Report - uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn

Report Overview

Submitted URL
uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn
IP
173.239.8.164
ASN
#27257 WEBAIR-INTERNET
Submitted
2022-11-27 02:11:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	1.0 kB	104.18.32.68
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	7.0 kB	142.250.74.35
static.lipscore.com	483894	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	760 B	82 kB	54.230.111.8
consent.cookiebot.com	4972	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	817 B	92 kB	104.84.152.64
arkanbefaler.sannsyn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	7.4 kB	31.169.51.140
q3.quotes.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	829 B	178.162.151.164
api.yadore.com	591567	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	571 B	88.99.112.2
dd.kelkoogroup.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	550 B	44 kB	54.230.111.104
api-js.datadome.co	8155	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	506 B	13.51.39.45
track.adtraction.com	515547	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	649 B	538 B	13.49.53.120
gyldendal.germany-2.evergage.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	9.3 kB	3.127.112.93
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	717 B	142.250.74.168
firedmeupppzs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	535 B	588 B	173.239.5.6
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
no-go.kelkoogroup.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	36 kB	95.211.116.27
consentcdn.cookiebot.com	5676	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	873 B	104.110.3.72
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
wapi.lipscore.com	318267	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	21 kB	151.101.86.217
x.klarnacdn.net	8025	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	684 B	54.230.111.46
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	746 B	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.4 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
clever-redirect.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	524 B	871 B	78.46.197.88
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.142.194
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.0 kB	143.204.42.88
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	595 B	705 B	142.251.1.156
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	935 B	26 kB	23.36.76.186
d2df291ti5v5sq.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	680 B	54.230.111.49
cdn.evgnet.com	5695	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	51 kB	151.101.128.114
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	896 B	557 B	216.239.32.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
uk.userwww.pcukhgdn8yr.firedmeupppzs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.1 kB	74.206.228.78
www.ark.no	359147	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	527 kB	88.151.167.196
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	357 B	23.36.76.186
d81mfvml8p5ml.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	559 B	143.204.42.86
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	509 B	694 B	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
btpnav.com	207578	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	6.6 kB	192.99.158.241
lookandfind.me	35702	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.7 kB	5.9.110.29
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	21 kB	142.250.74.174
arkcms.s3-eu-west-1.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	1.0 kB	52.218.88.224
dj4fsg3e1je59.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	800 B	149 kB	143.204.42.104
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	510 B	694 B	142.250.74.164
dipaka-ead.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.8 kB	3.212.50.125
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
status.geotrust.com	3662	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	797 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-27	medium	uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (73)

	URL	Size	First Seen	Last Seen
	dd.kelkoogroup.net/tags.js	212 kB	2023-03-08	2023-03-11
Pretty URL dd.kelkoogroup.net/tags.js IP 54.230.111.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:33 Last Seen2023-03-11 23:51:30 Times Seen1 Hash 719419697fd8d1899b4340c1e8f8f4bd 9428b8faac276bc62d77ffe0f3200b2fb08b5f70 4e543add6a6498df41e7e9af3a6bf12ef160cb9d3b47bee9ec7088a747f2bffa Loading...

	www.ark.no/wro/addons_responsive.js?_=1669213137557	203 kB	2023-03-11	2023-03-26
Pretty URL www.ark.no/wro/addons_responsive.js?_=1669213137557 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-26 04:07:41 Times Seen2 Hash f0a8769d6ead8b050f349780dc1436f5 a38ffc581f14c7c21274979251d7750c976f8bc3 caa5df3c7af4158262060974014ba7c3b2c8b18d4ca1a4b7bb6bec18443fa0f4 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P3ZPLL	281 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P3ZPLL IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 94dc59924491d472de436604d8e72ae2 f16cbba0088cee89a93876579adfeffb7ec0d360 8dc1e8395d2bdf216e5c5c6c1931bc9d2d89e588b3d9195d7c7cdcf75d8c119e Loading...

	consent.cookiebot.com/8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false	252 kB	2023-03-11	2023-03-11
Pretty URL consent.cookiebot.com/8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false IP 104.84.152.64 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:14:50 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 86af611aa0a59034c5e56f3ebc0555c9 4794d7f45f7ef542da2a550aa6500c0ad286cf00 e933ca78f740b5bc95b9cc321b773fa504bdb83be167061c93b6c9223f52a497 Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false	19 kB	2023-03-11	2023-03-11
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash e87f99c698c2002749e4fed34b6028c9 2a8ca75a6e4f1148f3fe87623290e5ce729c4e8e e4cea77444c8d677204eafa8de834a60a73960eb69ac2a243d35843e9dfe573a Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false	1.6 kB	2023-03-11	2023-03-11
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 3f2ab59b7696a095a094ef65c38b1646 e67cdad58c81a859db5baa4ca10191d0b68e764c 1c435f9938825208a16b268c6b7dc650087682267ac7f20a9d7910d7dd5a500e Loading...

	www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04	427 B	2023-03-08	2023-03-26
Pretty URL www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:41 Times Seen2 Hash fedb2023f92a7028c40539a8dd5492d4 7cf28cde9174bcc36acd448b089cb2fa03148662 46da8a2f561d3ba6fa9143f6929b5899cee01aa30963f2ec3b9837b667ac3688 Loading...

	d2df291ti5v5sq.cloudfront.net/rc/35408/scripts/s.js	17 B	2023-03-07	2024-04-26
Pretty URL d2df291ti5v5sq.cloudfront.net/rc/35408/scripts/s.js IP 54.230.111.49 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:09 Last Seen2024-04-26 04:37:54 Times Seen1053 Hash a33a21825ee0bbfbd37c7f17465ee58b 0a1cea8a83e1df552650c210cc03ec629839dc1a 0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4	162 B	2023-03-11	2023-03-11
Pretty URL clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4 IP 78.46.197.88 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 3c0ffdc06521d9276f3834c3a6619ffb 9a5679211e06f54227318bf5dc6114c2e925e5b7 beedbeccb9322b1e254b9e15e978b14781d314910564c85cc983f38fdb743137 Loading...

	www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04	26 B	2023-03-08	2023-03-26
Pretty URL www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:40 Times Seen2 Hash 628d79717a1c7993b91785ac030b1378 99b5a6a9d37d2bfc543a113d0f17d2667f16e1e9 9d252814a0b9be524ba0a49833141e958211fe9cd2a03db73a42cd251a573678 Loading...

	www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04	5.8 kB	2023-03-11	2023-03-11
Pretty URL www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 1c95ecacc5d4811755ef5a1c5015c2e8 9b2561f38dcf90ea77f3b292027db4e3a2cccec3 30efd9dc808097307606603043f077dda75558656d6f224885f09bf8e54123ec Loading...

	www.ark.no/_ui/responsive/common/js/before-dom-ready.js?_=1669213137557	4.2 kB	2023-03-08	2023-03-26
Pretty URL www.ark.no/_ui/responsive/common/js/before-dom-ready.js?_=1669213137557 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:40 Times Seen2 Hash deafd4754ac1e9d61f84d8363565e0aa d4b6a7fd9398ddd7e4984254597bad358522200e 6ad65cdd1dd70be5b3e8c586093ddc48649a629ed087665f3344fd83710958e9 Loading...

	www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04	259 B	2023-03-08	2023-03-26
Pretty URL www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:41 Times Seen2 Hash 3876aa3aeb016f9481d546acf8f1b3e9 eaee7d8a7a5c6b9a0b61f22fe93d1262dab80094 eda0d6bc5539c8729bcca73ff47526748e6aade1023d032de11448d4710093e9 Loading...

	www.ark.no/_ui/shared/js/generatedVariables.js	272 B	2023-03-08	2024-04-25
Pretty URL www.ark.no/_ui/shared/js/generatedVariables.js IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2024-04-25 15:59:45 Times Seen246 Hash 2509fe5a4bc5022a5f08b29a8dc7bf56 ae1575c0593c35fa10ef1f38d7fc3ca87bc87326 ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840 Loading...

	www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04	255 B	2023-03-08	2023-03-26
Pretty URL www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:41 Times Seen2 Hash a47fd2ef17026b0b6bd6245c655dddf9 8094909b02e3309c93ce662b38f68fb119b94924 143fe92062cd31538fc5eea170511fafaaa32acafb43bb8f5efc19d40ae0708e Loading...

	dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51	850 B	2023-03-11	2023-03-11
Pretty URL dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 IP 3.212.50.125 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash ad5b13052293231f6669853380493173 e10530749cf984bbf70b9ef5fb528dacaed1bca4 e4991fc8ef1daafb00963538d17794ae1c7aebe2e041fd1462a9cc35c0fee94e Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false	10 kB	2023-03-11	2023-03-11
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 68bc22ec5c94d3894de2262909a9db01 a59a6ff65c05aef27d31c678309445291a729ff2 236ebc0e0d941e64ed3f69813cbee58c30b6d60db2c799677cc79a328ff7cce3 Loading...

	dipaka-ead.com/zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	110 B	2023-03-11	2023-03-11
Pretty URL dipaka-ead.com/zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 3.212.50.125 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 05eda0563bc8cd8214155e2ed851c34a b7853b33b063dd164242edfd39e5dd282ceda7b4 8fd56dd55e803860bcb63723ed6d74671ac0345895eca9b1a25679591a929185 Loading...

	www.googletagmanager.com/gtag/js?id=G-7BNLJ6Y01L&l=dataLayer&cx=c	219 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-7BNLJ6Y01L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash e3c6e5d1b01a762ba3dd8a0f0e135383 d1a90e4667615ca70ab72838ec4b4cfdee50e506 8cd148e63d92b53cbed8d3d8dc98693419399834dd0063b34d306c783a0ff2f5 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 06:51:44 Times Seen37085669 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04	863 B	2023-03-11	2023-03-11
Pretty URL www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 09cd0930801c90bf3e53194afdcb4573 3cff662d0fdf9ba6aad842000e8d36984c591d4b d7c0a0e38d779f40df8ab4ae9ea1eb9146a1b6e93e06e12b887f40db38cfeaa7 Loading...

