b31c5b20ca5f142&h=842cbb3123cf9e0925d9e215ecd34c89 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: f7b1fc5977248f044de0a7a19541891f=01b215a707de04fd64723ec66792a85a4072610adc6af643ef6ddfd637725108a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22f7b1fc5977248f044de0a7a19541891f%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:20 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2dd970cda7cf0677b8bd9f595148ba06
846cd6846fe5905417f35bacfd5a1a9b33388c56
e82012a70a0f2449861b7036919ba238317b20271868ca8ca37a0ce9883cc522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82012A70A0F2449861B7036919BA238317B20271868CA8CA37A0CE9883CC522"
Last-Modified: Sat, 05 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10463
Expires: Sun, 06 Nov 2022 22:32:43 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive
api.yadore.com/v2/r/deeplink?e=aGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0=&i=QWSh2QhipKmFF_Lz&placementId=d0123e31c95b61d04b31c5b20ca5f142
88.99.112.6302 Found 0 B URL HTTP/2 api.yadore.com/v2/r/deeplink?e=aGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0=&i=QWSh2QhipKmFF_Lz&placementId=d0123e31c95b61d04b31c5b20ca5f142
IP 88.99.112.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r/deeplink?e=aGRFNXRrYUN6ZzZ0S0cxS0xmSDAxcU5FaUZRTGo5NWJDbjE4bGlkRmF6WEtXOGhUamtTeTVMekwvQnNwZWVkTUJIR2dWTm9xMmZiWGdnbXAxenhGMEpKUGl4VE1tQkVHYS9VdTJvUCtjbDh5bkVBdk9FeUZFOVpNUTBUOXh4ZnNCTDZKQlhERHkwSHo1U2pyUzM1cjkzaDVoNHp2bzdYa1FZU1RaK3hJU2I0eTVUND0=&i=QWSh2QhipKmFF_Lz&placementId=d0123e31c95b61d04b31c5b20ca5f142 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 19:38:20 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.24
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10101
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 19:38:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 78570
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 78827
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:07 GMT
age: 76873
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 47421
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 77142
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 50797
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false
143.204.55.124302 Found 0 B URL HTTP/2 api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false
IP 143.204.55.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fsafa.no%2F&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
x-gravitee-transaction-id: 2df9ac31-8721-4b13-b9ac-3187214b1359
x-gravitee-request-id: 2df9ac31-8721-4b13-b9ac-3187214b1359
vary: Origin
request-time: 10
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Sun, 06 Nov 2022 19:38:20 GMT
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: df79KpB6KQANrcRuCza33YeuLAXAL0mIeM2hP5GXort2kdFsHwC1Gw==
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8726479dab7dac401fb7a77c0e979dc0
276158181f7e060c08a5b3340f11fda4cba7eec9
0b7d63c2a7db26ee5af0854bdd13021cc9c8d0f7d3e8c8c9a98c52e933a6668f
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4786
Cache-Control: max-age=169926
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:21 GMT
Etag: "6367ef41-1d7"
Expires: Tue, 08 Nov 2022 18:50:27 GMT
Last-Modified: Sun, 06 Nov 2022 17:30:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
95.211.116.27200 OK 31 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 24df4210e20b229730c49a6f4c2c281a
991c8a8aa9fd6310df106ec17634ecc1a44acb3c
8fb97ef28c9d99eebf94a3ee40cbc4e3902d42d685323676ac98152935c2f280
GET /ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239
clickId: 107698147_1667763501603_6578635
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.012467S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 31381
Set-Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; Max-Age=31536000; Expires=Mon, 06 Nov 2023 19:38:21 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6293-1844e737a23-1baff7; Max-Age=31536000; Expires=Mon, 06 Nov 2023 19:38:21 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=79
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
Request-Time: PT0.001591S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=84
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.47200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.47:0
File type ASCII text, with very long lines (65432)
Hash a9f75aaa24c508083c6eda2912cb2929
c47edaa4aa173610bef816ec6078b8385b271bca
092fecd8bdaf2416d3c813569c99ca72665726b2231a01308c07db16489ca93d
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 43000
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 30 Sep 2022 11:57:45 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront), 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 18:43:53 GMT
cache-control: max-age=3600, public
expires: Sun, 06 Nov 2022 19:43:53 GMT
etag: "33929-5e9e3b3bbc8ac-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: wh27dJlsyCNEyUokQVS7MCSREaCetPQphJ5u4uRxuMKnjGiTJs-yJA==
age: 3268
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.27403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7; _ga=GA1.2.1010994381.1667763499; _gid=GA1.2.131996177.1667763499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7; _ga=GA1.2.1010994381.1667763499; _gid=GA1.2.131996177.1667763499
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
Request-Time: PT0.002795S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=76