	www.ark.no/_ui/shared/js/analyticsmediator.js	1.1 kB	2023-03-08	2024-01-28
Pretty URL www.ark.no/_ui/shared/js/analyticsmediator.js IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2024-01-28 06:39:54 Times Seen100 Hash b3f908072dbdbf476b2af8060b81d9d0 3a60c4a379630db6563a1849e528c0bc4243024d 1cb115dbcf49a41ef61bd72de589293b7a3e2366a33cf1d578e4992158f26b07 Loading...

	x.klarnacdn.net/kp/lib/v1/api.js	266 kB	2023-03-11	2023-03-11
Pretty URL x.klarnacdn.net/kp/lib/v1/api.js IP 54.230.111.46 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:14:50 Last Seen2023-03-11 22:44:46 Times Seen1 Hash 11c28d9a39da58009bb1e1baab3047f1 a980289ee9a63887de26e30c7feb99f8237a85f8 95e12263d3622bb763f5f6d018c068542e13c95866df66ea8da8603e6e4ff2db Loading...

	www.google-analytics.com/plugins/ua/ec.js	2.8 kB	2023-03-07	2024-04-24
Pretty URL www.google-analytics.com/plugins/ua/ec.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 19:10:50 Times Seen1644 Hash 7b430c6350a59a7cf22b9adeccba327b b48d3c289bcb6809bb52fffd8f013055ed6bcd65 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Loading...

	firedmeupppzs.com/	74 B	2023-03-11	2023-03-11
Pretty URL firedmeupppzs.com/ IP 173.239.5.6 ASN #27257 WEBAIR-INTERNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 59a46a6b47d86ef28f5aa231d9b6775f 2146abd58e16b90c8e816b278061e548aa1aeb1b 37f1b0a7a66c5cb0d83c859fa4224356444fa1cff0246b3c7df09ced56eaac8c Loading...

	btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d	4.1 kB	2023-03-07	2023-04-05
Pretty URL btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d IP 192.99.158.241 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-04-05 01:56:36 Times Seen24 Hash a95ebc524317681eea9a586db022de39 4971459c3a5c26de04f1ca1edaa9c7ba225ee161 0bdbdaa3f492019a740ce5685efd434006c22801330be205bd590974e73c1b82 Loading...

	www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04	386 B	2023-03-08	2023-03-26
Pretty URL www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:40 Times Seen2 Hash 7b38c9267f2079adfe039a8ca2ca5e61 d914917dfc3146888dff28906c0a8e784a324c07 9c1ba8d34f6c559df074ed6c0b5ab8afa5b7078048df7d65916c5341ec701aea Loading...

	consentcdn.cookiebot.com/sdk/bc-v4.min.html	569 B	2023-03-07	2023-07-06
Pretty URL consentcdn.cookiebot.com/sdk/bc-v4.min.html IP 104.110.3.72 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2023-07-06 06:53:25 Times Seen429 Hash c3ec01c3d295c22ea26afa0db60f3cd2 1b4b3461aa8d9b25a1c5f9e7472fabb0fe410053 2eca2b34bebf4e267d33b18974f96e62281bb48795c85db0c5c4c9ef1f9d4ef4 Loading...

	www.ark.no/user-data/javascript-variables.js	679 B	2023-03-08	2023-03-26
Pretty URL www.ark.no/user-data/javascript-variables.js IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:40 Times Seen2 Hash 620dfe83ec2c047894b01ad5b875d645 0babf60bb7fbf0e2d7f19d96727d1e73d799fc95 f31749f6a4d1bcdfa6af2f9e32c5b5d504229adfc0d291304b6168d8c51b1670 Loading...

	www.ark.no/static/header-search.min.js	402 kB	2023-03-08	2023-03-26
Pretty URL www.ark.no/static/header-search.min.js IP 88.151.167.196 ASN #41729 Atea AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:40 Times Seen2 Hash ac2a171980eeaa6565c45e48e7d3433b 0967caa21a0ced8809b5bd275d251399881c2b4c 48d82b5b5a2fc32ee73cde22ccb5e803164cd82511d1607dd743fda617491bc2 Loading...

	static.lipscore.com/assets/no/lipscore-v1.js	252 kB	2023-03-08	2023-03-11
Pretty URL static.lipscore.com/assets/no/lipscore-v1.js IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-11 23:15:20 Times Seen1 Hash 11fd0cb8b8246e9cd452853fb18cfdb9 f3523554ffb5c57b5b4c8a3951a81a9aeefb5188 9b08279a0e750de42413cbbf890ed47124c3c4f7766ff6b4843bc570990d6001 Loading...

	consent.cookiebot.com/uc.js	103 kB	2023-03-08	2023-03-17
Pretty URL consent.cookiebot.com/uc.js IP 104.84.152.64 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:58 Last Seen2023-03-17 23:08:52 Times Seen1 Hash 46a765d70e4c842730680a719d0b3a01 e1240fadffba87daf9dbd9c560d655a3326d6cbf 8a540cc5945aea6d81f7705af39fc8868fe7e72bcbf2f0396ace451451109e22 Loading...

	uk.userwww.pcukhgdn8yr.firedmeupppzs.com/	38 B	2023-03-07	2023-04-05
Pretty URL uk.userwww.pcukhgdn8yr.firedmeupppzs.com/ IP 74.206.228.78 ASN #27257 WEBAIR-INTERNET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2023-04-05 02:10:28 Times Seen192 Hash adfecb321da32aaab4729acc792049c0 4728210ff23ed5507331d29110d3453d1741fece aa782af17e4ea74b54c0db9754e2d68d2ba7e8cbaafd0ed9481b5878f32f87b3 Loading...

	lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397	686 B	2023-03-11	2023-03-11
Pretty URL lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397 IP 5.9.110.29 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:05:10 Last Seen2023-03-11 21:05:10 Times Seen1 Hash 26ef9b622c60ee183b34938fed5c4a0a af4b79708fe0c2688a6df2482488637f18b93efa 9294f969e03471e99e6f66f4b5d561dd1c956c73deba3342ed73cfef3d7c63c9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 95cbe87bfa534b7ef3381fbd2b5a0007	115 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 95cbe87bfa534b7ef3381fbd2b5a0007 93d983ede48669e53329873565669a7ef5e054e2 99a997d159d337c44af7805bc7eca3ffa61c48c4ae65ada123beb0d11d067ad9 Loading...

	#2 Eval - 92c494b6d7df96922edb0ecd61478f75	103 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 92c494b6d7df96922edb0ecd61478f75 f709def718393a69db81b06dde0fe5394445d593 e9412fe4cc0616a76d7d479ed35196856388a352b3825d2657a7c119910fbb36 Loading...

	#3 Eval - 16662888cd0f0f6f14ddd57b06b8bfff	118 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen3 Hash 16662888cd0f0f6f14ddd57b06b8bfff c638a1e3837e03701fb54a3a6205d1db995400d2 38897c85dd500ae03b2e252ccd4063f328ef97dce07ed9ab4a15399a5fb1635c Loading...

	#4 Eval - ccf240d8b90ae4c9a0c750cb243e7b4e	102 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash ccf240d8b90ae4c9a0c750cb243e7b4e 2d4dcafc821fdaf06728309557caddc1f0310eb7 ba2b023639cae3f661ba4c15866b6180f8b04f4508b3191afeed4a488b9a4b32 Loading...

	#5 Eval - ac80d5bc11d133b5f590b2d90d245052	179 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-12 10:28:00 Times Seen1 Hash ac80d5bc11d133b5f590b2d90d245052 b5afc22c309cfb292e7959108d63587c0d38e69f aa621fd6b11acad52dd0267f2b6255a607a50455d9f6b9563a6c40147ba431c1 Loading...

	#6 Eval - 6ea00133dce92d8e3c774d12c4691b17	118 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 6ea00133dce92d8e3c774d12c4691b17 1becb0e097ca9d659604bdc2ad6a70e6c8fdc546 ac06c8a6c7197ccf2af93670eb5274eb0cb48f8ff185669d81f0ffda2d7b8dc2 Loading...

	#7 Eval - a39721208f7ee4da116f27d78e89f41a	118 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash a39721208f7ee4da116f27d78e89f41a af7d9d5a764938ab9a628ffa6437da92eb4d87f8 c645a4590d504efb197324122f165087213b11af7a01b7c8cfc7d0164fc6fa67 Loading...

	#8 Eval - 293371aa33ddaf1fab73ed07ed9cdc21	118 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-12 10:28:00 Times Seen1 Hash 293371aa33ddaf1fab73ed07ed9cdc21 9062fd8e08131f0bbcd032a57eaa261ae8053939 4069306803d60acc8e4a29bce95b55dba6c1ef7665406f47ef1dadbbfded4940 Loading...

	#9 Eval - de5e9606a676fcc57b849db7f8083632	102 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:23 Times Seen1 Hash de5e9606a676fcc57b849db7f8083632 247c1cfb8d1bb892f4a8c70623c2824dcf44424c 9d7357ccee4065707148169d753e7b224d3fd488459ad7ead2132253324f4188 Loading...

	#10 Eval - 4c4788cbd89aff90fdbfa513fc33887e	179 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 4c4788cbd89aff90fdbfa513fc33887e 244aaa9290afd34db45f3dcecbc4d442ee36821a 164addc8f12f21dde8d6970406d5f21ae39be5d540c82ad6dabb4fefb09836a3 Loading...

	#11 Eval - e2be8fb937c0f9d07dbd434b6927366b	102 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash e2be8fb937c0f9d07dbd434b6927366b 298613f5bd81e20abfb70d59d2dd4afdae77e82a dd6580ca69971587c3ad87d4b9b9cea22272f00a3304dbf4c93dcd4b1f55edd8 Loading...

	#12 Eval - 00c2cc3654397261736bb4ec232751f6	1.4 kB	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:23 Times Seen1 Hash 00c2cc3654397261736bb4ec232751f6 0b3a5f56669daa6684c90961bd1a7b0a9f35b405 47c5a874d0c80deeae31c74259b5cce522b6b024f71f96d328d81b7fab4bf240 Loading...

	#13 Eval - 621decb38a12951ff3ebf108ec559516	116 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-12 10:28:00 Times Seen1 Hash 621decb38a12951ff3ebf108ec559516 d32a94c9b119b9968daaeb6bd69e3d350406be55 a8dd3775f897127348e06f0fd46fb2a3482e156a2e11eaa7366472832f75bcb7 Loading...

	#14 Eval - 97315967992f956a37fd2ab617608102	103 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:41 Times Seen2 Hash 97315967992f956a37fd2ab617608102 017909ad3c0c453481165a8bf47d1d40a6a7d0aa 7621a08a7d1fa4943acb34e35fac810469d73e0a41405e0afbbb4ed0ced28048 Loading...

	#15 Eval - 08b943cf77ec3ef8b45b42f3bce50823	117 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 08b943cf77ec3ef8b45b42f3bce50823 67e8c7f8e6aaadff58c10360eed5b177da991210 0908b34d7b43fb6de02d1c322675917e2cf767b0786c8eddaf9d95c2486df44f Loading...

	#16 Eval - b0042b802b80101b574591f85f3efa8f	116 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen3 Hash b0042b802b80101b574591f85f3efa8f cf940edb37f38cbea10a0d90715aad4d46eade42 5befed0a3332d8b954972d64699b307b12479cf19e69d0a6e39819cf0a0425fa Loading...

	#17 Eval - f2c01d3359cf08ea13b2d777943e1a69	103 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash f2c01d3359cf08ea13b2d777943e1a69 5a0e60db50074e922bf7c5879d1e742442062b13 c8192b10550361a7af0dbd56ead98d5e4b62acdd0debf9414bf6099adbf165cb Loading...

	#18 Eval - 851d3cf8108edca50d133c407176631e	115 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 851d3cf8108edca50d133c407176631e ecb9390732d9cacbac6c986d2fabd02ee9620f64 b1d7cf6532bff58e33409f704a622fc8d461c029405b6f9f89b845d827b64983 Loading...

	#19 Eval - 9c651058af0a4d7f6fbd6692216ffbb6	101 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 9c651058af0a4d7f6fbd6692216ffbb6 1cf1edecb4160ee8f7dc9bcb6338cb124d3403b6 7c04f71969d1af2b8db15dc54667f84f2b3efbf63325707a0003fa2f58b50f7b Loading...

	#20 Eval - 97d60610c3158a92d3a5a9fe890bc41e	102 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 97d60610c3158a92d3a5a9fe890bc41e 05e31f8e3ba35c12f3d88af273a8353555426b27 878143d03aa077958e9452d4edabba607e312da09668a0a49ad2b9f833e74e53 Loading...

	#21 Eval - 3c235a55bd6bcc9274ee29f8b9e54b2d	1.1 kB	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-12 10:28:00 Times Seen1 Hash 3c235a55bd6bcc9274ee29f8b9e54b2d 7226e2aa9a45835e2b8768037e6d008c6fa12f49 90db4122d97325326bcd1790c6f293ab21a811f3094bdb93091532f124a7fc80 Loading...

	#22 Eval - e960d2ac7f309a75be4f0e4a1a78e7bc	102 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-26 04:07:41 Times Seen2 Hash e960d2ac7f309a75be4f0e4a1a78e7bc d2f7d05dde982210cea9a697c51ad9fce55fb74e 5f4e54b155ab956f788b9113891f89b1512390108c8def34852498ec00cea12f Loading...

	#23 Eval - b34b76ca99836aeab1b2b8ebb167942f	103 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash b34b76ca99836aeab1b2b8ebb167942f a36fbba9094390858665194d88853687a0cec26a 64955a8fd153dc493be763c56c22e600b690dfb773f5036258f1fd48cb837b62 Loading...

	#24 Eval - 1b68227f66d53ea7ee98d54ed64ac07e	179 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 1b68227f66d53ea7ee98d54ed64ac07e 787d59dd76991deac7d5f7c0a20e566759ad3bff 61bb4267f0eca65dfacc4387ac5b24037207f7868ea24efd5b21fdeaa94f5f0a Loading...

	#25 Eval - 1a2b8f342595da9466b90c704047ec11	116 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 1a2b8f342595da9466b90c704047ec11 7b9862c018bda3d83f7dab023b8c929a4328eaa3 9c502b841ed92208bc695ac9cf16daf1245bd6b3832e69c8f37a071abe4a8041 Loading...

	#26 Eval - bd0863939a7d8d22adb8730554aad1b7	118 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash bd0863939a7d8d22adb8730554aad1b7 0d6a3dc57a01167bfcf7242d4b143e9e06bddbe5 6f10c9446e2e240dae00ec07449a8c4db71f90b87276caa2dfceac2406f6df6a Loading...

	#27 Eval - 83c1226c31003aa5d1b1147683fd22d4	116 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 83c1226c31003aa5d1b1147683fd22d4 6439db78ee65190e0ce0ad5786fb55c7d8a12d23 2626fea2e5bf9c1aa99ddd59fe106a2dfb13f2366fc8c44a3af774283249c8ed Loading...

	#28 Eval - 2e7582c183748b1bc1739a2380571bac	116 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:23 Times Seen1 Hash 2e7582c183748b1bc1739a2380571bac 3fa8796d828cb74f1476919f6e4de079d6e3cfab 701f5eb3e07d2a8f4ddd2ef12a89a39596da2c3a6d38566e07625915c1ca058d Loading...

	#29 Eval - 83131a0cd417f8c90a42d73da52b60af	117 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 83131a0cd417f8c90a42d73da52b60af 357f38a54dead48bf37ed353d096386e4943756c 0fae101ba27ce95b2ae17a9c806d8424b0294d6ca171b1f5e0a2088ccda0dafa Loading...

	#30 Eval - 19546d02f4ba0c5a264a3ac6fbaa0cba	102 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 19546d02f4ba0c5a264a3ac6fbaa0cba 674cd3354ab0a3602dfbb871e10aff8f0d39158e 7ab6ea3c60a4ad20d9dc82d800ef4e09d665c14ab73f43310f7b25c4aa642575 Loading...

	#31 Eval - ae9c99b918af855880278df2e218a2c6	274 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash ae9c99b918af855880278df2e218a2c6 cbdbe2e9a872987304f0ba2c2283b485231f5f24 369687b2ddfaa9e481c24b333421f6c8e719c322bcc3dae816a357b0b023c97f Loading...

	#32 Eval - a5e62de484d119a47c750f620cf592c0	101 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash a5e62de484d119a47c750f620cf592c0 d680b189163b6d5d113b94409f150c67ed792ae2 6d826bbe4866170eef302a56b6c72c266874baa8b9ed28e178e1edfa3220e5fa Loading...

	#33 Eval - 9d56b5033c1f93eee0d1554e9b5369ae	102 B	2023-03-08	2023-06-19
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-06-19 03:18:55 Times Seen2 Hash 9d56b5033c1f93eee0d1554e9b5369ae 1def7a685c3585c28a57adbd11c23c333f66d4e7 c7b593bb511750ffe26dc6d49a32fd7c24e0d8f99c3a85fd5246b8a73764e86e Loading...

	#34 Eval - 9db28dbaf6e536c2b3ee2d950c3fcadd	103 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 9db28dbaf6e536c2b3ee2d950c3fcadd 8cf7aade9d64861c91e1378590041819879f1aae 400bb15f487be8b2b4f4e441e9393bd692e2efb3ab064c51d4594fb96e7b1e14 Loading...

	#35 Eval - 480ffe27c40767de45175afd47853567	179 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-12 10:28:00 Times Seen1 Hash 480ffe27c40767de45175afd47853567 be56b068c4778bb49da39dd63687d61c2f78fe95 c3fd71b96e090af987dba590baaa9be10d2a4412d2c2dc8b4bf5d3b2d0d4c028 Loading...

	#36 Eval - 69ee2c71f780fea8f8806aceb665e74f	274 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-12 10:28:00 Times Seen1 Hash 69ee2c71f780fea8f8806aceb665e74f 4f3882389342cc7c3024e702da4520c009b4d609 21a036aeb80d23b93867d2d81878fbc9bc48d345f4f825f3ea1bf06dd88479fe Loading...

	#37 Eval - 54bb325e811a39ec2e98604a9ed5a0fe	405 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 54bb325e811a39ec2e98604a9ed5a0fe 3fc5e1b69aa612619da3a8fbda022b892f691cc8 3037646b0e8bf9185f3f52e1459ca4b55bd872014ee549a10688dc3d77cf2a34 Loading...

	#38 Eval - 90ba796b43925f89f59922080fea245f	173 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 14:39:30 Last Seen2023-03-13 07:03:22 Times Seen1 Hash 90ba796b43925f89f59922080fea245f cc62ef39b66b13cc6409b077b09d0a60e62764d2 25dde99d9a3b3b538cf06ffc178df8cc853a7fd0365cc076d8ebcc027641f267 Loading...