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635&url=https%3A%2F%2Fsafa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635&url=https%3A%2F%2Fsafa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604219256e88970c3d47f82d3a26aa089a372dae545350767aeaa63afe514da21cc900171823e33feb2711d14185ffe65549434fe3885e0768ea1ccd4f30032a3714f21afb9ff7403218a7be85e286f0df311e758247b80a028b231047a9025ba3f28b4786f9c510990c69c036cd490c37124ec3ed4b7269b315dfcc77b737d37c43a19c521e802ed1f0a8954288f572fb9d722360b2e3312ce2524e4134bb870ee66ab51f772a30f4d55c184378153abbc7e969c9ceda2def201cc87db7de3f4736811bcaa4a6f2ddb4c9890f9b43a24f1752e2b11a8049951dd15f4f069ad7e1cb64a052ae8a8789bd6566d2e5fa81191d4161c303b9a1309c42bfab9237dcdf8f4&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&clickId=107698147_1667763501603_6578635&url=https%3A%2F%2Fsafa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1667763500676&.sig=aZC6JqvRBkIpv_aKKkjKIQ.C7xg-&affiliationId=96965886&comId=100540395&country=no&cpcId=554084&merchantName=Safa.no&searchId=1076100343626728_1667763500667_11546309&service=30&url=https%3A%2F%2Fsafa.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9
Connection: keep-alive
Cookie: datadome=.A0iAXrG9T~ieqeXlmpO-7DxIrGxo~bmJRB2DWeLDmjcip9T7uffhPV1zxuHkpo~bBaRH._1~g_b_BWUYcV9gOfSgs-ZOTVik.OM.kGl1JhRgNurLghgj3e3_Su0Q_z1; kelkooID=a4c6293-1844e737a23-1baff7; _ga=GA1.2.1010994381.1667763499; _gid=GA1.2.131996177.1667763499
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Sun, 06 Nov 2022 19:38:21 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239
clickId: 107698147_1667763501603_6578635
country: no
Location: https://safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.012525S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=yoIcQ2QDo0mBlhfPnEK1YI8ibeKnAXvVo6aChdJg_M0KBfQycHIMdIKnjbjAxJkhpwiGNcrzFZFYgXKVxaRFz1qbQ8O3.8kFb7VWCWgxymvTOyL7Hth2llxZZd9saU1; Max-Age=31536000; Expires=Mon, 06 Nov 2023 19:38:21 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=83
Connection: Keep-Alive
Content-Type: text/plain
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f26acca175080eaa0766c39e475028f
429d591885bf4095cef9b25c9abd4a89a291ad1c
89d9741b1c571c4689076efbed04b968c9534e8b2b5bfa6bfe4e6f01d4679645
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 19:38:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 01:51:17 GMT
Expires: Sat, 12 Nov 2022 01:51:16 GMT
Etag: "429d591885bf4095cef9b25c9abd4a89a291ad1c"
Cache-Control: max-age=603812,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 977
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 766049ff182fb4fd-OSL
api-js.datadome.co/js/
16.170.34.207200 OK 235 B IP 16.170.34.207:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 13fb48919d542863c3c4c5109be68a3b
ca3f6fbe3eafb5645cee3d55471fc4b55bdd9b99
463abd96ab3db1f575408d9337c82611fa4c0138653147e03339d2c3d6aed6b7
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4161
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:21 GMT
content-type: application/json;charset=utf-8
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
78.41.126.166301 Moved Permanently 245 B URL HTTP/2 safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP 78.41.126.166:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0f790fb89d4f46f2224ef7435ddf875c
75bc548f6dfa1d118f2dca1c59890e20b54e6f0e
bc55542eddbbcacf8e337ebd5dfe0a11835edbd9c9b7c195bcdbbeab172ceee3
GET /?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
content-length: 245
X-Firefox-Spdy: h2
www.safa.no/Themes/Pacific/Content/fonts/pacific.woff
78.41.126.166200 OK 24 kB URL HTTP/2 www.safa.no/Themes/Pacific/Content/fonts/pacific.woff
IP 78.41.126.166:0
File type Web Open Font Format, TrueType, length 23484, version 0.0\012- data
Hash 46f8cd64da4657654eef94f0f7020364
b984f14a5076a29cd47570baefc1980d548fe928
fc2a5a9d7cc27b6b1f145862e807597f2eb2b029299d3edde3002a444f1c534b
GET /Themes/Pacific/Content/fonts/pacific.woff HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 23484
content-type: application/font-woff
last-modified: Fri, 19 Aug 2022 06:17:52 GMT
accept-ranges: bytes
etag: "1d8b393698f33bc"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
www.safa.no/images/thumbs/0002285_0000013_logo%20Safa.png
78.41.126.166200 OK 6.0 kB URL HTTP/2 www.safa.no/images/thumbs/0002285_0000013_logo%20Safa.png
IP 78.41.126.166:0
File type PNG image data, 100 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 0cfc0debfeed752febb696499c5693ca
8762c9bbf89d5bcc5970737cc80d8fb0d34711d7
c1b327c558175a1b88014b38277f23151d1b9aaffc88856caef4b7911bca0b00
GET /images/thumbs/0002285_0000013_logo%20Safa.png HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 5973
content-type: image/png
last-modified: Tue, 27 Sep 2022 11:24:05 GMT
accept-ranges: bytes
etag: "1d8d263a6d4efd5"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 12a1f191d3251cadd0fce23ca14e1a5d
a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864
95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f7a069160620a4e6d57b682ac5699ab9
b9b220ee8020e6454eda1fe07a46484583603aa1
330829b027cf342f1048468b54ab7f6045a6c8dc8abe08e434e08712c2c5cf80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js?onload=renderBadge
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js?onload=renderBadge
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash ceb5143f72cecedb2617a2f576b753f3
a5dbe82489d80dcdad67013f550da60360d4aa7f
f88e9f63060b7139054356c9b3431fb08583601fbb20db88d15c85197546c4eb
GET /js/platform.js?onload=renderBadge HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20990
date: Sun, 06 Nov 2022 19:38:22 GMT
expires: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c3f94152ccfd81c7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-718127358
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-718127358