HTTP Transactions (124)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4833
Expires: Sun, 27 Nov 2022 03:32:05 GMT
Date: Sun, 27 Nov 2022 02:11:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3697
Cache-Control: max-age=120073
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:32 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:32:45 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11809
Expires: Sun, 27 Nov 2022 05:28:21 GMT
Date: Sun, 27 Nov 2022 02:11:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 01:19:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3133
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: EVICdxF63kFmunFF0xxvSmv5geUcJYKWX4NQ/nfmUQJ4NdaR3etpxScGFVj3PC9BKvZ7y9aBFaw=
x-amz-request-id: QDJZY7V2390WQ6DV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 01:44:27 GMT
age: 1625
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 02:11:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn

74.206.228.78

302 Moved Temporarily

145 B

URL HTTP/1.1
uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn
IP
74.206.228.78:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
145 B (145 bytes)
Hash
bfe2c1d1b36c62666ce9ba537d324bd4
4d52a7c6d2909a506a4e81559eb24e8af077c741
5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /fzn HTTP/1.1
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:32 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/

uk.userwww.pcukhgdn8yr.firedmeupppzs.com/

74.206.228.78

200 OK

249 B

URL HTTP/1.1
uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
IP
74.206.228.78:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
249 B (249 bytes)
Hash
0b9d0491305b5be261051b77b77bbd5f
e62f1b10b390e6a92b1af6d763889e8c9719b0bd
6c98980d917ee292e56b34d23c756c1c4488c19174f189ddef527a24f4145e32

HTTP Headers

GET / HTTP/1.1
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:32 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 02:08:54 GMT
cache-control: public,max-age=3600
age: 159
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

uk.userwww.pcukhgdn8yr.firedmeupppzs.com/favicon.ico

74.206.228.78

404 Not Found

114 B

URL HTTP/1.1
uk.userwww.pcukhgdn8yr.firedmeupppzs.com/favicon.ico
IP
74.206.228.78:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
114 B (114 bytes)
Hash
021ffd3b4e081732edb9f2fa096e8ef2
4b0c71d74bf395719f8f91e4903609e37b513046
71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/

HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4264
Cache-Control: max-age=115582
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:33 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:17:55 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.162.142.194

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.142.194:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vAQjSA5Mb7dABT0R8Uvy1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lnaZkoMIPOztdATHHyS3kDDojP4=

firedmeupppzs.com/

173.239.5.6

200 OK

180 B

URL HTTP/1.1
firedmeupppzs.com/
IP
173.239.5.6:0
ASN
#27257 WEBAIR-INTERNET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
180 B (180 bytes)
Hash
008364e5525fa0b45b4c30b2033bbaa3
8063387c0363da6654175c03cc0efd6316d55ff4
75ccd9a310cefb1aa3c0db6c456543c5bd4e5fa6275ca587a6c8aced01b5f281

HTTP Headers

POST / HTTP/1.1
Host: firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com
Connection: keep-alive
Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 27 Nov 2022 02:11:33 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MSwidHMiOjE2Njk1MTUwOTMsImhhc2giOiIwNDc5ZWNiYyJ9;Expires=Sun, 27-Nov-2022 03:11:33 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae

178.162.151.164

200 OK

170 B

URL HTTP/1.1
q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae
IP
178.162.151.164:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
21d72f42feb4f0c92910583f72350a59
7d3444f9a1db6a7acbdab21e9632c6ca9e433057
28e1d374a220029cf5d5938071d2278080631cef09fe5b2dd33256396d2c74f1

HTTP Headers

GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae HTTP/1.1
Host: q3.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firedmeupppzs.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 02:11:33 GMT
server: nginx

q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1

178.162.151.164

302 Found

11 B

URL HTTP/1.1
q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1
IP
178.162.151.164:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1 HTTP/1.1
Host: q3.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 27 Nov 2022 02:11:33 GMT
location: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
server: nginx

btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d

192.99.158.241

200 OK

5.5 kB

URL HTTP/1.1
btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
IP
192.99.158.241:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Size
5.5 kB (5470 bytes)
Hash
e02c7857263c70577be459cd78d79458
85117831d9dc8ab92b95ccd12d2c1b6cd72160f7
ddd86ffb491931e3de71184007ebe3be0bd84ff393a818245bb5244da78e31db

HTTP Headers

GET /click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 27 Nov 2022 02:11:33 GMT
Content-Length: 5470

btpnav.com/Redirect/

192.99.158.241

302 Found

270 B

URL HTTP/1.1
btpnav.com/Redirect/
IP
192.99.158.241:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
270 B (270 bytes)
Hash
69875c76217d69b9210ecd80864c5a3f
5b0cf9e3a60b3748686c090e2bf9a74fc053556c
ddb521ea96acd51e0d3df6542e974e521a7fc5b0e14fb6440e4e79e4905b736e

HTTP Headers

POST /Redirect/ HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 358
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 27 Nov 2022 02:11:34 GMT
Content-Length: 270

dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51

3.212.50.125

200

1.1 kB

URL HTTP/1.1
dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP
3.212.50.125:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1100 bytes)
Hash
91783059f1fe33914c6ce244a2e69e14
4732fdd7686ac6d51020c5a1539a06d896a7b723
84bd2178481065323dee44da690db2921363efe10c362883536f2b4e86f18143

HTTP Headers

GET /zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 27 Nov 2022 02:11:34 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: kXipAYyj

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8584 bytes)
Hash
d6328cb630204883d77babc9922075f1
e440f7b94b53b6e7880b26f9653b1b266aae0190
b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8584
x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCKAsGTDIAMFa1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yeEzjiU_qN75issum4uP2zFM3C-DlSfIm728WgTPLvfvUmT0fWf-lA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:02:07 GMT
age: 14967
etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13049 bytes)
Hash
1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 1486
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9073 bytes)
Hash
ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:41:41 GMT
age: 34193
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 15597
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7380 bytes)
Hash
76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 15686
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8817 bytes)
Hash
741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 35774
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dipaka-ead.com/zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

3.212.50.125

200

350 B

URL HTTP/1.1
dipaka-ead.com/zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
3.212.50.125:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
350 B (350 bytes)
Hash
d095ed6846f98f495edf201231f48a9f
927469eb6400d68d93c73abac2048e43c0a36f2c
88a7a57b8904544a9bd9b6e165ab2884bdc4ff112fd452af211b3447bda73e34

HTTP Headers

GET /zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 27 Nov 2022 02:11:35 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: QOmeMSPK

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1673b0486c9be61bd85835b847b21e01
f27163859dd9db5043c4b1a67f7156112032d722
410eb00e90a31db5fcbfbe2dd46eac00f7c4423f39b124b5f313fc2576444e0b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "410EB00E90A31DB5FCBFBE2DD46EAC00F7C4423F39B124B5F313FC2576444E0B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1418
Expires: Sun, 27 Nov 2022 02:35:13 GMT
Date: Sun, 27 Nov 2022 02:11:35 GMT
Connection: keep-alive

clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4

78.46.197.88

200 OK

343 B

URL HTTP/2
clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4
IP
78.46.197.88:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (343), with no line terminators
Size
343 B (343 bytes)
Hash
be29a96690d7c112bd1cdf10b8c12cf0
bb43c5f0196d76faa94def56c0ddad270189135b
cb4473dd7f16b3b1d00315cf2b5207271b53593b9f3b2c8ccad3ef239d7df417

HTTP Headers

GET /s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: fde7d8409902205b0ea4c877b43ca40b=f819c981f8d4a4fc68abc2833b2998e329ea2393fb2c7bb5cfdd73e997a8f952a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22fde7d8409902205b0ea4c877b43ca40b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 343
content-type: text/html; charset=UTF-8
date: Sun, 27 Nov 2022 02:11:35 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2fc5d0e264068b334c44f627b7581cb0
b13ae71a3e2727587f2b2b212ced135feb6703e0
748d34be18b9cd25ddb8f887e7de9e7aed70ce8501962796ebc302ae9075ec91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "748D34BE18B9CD25DDB8F887E7DE9E7AED70CE8501962796EBC302AE9075EC91"
Last-Modified: Sat, 26 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17875
Expires: Sun, 27 Nov 2022 07:09:30 GMT
Date: Sun, 27 Nov 2022 02:11:35 GMT
Connection: keep-alive

lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf

5.9.110.29

200 OK

939 B

URL HTTP/1.1
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf
IP
5.9.110.29:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c1234b292029f73930b3c268fb278c4d
7ee9df2b0fe1a956ce300adeba8cdb3199f726cf
48a4a0112b6901c8412c8841e111a6b5222d318c7e227b6cbd2caa15820b0b4c

HTTP Headers

GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:35 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397

5.9.110.29

200 OK

867 B

URL HTTP/1.1
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397
IP
5.9.110.29:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Size
867 B (867 bytes)
Hash
4e55a087a564aa24d050f8ce32ec31b0
fbe2770fad8aa2da1a98652d06e2cc8c0e8fcdce
71e6352f0fb5f404cb68e1ce1b36f13034d42d389d624773b3b1dfa8de36b041

HTTP Headers

GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:35 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
204b24e9ac60abc06a19386cb6571322
dd66f37e6d236ee6b0f7c9b54ef64c715da2942b
bb6992d0c6858671c529cfc4dc5d7368f7dac927e3ebed6a402812a007b665d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB6992D0C6858671C529CFC4DC5D7368F7DAC927E3EBED6A402812A007B665D9"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7604
Expires: Sun, 27 Nov 2022 04:18:20 GMT
Date: Sun, 27 Nov 2022 02:11:36 GMT
Connection: keep-alive

api.yadore.com/v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9

88.99.112.2

302 Found

0 B

URL HTTP/2
api.yadore.com/v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9
IP
88.99.112.2:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 27 Nov 2022 02:11:36 GMT
location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
content-length: 0
X-Firefox-Spdy: h2

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
42d19e502650716229ee612769e3fc14
2812ab691f84a638f5cbcdf16e7fc606c819acb1
c19862f9090eadde6ca024265a2fa6cb1def302c0d00473840738fe63a902fb5

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4711
Cache-Control: max-age=146260
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "63824d45-1d7"
Expires: Mon, 28 Nov 2022 18:49:16 GMT
Last-Modified: Sat, 26 Nov 2022 17:30:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false

95.211.116.27

200 OK

33 kB

URL HTTP/1.1
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Size
33 kB (32670 bytes)
Hash
9f0f3c96933a982fff2e2eadc8561311
2917b2f051a8bf34d0c992051b0419dc17eeadf9
bcf60ae146df44bd8729a0fef555f9779a6434dfdc58f152c7fce24b5aa8f9ec

HTTP Headers

GET /ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191
clickId: 107698111_1669515096213_5564741
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.01749S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 32670
Set-Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c626f-184b6dab095-1a421c; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive

no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741

95.211.116.27

200 OK

0 B

URL HTTP/1.1
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
Request-Time: PT0.002804S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive

no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741

95.211.116.27

200 OK

68 B

URL HTTP/1.1
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
Request-Time: PT0.001148S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=80
Connection: Keep-Alive

dd.kelkoogroup.net/tags.js

54.230.111.104

200 OK

43 kB

URL HTTP/2
dd.kelkoogroup.net/tags.js
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65432)
Size
43 kB (43164 bytes)
Hash
1e9601b9f2fcd0d1d742e87fd046749c
88431bfdad7d8be4cf62396a57aebcec0de09827
4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb

HTTP Headers

GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 43164
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 15:19:16 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront), 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
date: Sun, 27 Nov 2022 01:20:30 GMT
cache-control: max-age=3600, public
expires: Sun, 27 Nov 2022 02:19:58 GMT
etag: "33bf8-5edac1cc94a7f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: dkYLkd0Xpu5tIZdyjk5_J0oPF4Eu4YrMd-cDv_QfDhOIgabmsa6j_Q==
age: 3098
X-Firefox-Spdy: h2

no-go.kelkoogroup.net/favicon.ico

95.211.116.27

403 Forbidden

0 B

URL HTTP/1.0
no-go.kelkoogroup.net/favicon.ico
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178

95.211.116.27

303 See Other

0 B

URL HTTP/1.1
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 303 See Other
Date: Sun, 27 Nov 2022 02:11:36 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191
clickId: 107698111_1669515096213_5564741
country: no
Location: https://track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.014161S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=1IOcQZFmcEjZwPyQJ-HPW_dTenvKnz-8rKqxfyACqRx3_Gwi7NI0VlWy6hObFkMrDItN60SdtAaEbw1F04JXA9oZyGwAO2xR1dM5AI~zfDuE7-TTO3~ckKrsh39n1IqU; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=94
Connection: Keep-Alive
Content-Type: text/plain

ocsp.usertrust.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
aad2eb2715bd2f733f7f464d18820e81
f1c5ce4fb8c1b312d4a6ca6ccc0afdc9764de782
f46b45c4c5213add16b3696dff48ecae96c1f01d761dcc44e37641ef6784ae8c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 01:51:17 GMT
Expires: Sat, 03 Dec 2022 01:51:16 GMT
Etag: "f1c5ce4fb8c1b312d4a6ca6ccc0afdc9764de782"
Cache-Control: max-age=602982,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1681
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7707558959f6b4f7-OSL

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
078b9e6c4a43b802b3509f943a136fd7
149c6045698afe5ac71fb9e58d235413d8fa428e
b298255fed758b4cbc6765ad14def8f2088806e1c1d54e72f2d4d8f54de68078

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1397
Cache-Control: max-age=163469
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "63829d70-1d7"
Expires: Mon, 28 Nov 2022 23:36:05 GMT
Last-Modified: Sat, 26 Nov 2022 23:12:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

api-js.datadome.co/js/

13.51.39.45

200 OK

235 B

URL HTTP/2
api-js.datadome.co/js/
IP
13.51.39.45:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
235 B (235 bytes)
Hash
d2610b8a4d3809168bc20cf07472f5df
fea34c527275b6b6f54cff82c071ec43e73ce8c4
e9da6c853de2c85d2c0ac4e37d2ffb2c15c0b8b03f425e141565f514f3ddc074

HTTP Headers

POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4137
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 02:11:36 GMT
content-type: application/json;charset=utf-8
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2

track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178

13.49.53.120

302

0 B

URL HTTP/1.1
track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178
IP
13.49.53.120:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1
Host: track.adtraction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 
Cache-Control: no-cache
Access-Control-Allow-Origin: *
X-TraceId: 2cb9b664-3f06-493c-badf-fec36f6c2406
Set-Cookie: at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04; Max-Age=94608000; Path=/; Domain=track.adtraction.com; SameSite=None; Secure
Location: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Transfer-Encoding: chunked
Date: Sun, 27 Nov 2022 02:11:36 GMT
Connection: close

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b0417f7562764247b4a3ff9217831048
67c470b75d382380e82c12982a18a4d98a44404b
1051b3c6025a727cb596abbce26416175e04c001fd521f239349df01d4982e39

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1510
Cache-Control: max-age=170808
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "6382b9aa-1d7"
Expires: Tue, 29 Nov 2022 01:38:24 GMT
Last-Modified: Sun, 27 Nov 2022 01:13:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04

88.151.167.196

200

35 kB

URL HTTP/1.1
www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (338), with CRLF, LF line terminators
Size
35 kB (35087 bytes)
Hash
c1fa6666a3bbbf0c1981573470a3cb7f
3c38ac8a7dc5f7edee204525a6798f2f8d0052f1
f807d8749080fb2a629e80357151c7676198874b7dcd5cb568b72a76e13e8ce6

HTTP Headers

GET /boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:36 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
Cache-Control: public,max-age=10800, private
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611

142.250.74.174

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sun, 27 Nov 2022 02:11:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.ark.no/wro/ark_responsive.css?_=1669213137557

88.151.167.196

200

352 kB

URL HTTP/1.1
www.ark.no/wro/ark_responsive.css?_=1669213137557
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
ASCII text, with very long lines (11679)
Size
352 kB (351503 bytes)
Hash
f0afbbb4d6e93b760006379694d7da13
122ea0da8b680eed0896699238a0307efe347bef
8ca68813ddfdba5be43a7357cbbe1b5a0bd66ade327a0bff6126273b174b1771

HTTP Headers

GET /wro/ark_responsive.css?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:36 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 22:11:36 GMT
last-modified: Wed, 16 Nov 2022 22:11:36 GMT
ETag: W/"1dfaaa8129ec8bbbd3deb8cf9c689a583683470"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly

www.ark.no/wro/addons_responsive.css?_=1669213137557

88.151.167.196

200

12 kB

URL HTTP/1.1
www.ark.no/wro/addons_responsive.css?_=1669213137557
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
Unicode text, UTF-8 text, with very long lines (11140)
Size
12 kB (12278 bytes)
Hash
216f08b4ee6d77be2b4c3a56c2ee5451
c1ec92884e985e9557d3f031e34618fd0c6c354e
8d161b1a9434d6c394ff7e15c7534f651c0e0ae75738655c9bf4eac076397512

HTTP Headers

GET /wro/addons_responsive.css?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 21:57:54 GMT
last-modified: Wed, 16 Nov 2022 21:57:54 GMT
ETag: W/"1ac4f62a4e595c7683f2f4fa6d13255372a39192"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

use.typekit.net/vgu7prb.css

23.36.76.186

200 OK

748 B

URL HTTP/2
use.typekit.net/vgu7prb.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
748 B (748 bytes)
Hash
3453162d92bf8b997d346882fde33714
20cc0e9deece4903bf48252409be7f8e37efd3a3
d057627e92229d3b57763859da0b6d3f6f8457b7db60d223279d228ff7b83a6c

HTTP Headers

GET /vgu7prb.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 748
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2

www.ark.no/_ui/responsive/common/js/before-dom-ready.js?_=1669213137557

88.151.167.196

200

960 B

URL HTTP/1.1
www.ark.no/_ui/responsive/common/js/before-dom-ready.js?_=1669213137557
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
ASCII text
Size
960 B (960 bytes)
Hash
07cec007e266c0dde7d13b1ea4f12ee5
f36ebc5c3d6fc6b63f0855e354387b91d376b586
7f80dce27a7e5eeb3be2fd88e807c6a6fe7ca8df4f14d2304e80cd130d50653f

HTTP Headers

GET /_ui/responsive/common/js/before-dom-ready.js?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"4185-1668634529010"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/_ui/shared/js/generatedVariables.js

88.151.167.196

200

272 B

URL HTTP/1.1
www.ark.no/_ui/shared/js/generatedVariables.js
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
ASCII text
Size
272 B (272 bytes)
Hash
2509fe5a4bc5022a5f08b29a8dc7bf56
ae1575c0593c35fa10ef1f38d7fc3ca87bc87326
ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840

HTTP Headers

GET /_ui/shared/js/generatedVariables.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 272
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"272-1668636399382"
Last-Modified: Wed, 16 Nov 2022 22:06:39 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

p.typekit.net/p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2

www.ark.no/_ui/shared/js/analyticsmediator.js

88.151.167.196

200

406 B

URL HTTP/1.1
www.ark.no/_ui/shared/js/analyticsmediator.js
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
ASCII text
Size
406 B (406 bytes)
Hash
e9e6515b6d0a979b3cbf1585f5ea8593
019dc45c7d9a25f12a0fd2e55e971f9d91d6923a
dce57ddbe6ab1cfbdefd5958949d3a18011279c9819651401327c26cf353884b

HTTP Headers

GET /_ui/shared/js/analyticsmediator.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1099-1668635653873"
Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/user-data/javascript-variables.js

88.151.167.196

200

679 B

URL HTTP/1.1
www.ark.no/user-data/javascript-variables.js
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
ASCII text
Size
679 B (679 bytes)
Hash
620dfe83ec2c047894b01ad5b875d645
0babf60bb7fbf0e2d7f19d96727d1e73d799fc95
f31749f6a4d1bcdfa6af2f9e32c5b5d504229adfc0d291304b6168d8c51b1670

HTTP Headers

GET /user-data/javascript-variables.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
X-Frame-Options: ALLOWALL
Set-Cookie: JSESSIONID=78CDF310434080ECB99E837A8FC279D5; Path=/; Secure; HttpOnly
anonymous-consents=%5B%5D; Max-Age=31536000; Expires=Mon, 27-Nov-2023 02:11:37 GMT; Path=/; Secure; HttpOnly
cookie-notification=NOT_ACCEPTED; Max-Age=360000000; Expires=Mon, 24-Apr-2034 18:11:37 GMT; Path=/; Secure
SRVID=P1; path=/; HttpOnly; Secure
NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: application/javascript;charset=UTF-8
Content-Language: no
Content-Length: 679
Date: Sun, 27 Nov 2022 02:11:36 GMT

www.ark.no/static/header-search.min.css

88.151.167.196

200 OK

11 kB

URL HTTP/1.1
www.ark.no/static/header-search.min.css
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
Unicode text, UTF-8 text, with very long lines (59370)
Size
11 kB (11073 bytes)
Hash
b374aa6d5ab506a81b333b6a1ac5c959
5a53ec11595b533e6e6a4cf511d1d242042032f5
b574fd83f0380206cffb01cad4beed9591d3daa178c58e3df2eb6fc64062c760

HTTP Headers

GET /static/header-search.min.css HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
Date: Sun, 27 Nov 2022 02:11:37 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"e7ec-184a253d590"
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.evgnet.com/beacon/gyldendal/ark_production/scripts/evergage.min.js

151.101.128.114

200 OK

50 kB

URL HTTP/2
cdn.evgnet.com/beacon/gyldendal/ark_production/scripts/evergage.min.js
IP
151.101.128.114:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (594)
Size
50 kB (50013 bytes)
Hash
39bc0ec486db4097b88063bbf18a0a65
14fb3dd0ff72962bb028dcbc83f22c1acc9f77be
7fd56328f62e0516c09fe7691225f80baa44fbd46019224172d9a932bc6bcbc5

HTTP Headers

GET /beacon/gyldendal/ark_production/scripts/evergage.min.js HTTP/1.1
Host: cdn.evgnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: faPkUFcnsvGPsNBBeMYEalTXsNaKZdlfdm26+FltH/351NHnj8baSZR4Vx40VSYsvribpgjGB6I=
x-amz-request-id: S19JP7RQBXGHVSQ2
x-amz-replication-status: COMPLETED
last-modified: Sat, 26 Nov 2022 07:43:47 GMT
etag: "39bc0ec486db4097b88063bbf18a0a65"
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 16
x-amz-meta-evergage-sum: 96f2de31f3cfc41ead0a6c913ccf85ed130d951a
x-amz-version-id: SjR9IpUexr7lbUtSMflzvSYqFoiv8nqV
content-type: application/javascript; charset=utf-8
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:37 GMT
age: 114
x-served-by: cache-iad-kiad7000038-IAD, cache-bma1648-BMA
x-cache: HIT, HIT
x-cache-hits: 50, 1
x-timer: S1669515097.111552,VS0,VE2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 50013
X-Firefox-Spdy: h2

www.ark.no/medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ

88.151.167.196

200

833 B

URL HTTP/1.1
www.ark.no/medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (505)
Size
833 B (833 bytes)
Hash
a65a28e2ad19b9e91ca93072bfbe63b8
6da5492a8ef70f757684e6d8c7fdf5465f8e8ef5
651edc2a0abc01a83a06cc633c50f8513fd2c6f89bf3f48f1dc141dfb3bd1bde

HTTP Headers

GET /medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/wro/addons_responsive.js?_=1669213137557

88.151.167.196

200

55 kB

URL HTTP/1.1
www.ark.no/wro/addons_responsive.js?_=1669213137557
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
Unicode text, UTF-8 text, with very long lines (11839)
Size
55 kB (55204 bytes)
Hash
2db791df263b17f02f3f8fc8f06f4337
ada8a25364bcc1b1599ab300210b4aa47eca4f0b
9da5304bd17271e262e1035f642e811db52dedf663ca9350cf221afe1ff368b5

HTTP Headers

GET /wro/addons_responsive.js?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 22:11:36 GMT
last-modified: Wed, 16 Nov 2022 22:11:36 GMT
ETag: W/"a38ffc581f14c7c21274979251d7750c976f8bc3"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE

88.151.167.196

200

1.1 kB

URL HTTP/1.1
www.ark.no/medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Size
1.1 kB (1111 bytes)
Hash
0a85c6a1e5c3ffbc071617fbd9ac913a
2de167bf33e1c83bcc6a2d3d4edd56db38edc7a0
63d0ff4f0676641152de7bf3b26d17331570e705a592d1baa207becfb0db8287

HTTP Headers

GET /medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM

88.151.167.196

200

713 B

URL HTTP/1.1
www.ark.no/medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (607)
Size
713 B (713 bytes)
Hash
59bea278cf46189e717d7c8d24532688
c322abc6e6291e5ce89103324935099ed4d22659
2bf262cf6bd9b866c2c7a363ca13d02b50c1c5ef10f90e945794b41cf68a0311

HTTP Headers

GET /medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/_ui/responsive/common/images/novicell/exchange.svg

88.151.167.196

200

821 B

URL HTTP/1.1
www.ark.no/_ui/responsive/common/images/novicell/exchange.svg
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (637)
Size
821 B (821 bytes)
Hash
cfa6637ae45a37a2696c599217b51100
8e40845ea27fac927c1a0ffebee688b07a0511db
5ffc92b06847b5911df0f94bfd3dde0a6ec7adc1f46226e679e5f3d78ca0fe40

HTTP Headers

GET /_ui/responsive/common/images/novicell/exchange.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"2002-1668634529039"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.ark.no/medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw

88.151.167.196

200

5.4 kB

URL HTTP/1.1
www.ark.no/medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
PNG image data, 84 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5375 bytes)
Hash
694117356cff0567f422a7151b0bef89
cff747b3405329e61434661350b787eb78974bc5
5b4539a78df44e55a07e737bcbb2b3c4f0e991c1e94eb5eba68cd039a9ad73ab

HTTP Headers

GET /medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/png
Content-Length: 5375
X-Frame-Options: ALLOWALL
ETag: c9090923bba9332b51b1e7fd3123786a
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

static.lipscore.com/assets/no/lipscore-v1.js

54.230.111.8

200 OK

69 kB

URL HTTP/1.1
static.lipscore.com/assets/no/lipscore-v1.js
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (589)
Size
69 kB (69216 bytes)
Hash
97e709db0efc7e4edcf01c2a116c6e10
7509e2a1739bb8bf0d1b43942128a760f4c7e918
9736aad14a6b6460b71f0cbdc9d1f0035cd4c8947029b788450afcf35376a92e

HTTP Headers

GET /assets/no/lipscore-v1.js HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 69216
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 09:21:17 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 26 Nov 2022 09:42:00 GMT
ETag: "97e709db0efc7e4edcf01c2a116c6e10"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8eaZjazjSEBxBKD1Nsf-32u_ZT-IdQ5yj-TF0D0nzw9k-36zVcSROQ==
Age: 59378

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
51fae185a90e21e2aad28dae22e6e206
ecc25e2aeda71bf2c549b67fe3564b0764f235d8
affc28e0f7113182ca099f5b442fc29e7cece3560ed5dfa34049463f8b28fd5e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "638282c1-1d7"
Last-Modified: Sun, 27 Nov 2022 01:39:14 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iz3vM4Cl2NcPIkwE7VOpRcEPF4GXJYUfR8CcOnW8SHvnoJs8suQqKg==
Age: 1943

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.ark.no/_ui/responsive/common/images/novicell/icons2.svg

88.151.167.196

200

4.9 kB

URL HTTP/1.1
www.ark.no/_ui/responsive/common/images/novicell/icons2.svg
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (1330)
Size
4.9 kB (4859 bytes)
Hash
70c1bf2e0f79bc0aa4d4db691f9bc7a3
495e5325437a26f559639c130907738b814636b6
748803c439e7801084d8c6e89068513dcd62c1fa40b7efa6d2f638d2a61d2ff3

HTTP Headers

GET /_ui/responsive/common/images/novicell/icons2.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"13291-1668636417977"
Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/_ui/responsive/common/images/basket.svg

88.151.167.196

200

594 B

URL HTTP/1.1
www.ark.no/_ui/responsive/common/images/basket.svg
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1585)
Size
594 B (594 bytes)
Hash
9138a81597c7a7be51c2c04a23f55d48
e38874fa64494f77be7bedfafd07ec8e6a597cd4
797706ae7c9eaf6990b12849249aa0315b75183818d7a5f0a7b5e1b9a18c8ce8

HTTP Headers

GET /_ui/responsive/common/images/basket.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1586-1668636417967"
Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.ark.no/_ui/responsive/common/images/login.svg

88.151.167.196

200

248 B

URL HTTP/1.1
www.ark.no/_ui/responsive/common/images/login.svg
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (315), with no line terminators
Size
248 B (248 bytes)
Hash
e65002a0979088d966fe62fa04ad8546
4944836607208694e22e687730313c8b7c581575
bef4b9504593faecec695ea3116301541c0dc1eb6b416c2975efae0db63bc525

HTTP Headers

GET /_ui/responsive/common/images/login.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
ntCoent-Length: 315
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"315-1668635653863"
Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Content-Encoding: gzip
Content-Length: 248

www.ark.no/_ui/responsive/common/images/heart.svg

88.151.167.196

200

485 B

URL HTTP/1.1
www.ark.no/_ui/responsive/common/images/heart.svg
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810), with no line terminators
Size
485 B (485 bytes)
Hash
bf6c87810144048478a4af1e7036172e
1df92e763e945e02c10a65ab7ff4dd2d2a8326b8
3db00c85a23dc9c933ba41c66ea40b54a117378940f2f50ed07e4c1e8e85e358

HTTP Headers

GET /_ui/responsive/common/images/heart.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
ntCoent-Length: 810
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"810-1668634529034"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Content-Encoding: gzip
Content-Length: 485

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ce06bb900fc5b1f7fc3714d1540a99be
603ba95c950a10f70dcaa634512e3058c6852e2b
e4eeb595763dca3a9e7866f1ea60fdb43c68718066023c54cebfe08de82934bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113180
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "6381d450-1d7"
Expires: Mon, 28 Nov 2022 09:37:57 GMT
Last-Modified: Sat, 26 Nov 2022 08:54:40 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 56noltW0rS3jWEaFECUOzyjtMwofkuF6XWdi8LZUBujsHudKzOtc6A==
Age: 2597

arkcms.s3-eu-west-1.amazonaws.com/2020/click_and_collect_icon_pdp.png

52.218.88.224

200 OK

579 B

URL HTTP/1.1
arkcms.s3-eu-west-1.amazonaws.com/2020/click_and_collect_icon_pdp.png
IP
52.218.88.224:0
ASN
#16509 AMAZON-02

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
579 B (579 bytes)
Hash
ae12c3709e57f42d625e8c0e5bbd65ff
4da0f6b488bce010ef84fb38a488814ba8b41cc2
6aaec1fe9381c3deb009111c81a4e4c599b1b3fdbb346ab0412c850d00b82603