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 2317dd3ec30aa9907a1fb80c1fad4d83
bd2fabdee35623f94bd4aab2fe56a02412d573d0
bec8dcee74b7c31a2342067ca7b387e43bfb420604d9957de91c614e45eacc7f
GET /gtag/js?id=AW-718127358 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 19:38:22 GMT
expires: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52797
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-1XYPHFZS1G
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-1XYPHFZS1G
IP 142.250.74.168:0
File type ASCII text, with very long lines (25381)
Hash 1c7dc57189a502fcede6091d1a3aeda1
3768743a9fbf01a8fc00e4be1a90f343c362e5e9
80c14d82e79087426b51ef62474574cddb646c9150bc83a94a91a9cdf5099366
GET /gtag/js?id=G-1XYPHFZS1G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 19:38:22 GMT
expires: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 12a1f191d3251cadd0fce23ca14e1a5d
a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864
95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
policy.app.cookieinformation.com/uc.js
152.199.21.175200 OK 11 kB URL HTTP/2 policy.app.cookieinformation.com/uc.js
IP 152.199.21.175:0
File type Unicode text, UTF-8 text, with very long lines (33201), with no line terminators
Hash 803dc77701fa106ebad867ea084ad410
bffef1e16b61ef42cdd92b60f021786d04646fb5
efe8976543bf8defbc2f85118fa1de4bfc21d7df01282da387258a04214b5ce4
GET /uc.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 250
cache-control: max-age=300
content-md5: XIrjS5OEBpJ6Wlu0kp6q2Q==
content-type: application/javascript
date: Sun, 06 Nov 2022 19:38:22 GMT
etag: 0x8DAA768C92C8C0C
expires: Sun, 06 Nov 2022 19:43:22 GMT
last-modified: Thu, 06 Oct 2022 07:02:51 GMT
server: ECAcc (ska/F74D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f8f2a60f-801e-000c-7d16-f2af45000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 10617
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1667763500676%26.sig%3DaZC6JqvRBkIpv_aKKkjKIQ.C7xg-%26affiliationId%3D96965886%26comId%3D100540395%26country%3Dno%26cpcId%3D554084%26merchantName%3DSafa.no%26searchId%3D1076100343626728_1667763500667_11546309%26service%3D30%26url%3Dhttps%253A%252F%252Fsafa.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3D08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100540395%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Safa.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1010994381.1667763499&tid=UA-168544891-6&_gid=131996177.1667763499&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&cd3=100540395&cd4=a4c6293-1844e737a23-1baff7&cd5=&cd6=96965886%7C100540395%7C&z=1957388013
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1667763500676%26.sig%3DaZC6JqvRBkIpv_aKKkjKIQ.C7xg-%26affiliationId%3D96965886%26comId%3D100540395%26country%3Dno%26cpcId%3D554084%26merchantName%3DSafa.no%26searchId%3D1076100343626728_1667763500667_11546309%26service%3D30%26url%3Dhttps%253A%252F%252Fsafa.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3D08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100540395%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Safa.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1010994381.1667763499&tid=UA-168544891-6&_gid=131996177.1667763499&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&cd3=100540395&cd4=a4c6293-1844e737a23-1baff7&cd5=&cd6=96965886%7C100540395%7C&z=1957388013
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1667763500676%26.sig%3DaZC6JqvRBkIpv_aKKkjKIQ.C7xg-%26affiliationId%3D96965886%26comId%3D100540395%26country%3Dno%26cpcId%3D554084%26merchantName%3DSafa.no%26searchId%3D1076100343626728_1667763500667_11546309%26service%3D30%26url%3Dhttps%253A%252F%252Fsafa.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3D08f308487d5bcb7756deb988a786c739715111fb5ecd65b02b70ed96b8e096a9&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100540395%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Safa.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1010994381.1667763499&tid=UA-168544891-6&_gid=131996177.1667763499&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1667763501605_3430239&cd3=100540395&cd4=a4c6293-1844e737a23-1baff7&cd5=&cd6=96965886%7C100540395%7C&z=1957388013 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sun, 06 Nov 2022 19:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookiesharingiframe.html
152.199.21.175200 OK 2.8 kB URL HTTP/2 policy.app.cookieinformation.com/cookiesharingiframe.html
IP 152.199.21.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8796), with no line terminators
Hash 38b0c27bfe707a0a42357037aa383ab0
9d2d54988f33e1ae150b0b8d72eb872e8e25a1de
2acdd3af21fc12f2ea614042901183a4f6073cf2658f24d73c835090bcd27245
GET /cookiesharingiframe.html HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 161
cache-control: max-age=300
content-md5: xqkKVmywb8mz//pJblCHTA==
content-type: text/html
date: Sun, 06 Nov 2022 19:38:22 GMT
etag: 0x8DAA768C92B059E
expires: Sun, 06 Nov 2022 19:43:22 GMT
last-modified: Thu, 06 Oct 2022 07:02:51 GMT
server: ECAcc (ska/F76C)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: bdabc50f-201e-0093-4916-f2e347000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet, noindex, noarchive, nosnippet
content-length: 2809
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookie-data/safa.no/cabl.json
152.199.21.175200 OK 342 B URL HTTP/2 policy.app.cookieinformation.com/cookie-data/safa.no/cabl.json
IP 152.199.21.175:0
File type JSON data\012- , ASCII text, with very long lines (1356), with no line terminators
Hash abaa001c31d2ce5efa95cf84f77eea74
29f9895134c87f251d74a3f2b4d3c797b3f00fc4