HTTP Headers

GET /2020/click_and_collect_icon_pdp.png HTTP/1.1
Host: arkcms.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: R5xHVfc6Jmit1KfUYFZDKEerCXW7fJwV911TLdLTGNNPMGhd/Vj7tENvunndd3l+PNQQ9XvDhKM=
x-amz-request-id: WM1JG975W1K2M8ME
Date: Sun, 27 Nov 2022 02:11:38 GMT
Last-Modified: Wed, 09 Dec 2020 10:28:47 GMT
ETag: "ae12c3709e57f42d625e8c0e5bbd65ff"
x-amz-meta-cb-modifiedtime: Wed, 09 Dec 2020 10:28:18 GMT
x-amz-version-id: rcTJgyMvadfkuGRJwZxwntujgFgIeUke
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 579

static.lipscore.com/assets/lipscore-v1.css

54.230.111.8

200 OK

12 kB

URL HTTP/1.1
static.lipscore.com/assets/lipscore-v1.css
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
12 kB (11566 bytes)
Hash
ad324c13384f3748c4d121fab666b608
de2833b8d80bd2ca7b1a077086e803fa9f947cc5
7597379ecb627246ef4309081cce9d17780443654ffe9270a33448189e4dfdfb

HTTP Headers

GET /assets/lipscore-v1.css HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 11566
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 09:19:44 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 26 Nov 2022 09:42:01 GMT
ETag: "ad324c13384f3748c4d121fab666b608"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IhLbntTrKMJxZuRFSdf7HNaWtTRcYuXuBgHSSHik6PXRd0bwW78o3Q==
Age: 59377

www.ark.no/_ui/responsive/common/images/spinner.gif

88.151.167.196

200

1.1 kB

URL HTTP/1.1
www.ark.no/_ui/responsive/common/images/spinner.gif
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
1.1 kB (1101 bytes)
Hash
5ce7976b7df2fc004edd0514e74c912f
8e274e6894bfa048d740598ad9dc347c843b53e8
cc059971515e77a7ff8e6771b1bfdf11c39370ad399c85ae151e620f79ff6ea1

HTTP Headers

GET /_ui/responsive/common/images/spinner.gif HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1101
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1101-1668634529044"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

use.typekit.net/af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3

23.36.76.186

200 OK

24 kB

URL HTTP/2
use.typekit.net/af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 24224, version 1.0\012- data
Size
24 kB (24224 bytes)
Hash
f005bbf156a8b3f0d2a3f617decb7504
22df422ea62af0cbe56d87697fa73ed43753c2ba
ef02debd597b2a650c8e3657bf87d2d0ac2c6cdd10cf5c074eaff5eae53fafb2

HTTP Headers

GET /af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24224
etag: "e8db8b219fe0e512ab6df6bb665cccbe9558a4d8"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2

d2df291ti5v5sq.cloudfront.net/rc/35408/scripts/s.js

54.230.111.49

200 OK

17 B

URL HTTP/2
d2df291ti5v5sq.cloudfront.net/rc/35408/scripts/s.js
IP
54.230.111.49:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
17 B (17 bytes)
Hash
a33a21825ee0bbfbd37c7f17465ee58b
0a1cea8a83e1df552650c210cc03ec629839dc1a
0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f

HTTP Headers

GET /rc/35408/scripts/s.js HTTP/1.1
Host: d2df291ti5v5sq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 17
date: Sat, 26 Nov 2022 02:21:01 GMT
last-modified: Tue, 04 Oct 2022 12:17:09 GMT
etag: "a33a21825ee0bbfbd37c7f17465ee58b"
x-amz-meta-version: -1
x-amz-meta-previous: rc/35408/scripts/s-1664885824.js
x-amz-meta-blankedout: true
x-amz-meta-deployeddate: 2022-10-04 12:17:04
x-amz-meta-invalidationid: I32KDJXI400N4D
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fok3Qj4e7WGRAf9HyzgkGwmZoT8g7R7kvwleuEAStNinI1O_BCNGfg==
age: 85837
X-Firefox-Spdy: h2

consent.cookiebot.com/uc.js

104.84.152.64

200 OK

32 kB

URL HTTP/2
consent.cookiebot.com/uc.js
IP
104.84.152.64:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Size
32 kB (31705 bytes)
Hash
696e11ea704a1a9043864196e1dd41ee
a322a1d9858541cb17a662d8267c1a86b91fc6c3
33a05733a663a3d87ea1275899038ec82a2824de58b8fd07f02c9852dbc56c43

HTTP Headers

GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31705
cache-control: public, max-age=1131
expires: Sun, 27 Nov 2022 02:30:28 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b967106f3fa216e144d901203204b3b8
e3e51dd036cc513690c8248c638bd71707548ee9
8d8650abacabb9cde08eabb6326ed35756090fa4d77d4d44060b73e6af31ae3d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154710
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "638271f1-1d7"
Expires: Mon, 28 Nov 2022 21:10:07 GMT
Last-Modified: Sat, 26 Nov 2022 20:07:13 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gmWJR-Tita-wP-QDHjjS_BrmTTE3uX9kKIs-LXp4IHVfTmL08s_grg==
Age: 3774

consentcdn.cookiebot.com/sdk/bc-v4.min.html

104.110.3.72

200 OK

392 B

URL HTTP/2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
104.110.3.72:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Size
392 B (392 bytes)
Hash
e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35

HTTP Headers

GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Mon, 06 Nov 2023 16:03:34 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2

consent.cookiebot.com/8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false

104.84.152.64

200 OK

60 kB

URL HTTP/2
consent.cookiebot.com/8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false
IP
104.84.152.64:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65499)
Size
60 kB (59843 bytes)
Hash
7436aa0eae55cff68d222f7c93841936
b23b07beca0a9cde7d3e882bcb55f5327f3ebb49
29c946240c2fb857034d9cf18349ba5efd809b6cca05b1763a7c0dcc790789e1

HTTP Headers

GET /8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Sun, 27 Nov 2022 02:11:37 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 59843
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2

gyldendal.germany-2.evergage.com/api2/event/ark_production

3.127.112.93

200 OK

7.4 kB

URL HTTP/2
gyldendal.germany-2.evergage.com/api2/event/ark_production
IP
3.127.112.93:0
ASN
#16509 AMAZON-02

File type
data
Size
7.4 kB (7403 bytes)
Hash
ff71b8cd337b2ba74a00f00736dfc378
727a3759c538f93f418d476be1d3b4f2a764b233
9ce193b71199392d1a0c946715dafff7e796c04b651ebb4ab1cff033d7f33cce

HTTP Headers

POST /api2/event/ark_production HTTP/1.1
Host: gyldendal.germany-2.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1818
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 02:11:37 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALB=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/
AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
access-control-allow-credentials: true
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

d81mfvml8p5ml.cloudfront.net/iged132l.js

143.204.42.86

200 OK

0 B

URL HTTP/2
d81mfvml8p5ml.cloudfront.net/iged132l.js
IP
143.204.42.86:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /iged132l.js HTTP/1.1
Host: d81mfvml8p5ml.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 0
last-modified: Mon, 19 Aug 2019 10:24:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: max-age=600
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wmUo18jW6YiVixePFPQVyn3RzayLXaBqortCtBANAlE6917Sq0ZcGw==
age: 277
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 00:41:08 GMT
expires: Sun, 27 Nov 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 5429
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
425f07b8f307197c46e95ccff387c113
b1b40dc823e78f05088972064a4e7f51d0806cad
d0546bd03ec73e190f947699b0c10bf1a1f2b7c5610d1267456ca6fffbb584c0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159869
Date: Sun, 27 Nov 2022 02:11:38 GMT
Etag: "63828e0b-1d7"
Expires: Mon, 28 Nov 2022 22:36:07 GMT
Last-Modified: Sat, 26 Nov 2022 22:07:07 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zx6P2A-CHPR5TrFMf8bnwXUbnMXwb77v05P5KIcB1aI2sq_ABXtgHQ==
Age: 1740

dj4fsg3e1je59.cloudfront.net/9780226543178/img/0-S

143.204.42.104

200 OK

18 kB

URL HTTP/1.1
dj4fsg3e1je59.cloudfront.net/9780226543178/img/0-S
IP
143.204.42.104:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x180, components 3\012- data
Size
18 kB (18273 bytes)
Hash
475d683320e29259c5f56ffbeff6e312
d40bf2f373dc49dca5e5036fdd4e64885bab6889
6f8d7dff432d7c7ef0ca00c423217d57f27566645d30ac87ed98e2e005e70b21

HTTP Headers

GET /9780226543178/img/0-S HTTP/1.1
Host: dj4fsg3e1je59.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 18273
Connection: keep-alive
Date: Sun, 27 Nov 2022 02:11:39 GMT
Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT
ETag: "475d683320e29259c5f56ffbeff6e312"
Cache-Control: max-age=604800
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 94I5BaeFaVKMxpwEE-7KfxSmlRxV-MBlW5h63U2BAfnyOuNjXZLbOA==

dj4fsg3e1je59.cloudfront.net/9780226543178/img/0

143.204.42.104

200 OK

130 kB

URL HTTP/1.1
dj4fsg3e1je59.cloudfront.net/9780226543178/img/0
IP
143.204.42.104:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 426x640, components 3\012- data
Size
130 kB (129797 bytes)
Hash
5035c9db58868e24a8e20e1afa1cebdc
29daedbf86b1f2487ab3aa0c6fc32d88857c86e4
9d24d2a713c9b8c28dbfec01d2f3c81dd01278853d93e88830aee2a58aa9bdae

HTTP Headers

GET /9780226543178/img/0 HTTP/1.1
Host: dj4fsg3e1je59.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 129797
Connection: keep-alive
Date: Sun, 27 Nov 2022 02:11:39 GMT
Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT
ETag: "5035c9db58868e24a8e20e1afa1cebdc"
Cache-Control: max-age=604800
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iYElR33T0vz-gRxX1F6WgCdqotEHan5P9DCs9PAUMd0JoEmLgbiCmQ==