a1ce59c2a1853eb772a3e356bc8f3120cddd7402787507a05980c3cb1cecd2de
GET /cookie-data/safa.no/cabl.json HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 52
cache-control: max-age=300
content-md5: fmd06eG6jcWUcF46GNRDjg==
content-type: application/json
date: Sun, 06 Nov 2022 19:38:22 GMT
etag: 0x8DAB731BA7699B5
expires: Sun, 06 Nov 2022 19:43:22 GMT
last-modified: Wed, 26 Oct 2022 09:09:03 GMT
server: ECAcc (ska/F6CB)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c582396a-801e-007e-3b17-f2a80a000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 342
X-Firefox-Spdy: h2
www.safa.no/Themes/Pacific/Content/img/newsletter.png
78.41.126.166200 OK 3.2 kB URL HTTP/2 www.safa.no/Themes/Pacific/Content/img/newsletter.png
IP 78.41.126.166:0
File type PNG image data, 132 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash d8971bf04cf03a6815370ee8d7d768e7
96e31e2a4fffb1696458a7f08d01f552092efc23
6fe1db299597012679ac86a57e81db4363dcab50dff6280f1daa00819196d72f
GET /Themes/Pacific/Content/img/newsletter.png HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 3223
content-type: image/png
last-modified: Fri, 19 Aug 2022 06:17:52 GMT
accept-ranges: bytes
etag: "1d8b393698f6497"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:21 GMT
expires: Thu, 02 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 345841
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 345854
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.safa.no/js/Homepage.Footer.scripts.js?v=UeUKNGCOaWexJG8WfOv2gfVBYcE
78.41.126.166200 OK 329 kB URL HTTP/2 www.safa.no/js/Homepage.Footer.scripts.js?v=UeUKNGCOaWexJG8WfOv2gfVBYcE
IP 78.41.126.166:0
Size 329 kB (329054 bytes)
Hash 11260b96ad68b4c78c08cdff8b5aafc7
4881208001fa581dfa9a5d0848dd9d6c7566bb13
beab1a3429165930aad5e4e54f378f3274792bf7ceda9dd6548a5ec7eb4fcb76
GET /js/Homepage.Footer.scripts.js?v=UeUKNGCOaWexJG8WfOv2gfVBYcE HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 10:18:52 GMT
etag: "UeUKNGCOaWexJG8WfOv2gfVBYcE"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
static.lipscore.com/assets/no/lipscore-v1.js
54.230.111.43200 OK 69 kB URL HTTP/1.1 static.lipscore.com/assets/no/lipscore-v1.js
IP 54.230.111.43:0
File type ASCII text, with very long lines (589)
Hash 31919f2ebd34913a34c679b6565a7307
8356a452cbf5f7fed09b0d473e6e141443570d1c
cb5296297d969a79b5cf24993a97e06032be7e306ec9ab5f21cd979777eb7001
GET /assets/no/lipscore-v1.js HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 69223
Connection: keep-alive
Date: Sun, 06 Nov 2022 09:10:39 GMT
Last-Modified: Fri, 04 Nov 2022 09:03:00 GMT
ETag: "31919f2ebd34913a34c679b6565a7307"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KLbO_8E2FFF8pVOiNYT1hjP856piEMR6Ds_QbvczmbpBOCdJTVjtJA==
Age: 37664
www.safa.no/Plugins/Widgets.Clerk/Content/custClerk.js
78.41.126.166200 OK 12 kB URL HTTP/2 www.safa.no/Plugins/Widgets.Clerk/Content/custClerk.js
IP 78.41.126.166:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (63852), with CRLF, LF line terminators
Hash c700b717a29bf2452f9ab570fb613c17
c5b9aef2338b1f3e72f192522fd3318aae964396
4a904ba4349d22b0c7e7f4225c9c90706dac50f47f415fd098be45e81ae8130d
GET /Plugins/Widgets.Clerk/Content/custClerk.js HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 08:45:34 GMT
accept-ranges: bytes
etag: "1d8b215b6e5cedc"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.lipscore.com/assets/lipscore-v1.css
54.230.111.43200 OK 12 kB URL HTTP/1.1 static.lipscore.com/assets/lipscore-v1.css
IP 54.230.111.43:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ad324c13384f3748c4d121fab666b608
de2833b8d80bd2ca7b1a077086e803fa9f947cc5
7597379ecb627246ef4309081cce9d17780443654ffe9270a33448189e4dfdfb
GET /assets/lipscore-v1.css HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 11566
Connection: keep-alive
Date: Sun, 06 Nov 2022 09:09:09 GMT
Last-Modified: Fri, 04 Nov 2022 09:03:11 GMT
ETag: "ad324c13384f3748c4d121fab666b608"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D3PQtxXUDJV6wXzoVjdwUEI4DnT5_fniw4PkYdvTg-fr5ju-cpFivQ==
Age: 37754
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a8e8ada6177bcc8015ee7d659a2b6bc2
83edfb5edc6aadee54e419588321ad90580032ec
21bf067dbffdaa86153aacd785fea7ce8485235f841d2d5bdc1dbfee4580080e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162750
Date: Sun, 06 Nov 2022 19:38:22 GMT
Etag: "6367dfe2-1d7"
Expires: Tue, 08 Nov 2022 16:50:52 GMT
Last-Modified: Sun, 06 Nov 2022 16:25:06 GMT
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SER2QLixk9_D7ft9WspLi3O3U09-UE9RNFivz2A1Qdnd5ZIcLSXtCA==
Age: 1546
static.lipscore.com/assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2
54.230.111.43200 OK 17 kB URL HTTP/1.1 static.lipscore.com/assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2
IP 54.230.111.43:0
File type Web Open Font Format (Version 2), TrueType, length 16692, version 1.0\012- data
Hash d65113b6da7ba4bd0a59dbda5a7e24d4
929ecf3ad6ab03123a7bad0609b4b8ba1623d4e8
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
GET /assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 16692
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:16:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:02:16 GMT
ETag: "d65113b6da7ba4bd0a59dbda5a7e24d4"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:02:14 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xPhmrOgbH5Kid0ONlgS2zaKF4DbdIZ0av3zvBpsEIawW0J1h_r2jPA==
Age: 192109
www.safa.no/js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM
78.41.126.166200 OK 18 kB URL HTTP/2 www.safa.no/js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM
IP 78.41.126.166:0
File type HTML document, ASCII text, with very long lines (3046)
Hash c8e717434fb254048bbca7f0344ede01
e46cfcfbbd4dcab05ccaddd34915fc56ddf6b4c3
f4e1abc58d8d540bedac64e2d323915fcad2aa1715f7e4ab027a860f4899223b
GET /js/digiCust.js?v=7ZRpFuQJP1oTXdVTILK9VSdNZaM HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 13:31:38 GMT
etag: "7ZRpFuQJP1oTXdVTILK9VSdNZaM"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
www.safa.no/favicon.ico
78.41.126.166200 OK 18 kB IP 78.41.126.166:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash ce73e7420b1416d5f999b02b21fa741d
b11f814926d4a1f1f0509c0a09aedd321d89687f
b1ab769d102b9d51135e4d3e78ab15e9eda7542f672e59a2b75580b2737b66f8
GET /favicon.ico HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 18094
content-type: image/x-icon
last-modified: Fri, 23 Sep 2022 06:09:40 GMT
accept-ranges: bytes
etag: "1d8cf1310c32cae"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f642067f3f53e7afdb0ba3b4566692b
ce7e9cc1a03b361ee1f816b478341659f59a819e
977d2102566e465e112bcdddbefd589a56f1866590721ba5fee049e94404790b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5171
Cache-Control: max-age=151596
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Etag: "6367a627-1d7"
Expires: Tue, 08 Nov 2022 13:44:58 GMT
Last-Modified: Sun, 06 Nov 2022 12:18:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
cdn.clerk.io/clerk.js
52.29.221.108200 OK 54 kB IP 52.29.221.108:0
File type Unicode text, UTF-8 text, with very long lines (65406)
Hash 8f817fd16f42ec32a7cb04afb9f465d7
4bb4f04fa1977708e8f62bb56ab4053b138bce44
68e7977025b07cb2518d3a04e9703ccdd0db23430dd65cebd0e0f7d3e703e907
GET /clerk.js HTTP/1.1
Host: cdn.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:22 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 27 Oct 2022 09:42:55 GMT
vary: Accept-Encoding
etag: W/"635a529f-15f85"
expires: Sun, 06 Nov 2022 20:38:22 GMT
cache-control: max-age=3600
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f642067f3f53e7afdb0ba3b4566692b
ce7e9cc1a03b361ee1f816b478341659f59a819e
977d2102566e465e112bcdddbefd589a56f1866590721ba5fee049e94404790b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5172
Cache-Control: max-age=151596
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Etag: "6367a627-1d7"
Expires: Tue, 08 Nov 2022 13:44:59 GMT
Last-Modified: Sun, 06 Nov 2022 12:18:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
s.kk-resources.com/leadtag.js
143.204.55.92200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 143.204.55.92:0
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: a16ce3d2-c771-4739-ace3-d2c771a739aa
X-Gravitee-Request-Id: a16ce3d2-c771-4739-ace3-d2c771a739aa
ETag: "01eb894c46b26432f1c6dc225e35b2f1bfc24a0c"
Request-Time: 3
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 12 Jul 2022 13:48:05 GMT
Content-Encoding: gzip
Date: Sun, 06 Nov 2022 19:34:08 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PZt0IXzA-HUaNWZV5MtRaxzoHq-cSNB1-iZTcmEYqhYqw6alpqCR9Q==
Age: 255
googleads.g.doubleclick.net/pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.130200 OK 953 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2123), with no line terminators
Hash 057ce3df8e2b1b3f17046db5a06a169b
4eab03219ec142f77c07ae10b38aaef0635cdb4b
6b97fbfd96945cbb7eb0190d40589c194b9c7f7205874547b5c57dcccd51ef87
GET /pagead/viewthroughconversion/718127358/?random=1667763500850&cv=11&fst=1667763500850&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&auid=1916006551.1667763501&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 953
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 19:53:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8726479dab7dac401fb7a77c0e979dc0
276158181f7e060c08a5b3340f11fda4cba7eec9
0b7d63c2a7db26ee5af0854bdd13021cc9c8d0f7d3e8c8c9a98c52e933a6668f
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: max-age=171706
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Etag: "6367ef41-1d7"
Expires: Tue, 08 Nov 2022 19:20:09 GMT
Last-Modified: Sun, 06 Nov 2022 17:30:41 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8726479dab7dac401fb7a77c0e979dc0
276158181f7e060c08a5b3340f11fda4cba7eec9
0b7d63c2a7db26ee5af0854bdd13021cc9c8d0f7d3e8c8c9a98c52e933a6668f
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4788
Cache-Control: max-age=169926
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Etag: "6367ef41-1d7"
Expires: Tue, 08 Nov 2022 18:50:29 GMT
Last-Modified: Sun, 06 Nov 2022 17:30:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 0 B IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 3327db86-c805-4a31-a7db-86c805ca310a
X-Gravitee-Request-Id: 3327db86-c805-4a31-a7db-86c805ca310a
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://www.safa.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Sun, 06 Nov 2022 19:38:23 GMT
content-length: 0
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 43 B IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
ETag: a2Vsa29vSWQ9YTRjNjI5My0xODQ0ZTczN2EyMy0xYmFmZjc=
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: fc43d884-b982-4883-83d8-84b982488372
X-Gravitee-Request-Id: fc43d884-b982-4883-83d8-84b982488372
ETag: a2Vsa29vSWQ9YTRjNjI5My0xODQ0ZTczN2EyMy0xYmFmZjc=
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 0
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://www.safa.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Sun, 06 Nov 2022 19:38:23 GMT
Content-Type: image/gif
content-length: 43
api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3
52.28.115.137200 OK 106 B URL HTTP/2 api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3
IP 52.28.115.137:0
Hash 721d6cb7395843baa537497914455e45
8092888d3d3de8113642d719da8adae6370b5173
9034b8f3763dd33ab7cf43b38d3bf0bef8e60c30445768d2b08395c9db2c7931
GET /v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-visitor-complementary%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_3 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash bf55a5e3b388533c18f4eed310ed28b9
3d9564cad00a8349f63a5c72118b0776524d0eb7
97c32c42968f5f4acf571408533a411b992720182a1477dc95fd792eedbcc624
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2
52.28.115.137200 OK 86 kB URL HTTP/2 api.clerk.io/v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2
IP 52.28.115.137:0
File type ASCII text, with very long lines (64424)
Hash 65f66b689ee052d07b031124a9c59fe5
caa17b40836d1939e29a4c9a3e840f2975370a7e
9a54f704f90b7fb67d79c854b72b5a439bed15f03ceac936a91cd68dec0a79b0
GET /v2/log/debug?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22source%22%3A%22Clerk.js%22%2C%22series%22%3A83415871%2C%22message%22%3A%22%5BContent%20home-page-popular%5D%20Unsupported%20template%20language!%22%2C%22type%22%3A%22error%22%2C%22metadata%22%3A%7B%22metadata_dropped%22%3A%22Mata-data%20was%20to%20large%20and%20was%20thus%20dropped.%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22init_origin%22%3A%22https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22init_user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%7D%7D&callback=__clerk_cb_2 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1>m=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1>m=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1>m=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/718127358/?random=1667763500863&cv=11&fst=1667763500863&bg=ffffff&guid=ON&async=1>m=2wgb20&u_w=1280&u_h=1024&label=1P7bCKCp1N0BEP6Bt9YC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&value=0&bttype=purchase&auid=1916006551.1667763501&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/718127358/?random=1667763500850&cv=11&fst=1667761200000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fno-go.kelkoogroup.net%2F&tiba=Safa.%20Safa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=147106040&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 19:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wapi.lipscore.com/initial_data/settings/show?api_key=b4b4a5c50cf8ab660690232d&invitation_template_id=&lang=
151.101.86.217200 OK 9.0 kB URL HTTP/2 wapi.lipscore.com/initial_data/settings/show?api_key=b4b4a5c50cf8ab660690232d&invitation_template_id=&lang=
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with very long lines (8974), with no line terminators
Hash de0faba687a9b60f7c01bd1a7527f816
b7aeed061944b7d8f1529c529e9ea01f91fe9729
7f52bf119cbc13ed5d2f4f92055c07d06b08353b09e64fe59ca1fe321513c09c
GET /initial_data/settings/show?api_key=b4b4a5c50cf8ab660690232d&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 8a033d6c-f2b4-43ea-af97-236f727b14af
x-runtime: 0.033499
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 19:38:23 GMT
age: 475587
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1667763503.412939,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.safa.no
content-length: 8974
X-Firefox-Spdy: h2
wapi.lipscore.com/hit?api_key=b4b4a5c50cf8ab660690232d
151.101.86.217200 OK 0 B URL HTTP/2 wapi.lipscore.com/hit?api_key=b4b4a5c50cf8ab660690232d
IP 151.101.86.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?api_key=b4b4a5c50cf8ab660690232d HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Sun, 06 Nov 2022 19:38:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1667763503.417009,VS0,VE0
access-control-allow-origin: https://www.safa.no
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787
64.233.165.154302 Found 366 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787
IP 64.233.165.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2937bc2f9de501ccb29ad97e17c7d085
972c131c8172b41f4bccc971bf5bf8d8e9b6b960
a74a8205d13dead3fc2ff987b2a0c829769d46efc9b22da6d7aff9db948738f6
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-57938373-1&cid=17337051.1667763501&jid=449846168&_v=5.7.2&z=1181609787
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=447038315672833&ev=PageView&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1667763501342&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667763501340.1134489202&it=1667763500984&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=447038315672833&ev=PageView&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1667763501342&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667763501340.1134489202&it=1667763500984&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=447038315672833&ev=PageView&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&rl=https%3A%2F%2Fno-go.kelkoogroup.net%2F&if=false&ts=1667763501342&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667763501340.1134489202&it=1667763500984&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-1XYPHFZS1G>m=2oeb20&_p=1604192142&cid=17337051.1667763501&ul=en-us&sr=1280x1024&_s=1&sid=1667763500&sct=1&seg=0&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Safa.%20Safa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-1XYPHFZS1G>m=2oeb20&_p=1604192142&cid=17337051.1667763501&ul=en-us&sr=1280x1024&_s=1&sid=1667763500&sct=1&seg=0&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Safa.%20Safa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-1XYPHFZS1G>m=2oeb20&_p=1604192142&cid=17337051.1667763501&ul=en-us&sr=1280x1024&_s=1&sid=1667763500&sct=1&seg=0&dl=https%3A%2F%2Fwww.safa.no%2F%3Fkk%3Da4c6293-1844e737a23-1baff7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Safa.%20Safa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.safa.no
date: Sun, 06 Nov 2022 19:38:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=b4b4a5c50cf8ab660690232d&internal_id=service_review&widgets=srw_t&translate_to_lang=no
151.101.86.217200 OK 1.9 kB URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=b4b4a5c50cf8ab660690232d&internal_id=service_review&widgets=srw_t&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1879), with no line terminators
Hash 3326050f99c718bb2d16c76bff8a0f17
ec9eb83416fa3e149fb5cfe7a10598588522c3d6
d0cfdad13805464808ba6d0c53efe5ed7d1b962578097148c9aa449c04855a6b
GET /initial_data/products/show?api_key=b4b4a5c50cf8ab660690232d&internal_id=service_review&widgets=srw_t&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Origin: https://www.safa.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 6bda9b1c-e8fe-4f6a-b98d-e5822e97679a
x-runtime: 0.799813
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 19:38:23 GMT
age: 142653
x-served-by: cache-bma1670-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667763504.520637,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.safa.no
content-length: 1901
X-Firefox-Spdy: h2
www.safa.no/images/thumbs/0002286_0005212_Joggesett_h%C3%B8st2022.jpeg
78.41.126.166200 OK 775 kB URL HTTP/2 www.safa.no/images/thumbs/0002286_0005212_Joggesett_h%C3%B8st2022.jpeg
IP 78.41.126.166:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2022:08:29 13:24:59], progressive, precision 8, 1920x540, components 3\012- data
Size 775 kB (775221 bytes)
Hash b0e4d86f637368006fa4dd81d9fae006
a82c1306d01b255758062d287040057184fd9de7
a2d55ced85b8397ae9e0cf7d4a12f5ac08635bec275b69734311539cdd7ebe9e
GET /images/thumbs/0002286_0005212_Joggesett_h%C3%B8st2022.jpeg HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7; .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; kk_au=1.1.1076399580.1667763501; _fbp=fb.1.1667763501340.1134489202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 775221
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 12:47:49 GMT
accept-ranges: bytes
etag: "1d8d26f59555cb5"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2
static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff
54.230.111.43200 OK 1.2 kB URL HTTP/1.1 static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff
IP 54.230.111.43:0
File type Web Open Font Format, CFF, length 1192, version 1.0\012- data
Hash c6d2fba8756c3e43a3dbd5c708550121
691694201280898a21a535ff904712c0c8da4545
3db7852ef1e0fa9f2bbf21800b7a600ceece16e69f5781b0c205984c1ac460ee
GET /assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 1192
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:23:54 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:03:59 GMT
ETag: "c6d2fba8756c3e43a3dbd5c708550121"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:03:58 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ChbESOJfdiHa1TafraN19xQA7eCWn7GI1X-1OJlXgIO3IeJJ5JLrTg==
Age: 191670
static.lipscore.com/assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2
54.230.111.43200 OK 16 kB URL HTTP/1.1 static.lipscore.com/assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2
IP 54.230.111.43:0
File type Web Open Font Format (Version 2), TrueType, length 16408, version 1.0\012- data
Hash 875ba54801f7cf83ea70abf613fab665
a747343db86c1ba5d10d6cb1814fd6ac6db42b65
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
GET /assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 16408
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:16:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:02:33 GMT
ETag: "875ba54801f7cf83ea70abf613fab665"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:02:32 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -DnnEb2eLOrbAjjcqtf7T1AxbOSCa-5D4efbHMHIkG0DQfFbY-Aipw==
Age: 192110
static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2
54.230.111.43200 OK 18 kB URL HTTP/1.1 static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2
IP 54.230.111.43:0
File type Web Open Font Format (Version 2), TrueType, length 17768, version 1.0\012- data
Hash b42f06e6ecc6ae551b010ba0ff4fa6a3
363c4ff155d5e82e88d9dfe31e129dcf62b4dced
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
GET /assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safa.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 17768
Connection: keep-alive
Date: Fri, 04 Nov 2022 14:16:39 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Fri, 04 Nov 2022 09:04:39 GMT
ETag: "b42f06e6ecc6ae551b010ba0ff4fa6a3"
Cache-Control: public, max-age=31557600
Expires: Sat, 04 Nov 2023 15:04:38 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y7r2NuM9XncbuDr4Hf3XEwl_x92LAfwLGevWTmg_fauRqcEaV3FOuw==
Age: 192105
www.safa.no/images/thumbs/0001183.jpeg
78.41.126.166200 OK 643 kB URL HTTP/2 www.safa.no/images/thumbs/0001183.jpeg
IP 78.41.126.166:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1920x540, components 3\012- data
Size 643 kB (642667 bytes)
Hash d49b34b879d8eb36cf3f2ba8c651d596
6d74b8ba1248e71b24d24cf299f283ff1b99fbaf
a467c6e98fb7940eb374bcf3e599ce3696e866fc828d84f1e627d7028c27fae0
GET /images/thumbs/0001183.jpeg HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7; .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; kk_au=1.1.1076399580.1667763501; _fbp=fb.1.1667763501340.1134489202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 642667
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 11:59:19 GMT
accept-ranges: bytes
etag: "1d8d26892d60beb"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2
www.safa.no/images/thumbs/0002001.jpeg
78.41.126.166200 OK 637 kB URL HTTP/2 www.safa.no/images/thumbs/0002001.jpeg
IP 78.41.126.166:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CC 2018 (Windows)2021:10:05 14:10:18\003, datetime=2021:10:05 14:10:18\003], baseline, precision 8, 1920x540, components 3\012- data
Size 637 kB (636853 bytes)
Hash 6754247715e6af3da599f3b7376a5dd0
5181c3363ef3336d92c6113626663cae9f604fca
0db629ba7f108e0338234b6e7f3179a9829142dd1f2ff70429edda91611809b6
GET /images/thumbs/0002001.jpeg HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7; .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; kk_au=1.1.1076399580.1667763501; _fbp=fb.1.1667763501340.1134489202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-length: 636853
content-type: image/jpeg
last-modified: Tue, 27 Sep 2022 11:59:19 GMT
accept-ranges: bytes
etag: "1d8d26892d67235"
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2
www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
78.41.126.166200 OK 0 B URL HTTP/2 www.safa.no/?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP 78.41.126.166:0
GET /?kk=a4c6293-1844e737a23-1baff7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: nb-NO
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-miniprofiler-ids: ["34c069ca-5886-4659-a24e-0e4ee3804bd0"]
set-cookie: .Nop.Customer=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; expires=Mon, 06 Nov 2023 19:38:22 GMT; path=/; secure; httponly
.Nop.Culture=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; expires=Mon, 06 Nov 2023 19:38:22 GMT; path=/
.Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; path=/; secure; samesite=strict; httponly
.Nop.TempData=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; samesite=lax; httponly
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
www.safa.no/css/Homepage.Head.styles.css?v=HqzdkuxbfK4Kq6VcpcT_LCY6y5Y
78.41.126.166200 OK 0 B URL HTTP/2 www.safa.no/css/Homepage.Head.styles.css?v=HqzdkuxbfK4Kq6VcpcT_LCY6y5Y
IP 78.41.126.166:0
GET /css/Homepage.Head.styles.css?v=HqzdkuxbfK4Kq6VcpcT_LCY6y5Y HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/css; charset=UTF-8
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 06:23:18 GMT
etag: "HqzdkuxbfK4Kq6VcpcT_LCY6y5Y"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
www.safa.no/getquickviewbutton?_=1667763500392
78.41.126.166200 OK 0 B URL HTTP/2 www.safa.no/getquickviewbutton?_=1667763500392
IP 78.41.126.166:0
GET /getquickviewbutton?_=1667763500392 HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA; _ga_1XYPHFZS1G=GS1.1.1667763500.1.0.1667763500.0.0.0; _ga=GA1.1.17337051.1667763501; _gcl_au=1.1.1916006551.1667763501; __utma=155056826.17337051.1667763501.1667763501.1667763501.1; __utmb=155056826.1.10.1667763501; __utmc=155056826; __utmz=155056826.1667763501.1.1.utmcsr=kelkoono|utmccn=kelkooclick|utmcmd=cpc; __utmt=1; kk_leadtag=true; kelkooId=a4c6293-1844e737a23-1baff7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: nb-NO
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-miniprofiler-ids: ["cf5e85d3-157c-422a-a661-435b861ad3af"]
set-cookie: .Nop.Customer=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; expires=Mon, 06 Nov 2023 19:38:23 GMT; path=/; secure; httponly
.Nop.Culture=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
.Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; expires=Mon, 06 Nov 2023 19:38:23 GMT; path=/
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:23 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
IP 142.250.74.10:0
GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 19:38:22 GMT
date: Sun, 06 Nov 2022 19:38:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.safa.no/css/digiCust.css?v=qJXQpOnKMXO0fOETDN8ga041-9Y
78.41.126.166200 OK 0 B URL HTTP/2 www.safa.no/css/digiCust.css?v=qJXQpOnKMXO0fOETDN8ga041-9Y
IP 78.41.126.166:0
GET /css/digiCust.css?v=qJXQpOnKMXO0fOETDN8ga041-9Y HTTP/1.1
Host: www.safa.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Cookie: .Nop.Customer=e996b0b1-864a-4033-9993-fec31e181dad; .Nop.Culture=c%3Dnb-NO%7Cuic%3Dnb-NO; .Nop.Antiforgery=CfDJ8E23vknOEEhOvpoqyAURj8zjIUSwz6XDiXhtglOesLyk3RDg_YVDfu_Lqj2-8IR7cdzKlQ7IYcz5PE99nvWVBBZQ6LXYFbcgs8FbIDyluTnq4dRglmn7uiq8AWGDFbVG8Nw-UbWzrs3JR4r_Pb-G6AA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000,immutable
content-type: text/css; charset=UTF-8
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 07:22:36 GMT
etag: "qJXQpOnKMXO0fOETDN8ga041-9Y"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
referrer-policy: strict-origin
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
date: Sun, 06 Nov 2022 19:38:21 GMT
X-Firefox-Spdy: h2
api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0
52.28.115.137200 OK 0 B URL HTTP/2 api.clerk.io/v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0
IP 52.28.115.137:0
GET /v2/?payload=%7B%22after-render%22%3A%22doClerkStuff%22%2C%22clerk-content-id%22%3A2%2C%22template%22%3A%22home-page-popular%22%2C%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763501%7D&callback=__clerk_cb_0 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4
52.28.115.137200 OK 0 B URL HTTP/2 api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4
IP 52.28.115.137:0
GET /v2/log/pageview?payload=%7B%22key%22%3A%229wJzeKdzVBqpkvlflbZ4J9bH8dWNY7j0%22%2C%22visitor%22%3A%22auto%22%2C%22_%22%3A1667763502%7D&callback=__clerk_cb_4 HTTP/1.1
Host: api.clerk.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safa.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 19:38:23 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2