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
404c846bf9cbbe0ac7d69a1db047e258
cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6
6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT
Expires: Sat, 03 Dec 2022 12:28:29 GMT
Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6"
Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770755930d32b4f1-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
404c846bf9cbbe0ac7d69a1db047e258
cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6
6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT
Expires: Sat, 03 Dec 2022 12:28:29 GMT
Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6"
Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770755930e7bb527-OSL

arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous

31.169.51.140

200 OK

0 B

URL HTTP/1.1
arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous
IP
31.169.51.140:0
ASN
#50304 Blix Solutions AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true

arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous

31.169.51.140

200 OK

2.1 kB

URL HTTP/1.1
arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous
IP
31.169.51.140:0
ASN
#50304 Blix Solutions AS

File type
ASCII text, with very long lines (5774), with no line terminators
Size
2.1 kB (2114 bytes)
Hash
fe0d2046777bffcdf62cf81b73a6bc14
b2f64b5fe301bceb77864767c7847e2d594b548e
23fd6190610ad846e5a02bc487f55720036cbcc6cdc76c4371bf6f0d53a5c4fb

HTTP Headers

GET /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: undefined
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2114
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

gyldendal.germany-2.evergage.com/pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true

3.127.112.93

204 No Content

0 B

URL HTTP/2
gyldendal.germany-2.evergage.com/pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true
IP
3.127.112.93:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true HTTP/1.1
Host: gyldendal.germany-2.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 27 Nov 2022 02:11:38 GMT
set-cookie: AWSALB=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/
AWSALBCORS=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

gyldendal.germany-2.evergage.com/msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true

3.127.112.93

204 No Content

0 B

URL HTTP/2
gyldendal.germany-2.evergage.com/msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true
IP
3.127.112.93:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true HTTP/1.1
Host: gyldendal.germany-2.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 27 Nov 2022 02:11:38 GMT
set-cookie: AWSALB=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/
AWSALBCORS=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

wapi.lipscore.com/hit?api_key=6a2538253ca1d39fa2a02b28

151.101.86.217

200 OK

0 B

URL HTTP/2
wapi.lipscore.com/hit?api_key=6a2538253ca1d39fa2a02b28
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hit?api_key=6a2538253ca1d39fa2a02b28 HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1669515098.380212,VS0,VE0
access-control-allow-origin: https://www.ark.no
content-length: 0
X-Firefox-Spdy: h2

wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=

151.101.86.217

200 OK

8.4 kB

URL HTTP/2
wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (8414), with no line terminators
Size
8.4 kB (8414 bytes)
Hash
e8d8b9129babd714cca17d25abf71ad4
7f16913bb726daa1e041311b8a59afde1afeeb53
70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d

HTTP Headers

GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3
x-runtime: 0.019999
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 435586
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1128
x-timer: S1669515098.382350,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 8414
X-Firefox-Spdy: h2

wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=

151.101.86.217

200 OK

8.4 kB

URL HTTP/2
wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (8414), with no line terminators
Size
8.4 kB (8414 bytes)
Hash
e8d8b9129babd714cca17d25abf71ad4
7f16913bb726daa1e041311b8a59afde1afeeb53
70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d

HTTP Headers

GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3
x-runtime: 0.019999
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 435586
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1129
x-timer: S1669515098.383094,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 8414
X-Firefox-Spdy: h2

www.ark.no/availability/pdp?productCode=9780226543178

88.151.167.196

200

891 B

URL HTTP/1.1
www.ark.no/availability/pdp?productCode=9780226543178
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (2239)
Size
891 B (891 bytes)
Hash
2f4045c27a0414f6eb6d0850d0b07ae3
4260241f2f4823e436ffe4c3d80a612ab0610a40
0c6cf5aec64255cb7a68dd18fdd3d74fbdf8e17f0b57163d6a56cc51c4051c66

HTTP Headers

GET /availability/pdp?productCode=9780226543178 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
Expires: Sun, 27 Nov 2022 02:21:38 GMT
Cache-Control: max-age=600
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly

arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly

31.169.51.140

200 OK

0 B

URL HTTP/1.1
arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly
IP
31.169.51.140:0
ASN
#50304 Blix Solutions AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: PUT
Access-Control-Allow-Credentials: true

arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread

31.169.51.140

200 OK

0 B

URL HTTP/1.1
arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread
IP
31.169.51.140:0
ASN
#50304 Blix Solutions AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true

arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread

31.169.51.140

200 OK

112 B

URL HTTP/1.1
arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread
IP
31.169.51.140:0
ASN
#50304 Blix Solutions AS

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
bfecd897f0d45955aacbf3871470a55c
afe50e942444b4afd7f02ec661e2a57d8d1bfbd0
6daceca4f48edfe3ad59017d91d992780701c48ecd8ced756786dbe43672756c

HTTP Headers

GET /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/javascript
Content-Length: 112
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly

31.169.51.140

200 OK

644 B

URL HTTP/1.1
arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly
IP
31.169.51.140:0
ASN
#50304 Blix Solutions AS

File type
JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (2112), with no line terminators
Size
644 B (644 bytes)
Hash
1c746910a313ee5559492f412ed71a86
9c5963e7030054dddc78f23465215b026f5c794e
514d64a22455748eea207c4acda8e17829e42d70d62b6b02cc31d9c69d734df6

HTTP Headers

PUT /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Content-Type: text/plain;charset=UTF-8
Content-Length: 31
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/json
Content-Length: 644
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

www.ark.no/_ui/responsive/common/images/vipps-hurtigkasse.png

88.151.167.196

200

28 kB

URL HTTP/1.1
www.ark.no/_ui/responsive/common/images/vipps-hurtigkasse.png
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
PNG image data, 1507 x 200, 8-bit/color RGBA, interlaced\012- data
Size
28 kB (28119 bytes)
Hash
20763c896b5e9d795b71ab8282e5060f
335fa1f43ef3427bbf77eb8ae6730d8f647c8e03
c9c6c68525f916981a25c4b1b58625d5c56e62a3c16f038f85a8cff9cbec0a32

HTTP Headers

GET /_ui/responsive/common/images/vipps-hurtigkasse.png HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: image/png;charset=UTF-8
Content-Length: 28119
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"28119-1668634529048"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:38 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly

www.ark.no/boker/productCacheSensitiveDetails?productCode=9780226543178

88.151.167.196

200

634 B

URL HTTP/1.1
www.ark.no/boker/productCacheSensitiveDetails?productCode=9780226543178
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
JSON data\012- , ASCII text, with very long lines (1334), with no line terminators
Size
634 B (634 bytes)
Hash
c5bec405abedb3d6a9c7c8df26281569
1eab051eee859cdab002e34dc0cd3b97e379b185
3a6936dafa790349fe3ab4f1fc781e8f189f9fa242357a41297ac8323c4c2985

HTTP Headers

GET /boker/productCacheSensitiveDetails?productCode=9780226543178 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly

wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no

151.101.86.217

200 OK

101 B

URL HTTP/2
wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with no line terminators
Size
101 B (101 bytes)
Hash
db7f725cadb8e5989af1f1d717404307
9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b
f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6

HTTP Headers

GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-pagination: {"reviews":{"total_pages":0,"page":1}}
content-type: application/json; charset=utf-8
x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f
x-runtime: 0.058221
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 0
x-served-by: cache-bma1632-BMA
x-cache: MISS
x-cache-hits: 1
x-timer: S1669515098.414892,VS0,VE107
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 101
X-Firefox-Spdy: h2

wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no

151.101.86.217

200 OK

101 B

URL HTTP/2
wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no
IP
151.101.86.217:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with no line terminators
Size
101 B (101 bytes)
Hash
db7f725cadb8e5989af1f1d717404307
9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b
f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6

HTTP Headers

GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-pagination: {"reviews":{"total_pages":0,"page":1}}
content-type: application/json; charset=utf-8
x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f
x-runtime: 0.058221
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 0
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669515098.423636,VS0,VE99
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 101
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-7BNLJ6Y01L&gtm=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-7BNLJ6Y01L&gtm=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7BNLJ6Y01L&gtm=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.ark.no
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.ark.no/wro/ark_responsive.js?_=1669213137557

88.151.167.196

200

472 B

URL HTTP/1.1
www.ark.no/wro/ark_responsive.js?_=1669213137557
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type
data
Size
472 B (472 bytes)
Hash
a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

HTTP Headers

GET /wro/ark_responsive.js?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 23 Nov 2023 14:21:24 GMT
last-modified: Wed, 23 Nov 2022 14:21:24 GMT
ETag: W/"2e0c6775a011b33b6c684f176933cc6b57d3e4b7"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310

142.251.1.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.ark.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

x.klarnacdn.net/kp/lib/v1/api.js

54.230.111.46

200 OK

0 B

URL HTTP/2
x.klarnacdn.net/kp/lib/v1/api.js
IP
54.230.111.46:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kp/lib/v1/api.js HTTP/1.1
Host: x.klarnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Nov 2022 12:01:20 GMT
x-amz-meta-lib-version: v1.10.0-1307-g5f8bf053
x-amz-meta-app-version: v1.0.0-23020-g6893d6d595
x-amz-version-id: zF1d_PccBEnyMwLtOFNVYxlIfvx1vlpl
server: AmazonS3
content-encoding: gzip
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: public, max-age=600
etag: W/"11c28d9a39da58009bb1e1baab3047f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fGRxqZ6iMeEom5RTw6k0sQktTm6CO1IAxHveYg_keRfhUqlhjvchRQ==
X-Firefox-Spdy: h2

www.ark.no/static/header-search.min.js

88.151.167.196

200 OK

0 B

URL HTTP/1.1
www.ark.no/static/header-search.min.js
IP
88.151.167.196:0
ASN
#41729 Atea AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/header-search.min.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Date: Sun, 27 Nov 2022 02:11:37 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"622bb-184a253d590"
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

www.googletagmanager.com/gtm.js?id=GTM-P3ZPLL

142.250.74.168

200 OK

0 B

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P3ZPLL
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gtm.js?id=GTM-P3ZPLL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 02:11:37 GMT
expires: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 02:11:37 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (73)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations