r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4833
Expires: Sun, 27 Nov 2022 03:32:05 GMT
Date: Sun, 27 Nov 2022 02:11:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3697
Cache-Control: max-age=120073
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:32 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:32:45 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11809
Expires: Sun, 27 Nov 2022 05:28:21 GMT
Date: Sun, 27 Nov 2022 02:11:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 01:19:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3133
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EVICdxF63kFmunFF0xxvSmv5geUcJYKWX4NQ/nfmUQJ4NdaR3etpxScGFVj3PC9BKvZ7y9aBFaw=
x-amz-request-id: QDJZY7V2390WQ6DV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 01:44:27 GMT
age: 1625
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 02:11:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn
74.206.228.78302 Moved Temporarily 145 B URL HTTP/1.1 uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn
IP 74.206.228.78:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bfe2c1d1b36c62666ce9ba537d324bd4
4d52a7c6d2909a506a4e81559eb24e8af077c741
5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8
Analyzer Verdict Alert fortinet Malware
GET /fzn HTTP/1.1
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:32 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
74.206.228.78200 OK 249 B URL HTTP/1.1 uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
IP 74.206.228.78:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0b9d0491305b5be261051b77b77bbd5f
e62f1b10b390e6a92b1af6d763889e8c9719b0bd
6c98980d917ee292e56b34d23c756c1c4488c19174f189ddef527a24f4145e32
GET / HTTP/1.1
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:32 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 02:08:54 GMT
cache-control: public,max-age=3600
age: 159
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
uk.userwww.pcukhgdn8yr.firedmeupppzs.com/favicon.ico
74.206.228.78404 Not Found 114 B URL HTTP/1.1 uk.userwww.pcukhgdn8yr.firedmeupppzs.com/favicon.ico
IP 74.206.228.78:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 021ffd3b4e081732edb9f2fa096e8ef2
4b0c71d74bf395719f8f91e4903609e37b513046
71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c
GET /favicon.ico HTTP/1.1
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4264
Cache-Control: max-age=115582
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:33 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:17:55 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.142.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.142.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vAQjSA5Mb7dABT0R8Uvy1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lnaZkoMIPOztdATHHyS3kDDojP4=
firedmeupppzs.com/
173.239.5.6200 OK 180 B IP 173.239.5.6:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 008364e5525fa0b45b4c30b2033bbaa3
8063387c0363da6654175c03cc0efd6316d55ff4
75ccd9a310cefb1aa3c0db6c456543c5bd4e5fa6275ca587a6c8aced01b5f281
POST / HTTP/1.1
Host: firedmeupppzs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com
Connection: keep-alive
Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 27 Nov 2022 02:11:33 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MSwidHMiOjE2Njk1MTUwOTMsImhhc2giOiIwNDc5ZWNiYyJ9;Expires=Sun, 27-Nov-2022 03:11:33 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip
q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae
178.162.151.164200 OK 170 B URL HTTP/1.1 q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae
IP 178.162.151.164:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 21d72f42feb4f0c92910583f72350a59
7d3444f9a1db6a7acbdab21e9632c6ca9e433057
28e1d374a220029cf5d5938071d2278080631cef09fe5b2dd33256396d2c74f1
GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae HTTP/1.1
Host: q3.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firedmeupppzs.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 02:11:33 GMT
server: nginx
q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1
178.162.151.164302 Found 11 B URL HTTP/1.1 q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1
IP 178.162.151.164:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1 HTTP/1.1
Host: q3.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 27 Nov 2022 02:11:33 GMT
location: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
server: nginx
btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
192.99.158.241200 OK 5.5 kB URL HTTP/1.1 btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash e02c7857263c70577be459cd78d79458
85117831d9dc8ab92b95ccd12d2c1b6cd72160f7
ddd86ffb491931e3de71184007ebe3be0bd84ff393a818245bb5244da78e31db
GET /click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 27 Nov 2022 02:11:33 GMT
Content-Length: 5470
btpnav.com/Redirect/
192.99.158.241302 Found 270 B IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 69875c76217d69b9210ecd80864c5a3f
5b0cf9e3a60b3748686c090e2bf9a74fc053556c
ddb521ea96acd51e0d3df6542e974e521a7fc5b0e14fb6440e4e79e4905b736e
POST /Redirect/ HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 358
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 27 Nov 2022 02:11:34 GMT
Content-Length: 270
dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
3.212.50.125200 1.1 kB URL HTTP/1.1 dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 91783059f1fe33914c6ce244a2e69e14
4732fdd7686ac6d51020c5a1539a06d896a7b723
84bd2178481065323dee44da690db2921363efe10c362883536f2b4e86f18143
GET /zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 27 Nov 2022 02:11:34 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: kXipAYyj
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6328cb630204883d77babc9922075f1
e440f7b94b53b6e7880b26f9653b1b266aae0190
b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8584
x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCKAsGTDIAMFa1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yeEzjiU_qN75issum4uP2zFM3C-DlSfIm728WgTPLvfvUmT0fWf-lA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:02:07 GMT
age: 14967
etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 1486
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:41:41 GMT
age: 34193
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 15597
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 15686
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 35774
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dipaka-ead.com/zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.212.50.125200 350 B URL HTTP/1.1 dipaka-ead.com/zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d095ed6846f98f495edf201231f48a9f
927469eb6400d68d93c73abac2048e43c0a36f2c
88a7a57b8904544a9bd9b6e165ab2884bdc4ff112fd452af211b3447bda73e34
GET /zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 27 Nov 2022 02:11:35 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: QOmeMSPK
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1673b0486c9be61bd85835b847b21e01
f27163859dd9db5043c4b1a67f7156112032d722
410eb00e90a31db5fcbfbe2dd46eac00f7c4423f39b124b5f313fc2576444e0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "410EB00E90A31DB5FCBFBE2DD46EAC00F7C4423F39B124B5F313FC2576444E0B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1418
Expires: Sun, 27 Nov 2022 02:35:13 GMT
Date: Sun, 27 Nov 2022 02:11:35 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4
78.46.197.88200 OK 343 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (343), with no line terminators
Hash be29a96690d7c112bd1cdf10b8c12cf0
bb43c5f0196d76faa94def56c0ddad270189135b
cb4473dd7f16b3b1d00315cf2b5207271b53593b9f3b2c8ccad3ef239d7df417
GET /s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: fde7d8409902205b0ea4c877b43ca40b=f819c981f8d4a4fc68abc2833b2998e329ea2393fb2c7bb5cfdd73e997a8f952a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22fde7d8409902205b0ea4c877b43ca40b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 343
content-type: text/html; charset=UTF-8
date: Sun, 27 Nov 2022 02:11:35 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2fc5d0e264068b334c44f627b7581cb0
b13ae71a3e2727587f2b2b212ced135feb6703e0
748d34be18b9cd25ddb8f887e7de9e7aed70ce8501962796ebc302ae9075ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "748D34BE18B9CD25DDB8F887E7DE9E7AED70CE8501962796EBC302AE9075EC91"
Last-Modified: Sat, 26 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17875
Expires: Sun, 27 Nov 2022 07:09:30 GMT
Date: Sun, 27 Nov 2022 02:11:35 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf
5.9.110.29200 OK 939 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Hash c1234b292029f73930b3c268fb278c4d
7ee9df2b0fe1a956ce300adeba8cdb3199f726cf
48a4a0112b6901c8412c8841e111a6b5222d318c7e227b6cbd2caa15820b0b4c
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:35 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397
5.9.110.29200 OK 867 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Hash 4e55a087a564aa24d050f8ce32ec31b0
fbe2770fad8aa2da1a98652d06e2cc8c0e8fcdce
71e6352f0fb5f404cb68e1ce1b36f13034d42d389d624773b3b1dfa8de36b041
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:35 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 204b24e9ac60abc06a19386cb6571322
dd66f37e6d236ee6b0f7c9b54ef64c715da2942b
bb6992d0c6858671c529cfc4dc5d7368f7dac927e3ebed6a402812a007b665d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB6992D0C6858671C529CFC4DC5D7368F7DAC927E3EBED6A402812A007B665D9"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7604
Expires: Sun, 27 Nov 2022 04:18:20 GMT
Date: Sun, 27 Nov 2022 02:11:36 GMT
Connection: keep-alive
api.yadore.com/v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9
88.99.112.2302 Found 0 B URL HTTP/2 api.yadore.com/v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9
IP 88.99.112.2:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 27 Nov 2022 02:11:36 GMT
location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
content-length: 0
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 42d19e502650716229ee612769e3fc14
2812ab691f84a638f5cbcdf16e7fc606c819acb1
c19862f9090eadde6ca024265a2fa6cb1def302c0d00473840738fe63a902fb5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4711
Cache-Control: max-age=146260
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "63824d45-1d7"
Expires: Mon, 28 Nov 2022 18:49:16 GMT
Last-Modified: Sat, 26 Nov 2022 17:30:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
95.211.116.27200 OK 33 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 9f0f3c96933a982fff2e2eadc8561311
2917b2f051a8bf34d0c992051b0419dc17eeadf9
bcf60ae146df44bd8729a0fef555f9779a6434dfdc58f152c7fce24b5aa8f9ec
GET /ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191
clickId: 107698111_1669515096213_5564741
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.01749S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 32670
Set-Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c626f-184b6dab095-1a421c; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
Request-Time: PT0.002804S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
Request-Time: PT0.001148S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=80
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.104200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.104:0
File type ASCII text, with very long lines (65432)
Hash 1e9601b9f2fcd0d1d742e87fd046749c
88431bfdad7d8be4cf62396a57aebcec0de09827
4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 43164
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 15:19:16 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront), 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
date: Sun, 27 Nov 2022 01:20:30 GMT
cache-control: max-age=3600, public
expires: Sun, 27 Nov 2022 02:19:58 GMT
etag: "33bf8-5edac1cc94a7f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: dkYLkd0Xpu5tIZdyjk5_J0oPF4Eu4YrMd-cDv_QfDhOIgabmsa6j_Q==
age: 3098
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.27403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Sun, 27 Nov 2022 02:11:36 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191
clickId: 107698111_1669515096213_5564741
country: no
Location: https://track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.014161S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=1IOcQZFmcEjZwPyQJ-HPW_dTenvKnz-8rKqxfyACqRx3_Gwi7NI0VlWy6hObFkMrDItN60SdtAaEbw1F04JXA9oZyGwAO2xR1dM5AI~zfDuE7-TTO3~ckKrsh39n1IqU; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=94
Connection: Keep-Alive
Content-Type: text/plain
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash aad2eb2715bd2f733f7f464d18820e81
f1c5ce4fb8c1b312d4a6ca6ccc0afdc9764de782
f46b45c4c5213add16b3696dff48ecae96c1f01d761dcc44e37641ef6784ae8c
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 01:51:17 GMT
Expires: Sat, 03 Dec 2022 01:51:16 GMT
Etag: "f1c5ce4fb8c1b312d4a6ca6ccc0afdc9764de782"
Cache-Control: max-age=602982,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1681
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7707558959f6b4f7-OSL
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 078b9e6c4a43b802b3509f943a136fd7
149c6045698afe5ac71fb9e58d235413d8fa428e
b298255fed758b4cbc6765ad14def8f2088806e1c1d54e72f2d4d8f54de68078
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1397
Cache-Control: max-age=163469
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "63829d70-1d7"
Expires: Mon, 28 Nov 2022 23:36:05 GMT
Last-Modified: Sat, 26 Nov 2022 23:12:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
api-js.datadome.co/js/
13.51.39.45200 OK 235 B IP 13.51.39.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d2610b8a4d3809168bc20cf07472f5df
fea34c527275b6b6f54cff82c071ec43e73ce8c4
e9da6c853de2c85d2c0ac4e37d2ffb2c15c0b8b03f425e141565f514f3ddc074
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4137
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 02:11:36 GMT
content-type: application/json;charset=utf-8
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178
13.49.53.120302 0 B URL HTTP/1.1 track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178
IP 13.49.53.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1
Host: track.adtraction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Cache-Control: no-cache
Access-Control-Allow-Origin: *
X-TraceId: 2cb9b664-3f06-493c-badf-fec36f6c2406
Set-Cookie: at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04; Max-Age=94608000; Path=/; Domain=track.adtraction.com; SameSite=None; Secure
Location: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Transfer-Encoding: chunked
Date: Sun, 27 Nov 2022 02:11:36 GMT
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b0417f7562764247b4a3ff9217831048
67c470b75d382380e82c12982a18a4d98a44404b
1051b3c6025a727cb596abbce26416175e04c001fd521f239349df01d4982e39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1510
Cache-Control: max-age=170808
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "6382b9aa-1d7"
Expires: Tue, 29 Nov 2022 01:38:24 GMT
Last-Modified: Sun, 27 Nov 2022 01:13:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
88.151.167.196200 35 kB URL HTTP/1.1 www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
IP 88.151.167.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (338), with CRLF, LF line terminators
Hash c1fa6666a3bbbf0c1981573470a3cb7f
3c38ac8a7dc5f7edee204525a6798f2f8d0052f1
f807d8749080fb2a629e80357151c7676198874b7dcd5cb568b72a76e13e8ce6
GET /boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:36 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
Cache-Control: public,max-age=10800, private
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sun, 27 Nov 2022 02:11:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ark.no/wro/ark_responsive.css?_=1669213137557
88.151.167.196200 352 kB URL HTTP/1.1 www.ark.no/wro/ark_responsive.css?_=1669213137557
IP 88.151.167.196:0
File type ASCII text, with very long lines (11679)
Size 352 kB (351503 bytes)
Hash f0afbbb4d6e93b760006379694d7da13
122ea0da8b680eed0896699238a0307efe347bef
8ca68813ddfdba5be43a7357cbbe1b5a0bd66ade327a0bff6126273b174b1771
GET /wro/ark_responsive.css?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:36 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 22:11:36 GMT
last-modified: Wed, 16 Nov 2022 22:11:36 GMT
ETag: W/"1dfaaa8129ec8bbbd3deb8cf9c689a583683470"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly
www.ark.no/wro/addons_responsive.css?_=1669213137557
88.151.167.196200 12 kB URL HTTP/1.1 www.ark.no/wro/addons_responsive.css?_=1669213137557
IP 88.151.167.196:0
File type Unicode text, UTF-8 text, with very long lines (11140)
Hash 216f08b4ee6d77be2b4c3a56c2ee5451
c1ec92884e985e9557d3f031e34618fd0c6c354e
8d161b1a9434d6c394ff7e15c7534f651c0e0ae75738655c9bf4eac076397512
GET /wro/addons_responsive.css?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 21:57:54 GMT
last-modified: Wed, 16 Nov 2022 21:57:54 GMT
ETag: W/"1ac4f62a4e595c7683f2f4fa6d13255372a39192"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
use.typekit.net/vgu7prb.css
23.36.76.186200 OK 748 B URL HTTP/2 use.typekit.net/vgu7prb.css
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 3453162d92bf8b997d346882fde33714
20cc0e9deece4903bf48252409be7f8e37efd3a3
d057627e92229d3b57763859da0b6d3f6f8457b7db60d223279d228ff7b83a6c
GET /vgu7prb.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 748
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2
www.ark.no/_ui/responsive/common/js/before-dom-ready.js?_=1669213137557
88.151.167.196200 960 B URL HTTP/1.1 www.ark.no/_ui/responsive/common/js/before-dom-ready.js?_=1669213137557
IP 88.151.167.196:0
Hash 07cec007e266c0dde7d13b1ea4f12ee5
f36ebc5c3d6fc6b63f0855e354387b91d376b586
7f80dce27a7e5eeb3be2fd88e807c6a6fe7ca8df4f14d2304e80cd130d50653f
GET /_ui/responsive/common/js/before-dom-ready.js?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"4185-1668634529010"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/_ui/shared/js/generatedVariables.js
88.151.167.196200 272 B URL HTTP/1.1 www.ark.no/_ui/shared/js/generatedVariables.js
IP 88.151.167.196:0
Hash 2509fe5a4bc5022a5f08b29a8dc7bf56
ae1575c0593c35fa10ef1f38d7fc3ca87bc87326
ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840
GET /_ui/shared/js/generatedVariables.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 272
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"272-1668636399382"
Last-Modified: Wed, 16 Nov 2022 22:06:39 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
p.typekit.net/p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css
23.36.76.186200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2
www.ark.no/_ui/shared/js/analyticsmediator.js
88.151.167.196200 406 B URL HTTP/1.1 www.ark.no/_ui/shared/js/analyticsmediator.js
IP 88.151.167.196:0
Hash e9e6515b6d0a979b3cbf1585f5ea8593
019dc45c7d9a25f12a0fd2e55e971f9d91d6923a
dce57ddbe6ab1cfbdefd5958949d3a18011279c9819651401327c26cf353884b
GET /_ui/shared/js/analyticsmediator.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1099-1668635653873"
Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/user-data/javascript-variables.js
88.151.167.196200 679 B URL HTTP/1.1 www.ark.no/user-data/javascript-variables.js
IP 88.151.167.196:0
Hash 620dfe83ec2c047894b01ad5b875d645
0babf60bb7fbf0e2d7f19d96727d1e73d799fc95
f31749f6a4d1bcdfa6af2f9e32c5b5d504229adfc0d291304b6168d8c51b1670
GET /user-data/javascript-variables.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
X-Frame-Options: ALLOWALL
Set-Cookie: JSESSIONID=78CDF310434080ECB99E837A8FC279D5; Path=/; Secure; HttpOnly
anonymous-consents=%5B%5D; Max-Age=31536000; Expires=Mon, 27-Nov-2023 02:11:37 GMT; Path=/; Secure; HttpOnly
cookie-notification=NOT_ACCEPTED; Max-Age=360000000; Expires=Mon, 24-Apr-2034 18:11:37 GMT; Path=/; Secure
SRVID=P1; path=/; HttpOnly; Secure
NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: application/javascript;charset=UTF-8
Content-Language: no
Content-Length: 679
Date: Sun, 27 Nov 2022 02:11:36 GMT
www.ark.no/static/header-search.min.css
88.151.167.196200 OK 11 kB URL HTTP/1.1 www.ark.no/static/header-search.min.css
IP 88.151.167.196:0
File type Unicode text, UTF-8 text, with very long lines (59370)
Hash b374aa6d5ab506a81b333b6a1ac5c959
5a53ec11595b533e6e6a4cf511d1d242042032f5
b574fd83f0380206cffb01cad4beed9591d3daa178c58e3df2eb6fc64062c760
GET /static/header-search.min.css HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
Date: Sun, 27 Nov 2022 02:11:37 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"e7ec-184a253d590"
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.evgnet.com/beacon/gyldendal/ark_production/scripts/evergage.min.js
151.101.128.114200 OK 50 kB URL HTTP/2 cdn.evgnet.com/beacon/gyldendal/ark_production/scripts/evergage.min.js
IP 151.101.128.114:0
File type ASCII text, with very long lines (594)
Hash 39bc0ec486db4097b88063bbf18a0a65
14fb3dd0ff72962bb028dcbc83f22c1acc9f77be
7fd56328f62e0516c09fe7691225f80baa44fbd46019224172d9a932bc6bcbc5
GET /beacon/gyldendal/ark_production/scripts/evergage.min.js HTTP/1.1
Host: cdn.evgnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: faPkUFcnsvGPsNBBeMYEalTXsNaKZdlfdm26+FltH/351NHnj8baSZR4Vx40VSYsvribpgjGB6I=
x-amz-request-id: S19JP7RQBXGHVSQ2
x-amz-replication-status: COMPLETED
last-modified: Sat, 26 Nov 2022 07:43:47 GMT
etag: "39bc0ec486db4097b88063bbf18a0a65"
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 16
x-amz-meta-evergage-sum: 96f2de31f3cfc41ead0a6c913ccf85ed130d951a
x-amz-version-id: SjR9IpUexr7lbUtSMflzvSYqFoiv8nqV
content-type: application/javascript; charset=utf-8
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:37 GMT
age: 114
x-served-by: cache-iad-kiad7000038-IAD, cache-bma1648-BMA
x-cache: HIT, HIT
x-cache-hits: 50, 1
x-timer: S1669515097.111552,VS0,VE2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 50013
X-Firefox-Spdy: h2
www.ark.no/medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ
88.151.167.196200 833 B URL HTTP/1.1 www.ark.no/medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (505)
Hash a65a28e2ad19b9e91ca93072bfbe63b8
6da5492a8ef70f757684e6d8c7fdf5465f8e8ef5
651edc2a0abc01a83a06cc633c50f8513fd2c6f89bf3f48f1dc141dfb3bd1bde
GET /medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/wro/addons_responsive.js?_=1669213137557
88.151.167.196200 55 kB URL HTTP/1.1 www.ark.no/wro/addons_responsive.js?_=1669213137557
IP 88.151.167.196:0
File type Unicode text, UTF-8 text, with very long lines (11839)
Hash 2db791df263b17f02f3f8fc8f06f4337
ada8a25364bcc1b1599ab300210b4aa47eca4f0b
9da5304bd17271e262e1035f642e811db52dedf663ca9350cf221afe1ff368b5
GET /wro/addons_responsive.js?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 22:11:36 GMT
last-modified: Wed, 16 Nov 2022 22:11:36 GMT
ETag: W/"a38ffc581f14c7c21274979251d7750c976f8bc3"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE
88.151.167.196200 1.1 kB URL HTTP/1.1 www.ark.no/medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Hash 0a85c6a1e5c3ffbc071617fbd9ac913a
2de167bf33e1c83bcc6a2d3d4edd56db38edc7a0
63d0ff4f0676641152de7bf3b26d17331570e705a592d1baa207becfb0db8287
GET /medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM
88.151.167.196200 713 B URL HTTP/1.1 www.ark.no/medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (607)
Hash 59bea278cf46189e717d7c8d24532688
c322abc6e6291e5ce89103324935099ed4d22659
2bf262cf6bd9b866c2c7a363ca13d02b50c1c5ef10f90e945794b41cf68a0311
GET /medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/_ui/responsive/common/images/novicell/exchange.svg
88.151.167.196200 821 B URL HTTP/1.1 www.ark.no/_ui/responsive/common/images/novicell/exchange.svg
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (637)
Hash cfa6637ae45a37a2696c599217b51100
8e40845ea27fac927c1a0ffebee688b07a0511db
5ffc92b06847b5911df0f94bfd3dde0a6ec7adc1f46226e679e5f3d78ca0fe40
GET /_ui/responsive/common/images/novicell/exchange.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"2002-1668634529039"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ark.no/medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw
88.151.167.196200 5.4 kB URL HTTP/1.1 www.ark.no/medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw
IP 88.151.167.196:0
File type PNG image data, 84 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 694117356cff0567f422a7151b0bef89
cff747b3405329e61434661350b787eb78974bc5
5b4539a78df44e55a07e737bcbb2b3c4f0e991c1e94eb5eba68cd039a9ad73ab
GET /medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/png
Content-Length: 5375
X-Frame-Options: ALLOWALL
ETag: c9090923bba9332b51b1e7fd3123786a
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
static.lipscore.com/assets/no/lipscore-v1.js
54.230.111.8200 OK 69 kB URL HTTP/1.1 static.lipscore.com/assets/no/lipscore-v1.js
IP 54.230.111.8:0
File type ASCII text, with very long lines (589)
Hash 97e709db0efc7e4edcf01c2a116c6e10
7509e2a1739bb8bf0d1b43942128a760f4c7e918
9736aad14a6b6460b71f0cbdc9d1f0035cd4c8947029b788450afcf35376a92e
GET /assets/no/lipscore-v1.js HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 69216
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 09:21:17 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 26 Nov 2022 09:42:00 GMT
ETag: "97e709db0efc7e4edcf01c2a116c6e10"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8eaZjazjSEBxBKD1Nsf-32u_ZT-IdQ5yj-TF0D0nzw9k-36zVcSROQ==
Age: 59378
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 51fae185a90e21e2aad28dae22e6e206
ecc25e2aeda71bf2c549b67fe3564b0764f235d8
affc28e0f7113182ca099f5b442fc29e7cece3560ed5dfa34049463f8b28fd5e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "638282c1-1d7"
Last-Modified: Sun, 27 Nov 2022 01:39:14 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iz3vM4Cl2NcPIkwE7VOpRcEPF4GXJYUfR8CcOnW8SHvnoJs8suQqKg==
Age: 1943
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ark.no/_ui/responsive/common/images/novicell/icons2.svg
88.151.167.196200 4.9 kB URL HTTP/1.1 www.ark.no/_ui/responsive/common/images/novicell/icons2.svg
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (1330)
Hash 70c1bf2e0f79bc0aa4d4db691f9bc7a3
495e5325437a26f559639c130907738b814636b6
748803c439e7801084d8c6e89068513dcd62c1fa40b7efa6d2f638d2a61d2ff3
GET /_ui/responsive/common/images/novicell/icons2.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"13291-1668636417977"
Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/_ui/responsive/common/images/basket.svg
88.151.167.196200 594 B URL HTTP/1.1 www.ark.no/_ui/responsive/common/images/basket.svg
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1585)
Hash 9138a81597c7a7be51c2c04a23f55d48
e38874fa64494f77be7bedfafd07ec8e6a597cd4
797706ae7c9eaf6990b12849249aa0315b75183818d7a5f0a7b5e1b9a18c8ce8
GET /_ui/responsive/common/images/basket.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1586-1668636417967"
Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.ark.no/_ui/responsive/common/images/login.svg
88.151.167.196200 248 B URL HTTP/1.1 www.ark.no/_ui/responsive/common/images/login.svg
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (315), with no line terminators
Hash e65002a0979088d966fe62fa04ad8546
4944836607208694e22e687730313c8b7c581575
bef4b9504593faecec695ea3116301541c0dc1eb6b416c2975efae0db63bc525
GET /_ui/responsive/common/images/login.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
ntCoent-Length: 315
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"315-1668635653863"
Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Content-Encoding: gzip
Content-Length: 248
www.ark.no/_ui/responsive/common/images/heart.svg
88.151.167.196200 485 B URL HTTP/1.1 www.ark.no/_ui/responsive/common/images/heart.svg
IP 88.151.167.196:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810), with no line terminators
Hash bf6c87810144048478a4af1e7036172e
1df92e763e945e02c10a65ab7ff4dd2d2a8326b8
3db00c85a23dc9c933ba41c66ea40b54a117378940f2f50ed07e4c1e8e85e358
GET /_ui/responsive/common/images/heart.svg HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/svg+xml;charset=UTF-8
ntCoent-Length: 810
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"810-1668634529034"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Content-Encoding: gzip
Content-Length: 485
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ce06bb900fc5b1f7fc3714d1540a99be
603ba95c950a10f70dcaa634512e3058c6852e2b
e4eeb595763dca3a9e7866f1ea60fdb43c68718066023c54cebfe08de82934bf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113180
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "6381d450-1d7"
Expires: Mon, 28 Nov 2022 09:37:57 GMT
Last-Modified: Sat, 26 Nov 2022 08:54:40 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 56noltW0rS3jWEaFECUOzyjtMwofkuF6XWdi8LZUBujsHudKzOtc6A==
Age: 2597
arkcms.s3-eu-west-1.amazonaws.com/2020/click_and_collect_icon_pdp.png
52.218.88.224200 OK 579 B URL HTTP/1.1 arkcms.s3-eu-west-1.amazonaws.com/2020/click_and_collect_icon_pdp.png
IP 52.218.88.224:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ae12c3709e57f42d625e8c0e5bbd65ff
4da0f6b488bce010ef84fb38a488814ba8b41cc2
6aaec1fe9381c3deb009111c81a4e4c599b1b3fdbb346ab0412c850d00b82603
GET /2020/click_and_collect_icon_pdp.png HTTP/1.1
Host: arkcms.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: R5xHVfc6Jmit1KfUYFZDKEerCXW7fJwV911TLdLTGNNPMGhd/Vj7tENvunndd3l+PNQQ9XvDhKM=
x-amz-request-id: WM1JG975W1K2M8ME
Date: Sun, 27 Nov 2022 02:11:38 GMT
Last-Modified: Wed, 09 Dec 2020 10:28:47 GMT
ETag: "ae12c3709e57f42d625e8c0e5bbd65ff"
x-amz-meta-cb-modifiedtime: Wed, 09 Dec 2020 10:28:18 GMT
x-amz-version-id: rcTJgyMvadfkuGRJwZxwntujgFgIeUke
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 579
static.lipscore.com/assets/lipscore-v1.css
54.230.111.8200 OK 12 kB URL HTTP/1.1 static.lipscore.com/assets/lipscore-v1.css
IP 54.230.111.8:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ad324c13384f3748c4d121fab666b608
de2833b8d80bd2ca7b1a077086e803fa9f947cc5
7597379ecb627246ef4309081cce9d17780443654ffe9270a33448189e4dfdfb
GET /assets/lipscore-v1.css HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 11566
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 09:19:44 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 26 Nov 2022 09:42:01 GMT
ETag: "ad324c13384f3748c4d121fab666b608"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IhLbntTrKMJxZuRFSdf7HNaWtTRcYuXuBgHSSHik6PXRd0bwW78o3Q==
Age: 59377
www.ark.no/_ui/responsive/common/images/spinner.gif
88.151.167.196200 1.1 kB URL HTTP/1.1 www.ark.no/_ui/responsive/common/images/spinner.gif
IP 88.151.167.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 5ce7976b7df2fc004edd0514e74c912f
8e274e6894bfa048d740598ad9dc347c843b53e8
cc059971515e77a7ff8e6771b1bfdf11c39370ad399c85ae151e620f79ff6ea1
GET /_ui/responsive/common/images/spinner.gif HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1101
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1101-1668634529044"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
use.typekit.net/af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3
23.36.76.186200 OK 24 kB URL HTTP/2 use.typekit.net/af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24224, version 1.0\012- data
Hash f005bbf156a8b3f0d2a3f617decb7504
22df422ea62af0cbe56d87697fa73ed43753c2ba
ef02debd597b2a650c8e3657bf87d2d0ac2c6cdd10cf5c074eaff5eae53fafb2
GET /af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24224
etag: "e8db8b219fe0e512ab6df6bb665cccbe9558a4d8"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2
d2df291ti5v5sq.cloudfront.net/rc/35408/scripts/s.js
54.230.111.49200 OK 17 B URL HTTP/2 d2df291ti5v5sq.cloudfront.net/rc/35408/scripts/s.js
IP 54.230.111.49:0
File type ASCII text, with no line terminators
Hash a33a21825ee0bbfbd37c7f17465ee58b
0a1cea8a83e1df552650c210cc03ec629839dc1a
0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f
GET /rc/35408/scripts/s.js HTTP/1.1
Host: d2df291ti5v5sq.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 17
date: Sat, 26 Nov 2022 02:21:01 GMT
last-modified: Tue, 04 Oct 2022 12:17:09 GMT
etag: "a33a21825ee0bbfbd37c7f17465ee58b"
x-amz-meta-version: -1
x-amz-meta-previous: rc/35408/scripts/s-1664885824.js
x-amz-meta-blankedout: true
x-amz-meta-deployeddate: 2022-10-04 12:17:04
x-amz-meta-invalidationid: I32KDJXI400N4D
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fok3Qj4e7WGRAf9HyzgkGwmZoT8g7R7kvwleuEAStNinI1O_BCNGfg==
age: 85837
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js
104.84.152.64200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js
IP 104.84.152.64:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash 696e11ea704a1a9043864196e1dd41ee
a322a1d9858541cb17a662d8267c1a86b91fc6c3
33a05733a663a3d87ea1275899038ec82a2824de58b8fd07f02c9852dbc56c43
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31705
cache-control: public, max-age=1131
expires: Sun, 27 Nov 2022 02:30:28 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash b967106f3fa216e144d901203204b3b8
e3e51dd036cc513690c8248c638bd71707548ee9
8d8650abacabb9cde08eabb6326ed35756090fa4d77d4d44060b73e6af31ae3d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154710
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "638271f1-1d7"
Expires: Mon, 28 Nov 2022 21:10:07 GMT
Last-Modified: Sat, 26 Nov 2022 20:07:13 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gmWJR-Tita-wP-QDHjjS_BrmTTE3uX9kKIs-LXp4IHVfTmL08s_grg==
Age: 3774
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Mon, 06 Nov 2023 16:03:34 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
consent.cookiebot.com/8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false
104.84.152.64200 OK 60 kB URL HTTP/2 consent.cookiebot.com/8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false
IP 104.84.152.64:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65499)
Hash 7436aa0eae55cff68d222f7c93841936
b23b07beca0a9cde7d3e882bcb55f5327f3ebb49
29c946240c2fb857034d9cf18349ba5efd809b6cca05b1763a7c0dcc790789e1
GET /8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Sun, 27 Nov 2022 02:11:37 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 59843
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2
gyldendal.germany-2.evergage.com/api2/event/ark_production
3.127.112.93200 OK 7.4 kB URL HTTP/2 gyldendal.germany-2.evergage.com/api2/event/ark_production
IP 3.127.112.93:0
Hash ff71b8cd337b2ba74a00f00736dfc378
727a3759c538f93f418d476be1d3b4f2a764b233
9ce193b71199392d1a0c946715dafff7e796c04b651ebb4ab1cff033d7f33cce
POST /api2/event/ark_production HTTP/1.1
Host: gyldendal.germany-2.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1818
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 02:11:37 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALB=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/
AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
access-control-allow-credentials: true
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
d81mfvml8p5ml.cloudfront.net/iged132l.js
143.204.42.86200 OK 0 B URL HTTP/2 d81mfvml8p5ml.cloudfront.net/iged132l.js
IP 143.204.42.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iged132l.js HTTP/1.1
Host: d81mfvml8p5ml.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 0
last-modified: Mon, 19 Aug 2019 10:24:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: max-age=600
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wmUo18jW6YiVixePFPQVyn3RzayLXaBqortCtBANAlE6917Sq0ZcGw==
age: 277
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 00:41:08 GMT
expires: Sun, 27 Nov 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 5429
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 425f07b8f307197c46e95ccff387c113
b1b40dc823e78f05088972064a4e7f51d0806cad
d0546bd03ec73e190f947699b0c10bf1a1f2b7c5610d1267456ca6fffbb584c0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159869
Date: Sun, 27 Nov 2022 02:11:38 GMT
Etag: "63828e0b-1d7"
Expires: Mon, 28 Nov 2022 22:36:07 GMT
Last-Modified: Sat, 26 Nov 2022 22:07:07 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zx6P2A-CHPR5TrFMf8bnwXUbnMXwb77v05P5KIcB1aI2sq_ABXtgHQ==
Age: 1740
dj4fsg3e1je59.cloudfront.net/9780226543178/img/0-S
143.204.42.104200 OK 18 kB URL HTTP/1.1 dj4fsg3e1je59.cloudfront.net/9780226543178/img/0-S
IP 143.204.42.104:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x180, components 3\012- data
Hash 475d683320e29259c5f56ffbeff6e312
d40bf2f373dc49dca5e5036fdd4e64885bab6889
6f8d7dff432d7c7ef0ca00c423217d57f27566645d30ac87ed98e2e005e70b21
GET /9780226543178/img/0-S HTTP/1.1
Host: dj4fsg3e1je59.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 18273
Connection: keep-alive
Date: Sun, 27 Nov 2022 02:11:39 GMT
Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT
ETag: "475d683320e29259c5f56ffbeff6e312"
Cache-Control: max-age=604800
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 94I5BaeFaVKMxpwEE-7KfxSmlRxV-MBlW5h63U2BAfnyOuNjXZLbOA==
dj4fsg3e1je59.cloudfront.net/9780226543178/img/0
143.204.42.104200 OK 130 kB URL HTTP/1.1 dj4fsg3e1je59.cloudfront.net/9780226543178/img/0
IP 143.204.42.104:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 426x640, components 3\012- data
Size 130 kB (129797 bytes)
Hash 5035c9db58868e24a8e20e1afa1cebdc
29daedbf86b1f2487ab3aa0c6fc32d88857c86e4
9d24d2a713c9b8c28dbfec01d2f3c81dd01278853d93e88830aee2a58aa9bdae
GET /9780226543178/img/0 HTTP/1.1
Host: dj4fsg3e1je59.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 129797
Connection: keep-alive
Date: Sun, 27 Nov 2022 02:11:39 GMT
Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT
ETag: "5035c9db58868e24a8e20e1afa1cebdc"
Cache-Control: max-age=604800
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iYElR33T0vz-gRxX1F6WgCdqotEHan5P9DCs9PAUMd0JoEmLgbiCmQ==
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 404c846bf9cbbe0ac7d69a1db047e258
cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6
6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT
Expires: Sat, 03 Dec 2022 12:28:29 GMT
Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6"
Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770755930d32b4f1-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 404c846bf9cbbe0ac7d69a1db047e258
cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6
6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT
Expires: Sat, 03 Dec 2022 12:28:29 GMT
Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6"
Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770755930e7bb527-OSL
arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous
31.169.51.140200 OK 0 B URL HTTP/1.1 arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous
IP 31.169.51.140:0
ASN #50304 Blix Solutions AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous
31.169.51.140200 OK 2.1 kB URL HTTP/1.1 arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark&euid=anonymous
IP 31.169.51.140:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (5774), with no line terminators
Hash fe0d2046777bffcdf62cf81b73a6bc14
b2f64b5fe301bceb77864767c7847e2d594b548e
23fd6190610ad846e5a02bc487f55720036cbcc6cdc76c4371bf6f0d53a5c4fb
GET /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: undefined
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2114
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
gyldendal.germany-2.evergage.com/pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true
3.127.112.93204 No Content 0 B URL HTTP/2 gyldendal.germany-2.evergage.com/pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true
IP 3.127.112.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true HTTP/1.1
Host: gyldendal.germany-2.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 02:11:38 GMT
set-cookie: AWSALB=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/
AWSALBCORS=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
gyldendal.germany-2.evergage.com/msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true
3.127.112.93204 No Content 0 B URL HTTP/2 gyldendal.germany-2.evergage.com/msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true
IP 3.127.112.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true HTTP/1.1
Host: gyldendal.germany-2.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 02:11:38 GMT
set-cookie: AWSALB=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/
AWSALBCORS=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
wapi.lipscore.com/hit?api_key=6a2538253ca1d39fa2a02b28
151.101.86.217200 OK 0 B URL HTTP/2 wapi.lipscore.com/hit?api_key=6a2538253ca1d39fa2a02b28
IP 151.101.86.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?api_key=6a2538253ca1d39fa2a02b28 HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1669515098.380212,VS0,VE0
access-control-allow-origin: https://www.ark.no
content-length: 0
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=
151.101.86.217200 OK 8.4 kB URL HTTP/2 wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with very long lines (8414), with no line terminators
Hash e8d8b9129babd714cca17d25abf71ad4
7f16913bb726daa1e041311b8a59afde1afeeb53
70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d
GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3
x-runtime: 0.019999
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 435586
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1128
x-timer: S1669515098.382350,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 8414
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=
151.101.86.217200 OK 8.4 kB URL HTTP/2 wapi.lipscore.com/initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang=
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with very long lines (8414), with no line terminators
Hash e8d8b9129babd714cca17d25abf71ad4
7f16913bb726daa1e041311b8a59afde1afeeb53
70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d
GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3
x-runtime: 0.019999
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 435586
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1129
x-timer: S1669515098.383094,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 8414
X-Firefox-Spdy: h2
www.ark.no/availability/pdp?productCode=9780226543178
88.151.167.196200 891 B URL HTTP/1.1 www.ark.no/availability/pdp?productCode=9780226543178
IP 88.151.167.196:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2239)
Hash 2f4045c27a0414f6eb6d0850d0b07ae3
4260241f2f4823e436ffe4c3d80a612ab0610a40
0c6cf5aec64255cb7a68dd18fdd3d74fbdf8e17f0b57163d6a56cc51c4051c66
GET /availability/pdp?productCode=9780226543178 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
Expires: Sun, 27 Nov 2022 02:21:38 GMT
Cache-Control: max-age=600
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly
arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly
31.169.51.140200 OK 0 B URL HTTP/1.1 arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly
IP 31.169.51.140:0
ASN #50304 Blix Solutions AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: PUT
Access-Control-Allow-Credentials: true
arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread
31.169.51.140200 OK 0 B URL HTTP/1.1 arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread
IP 31.169.51.140:0
ASN #50304 Blix Solutions AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread
31.169.51.140200 OK 112 B URL HTTP/1.1 arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonymous/9780226543178/webread
IP 31.169.51.140:0
ASN #50304 Blix Solutions AS
File type ASCII text, with no line terminators
Hash bfecd897f0d45955aacbf3871470a55c
afe50e942444b4afd7f02ec661e2a57d8d1bfbd0
6daceca4f48edfe3ad59017d91d992780701c48ecd8ced756786dbe43672756c
GET /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/javascript
Content-Length: 112
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly
31.169.51.140200 OK 644 B URL HTTP/1.1 arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly
IP 31.169.51.140:0
ASN #50304 Blix Solutions AS
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (2112), with no line terminators
Hash 1c746910a313ee5559492f412ed71a86
9c5963e7030054dddc78f23465215b026f5c794e
514d64a22455748eea207c4acda8e17829e42d70d62b6b02cc31d9c69d734df6
PUT /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1
Host: arkanbefaler.sannsyn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Content-Type: text/plain;charset=UTF-8
Content-Length: 31
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/json
Content-Length: 644
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.ark.no/_ui/responsive/common/images/vipps-hurtigkasse.png
88.151.167.196200 28 kB URL HTTP/1.1 www.ark.no/_ui/responsive/common/images/vipps-hurtigkasse.png
IP 88.151.167.196:0
File type PNG image data, 1507 x 200, 8-bit/color RGBA, interlaced\012- data
Hash 20763c896b5e9d795b71ab8282e5060f
335fa1f43ef3427bbf77eb8ae6730d8f647c8e03
c9c6c68525f916981a25c4b1b58625d5c56e62a3c16f038f85a8cff9cbec0a32
GET /_ui/responsive/common/images/vipps-hurtigkasse.png HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: image/png;charset=UTF-8
Content-Length: 28119
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"28119-1668634529048"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:38 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly
www.ark.no/boker/productCacheSensitiveDetails?productCode=9780226543178
88.151.167.196200 634 B URL HTTP/1.1 www.ark.no/boker/productCacheSensitiveDetails?productCode=9780226543178
IP 88.151.167.196:0
File type JSON data\012- , ASCII text, with very long lines (1334), with no line terminators
Hash c5bec405abedb3d6a9c7c8df26281569
1eab051eee859cdab002e34dc0cd3b97e379b185
3a6936dafa790349fe3ab4f1fc781e8f189f9fa242357a41297ac8323c4c2985
GET /boker/productCacheSensitiveDetails?productCode=9780226543178 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly
wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no
151.101.86.217200 OK 101 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash db7f725cadb8e5989af1f1d717404307
9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b
f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6
GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-pagination: {"reviews":{"total_pages":0,"page":1}}
content-type: application/json; charset=utf-8
x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f
x-runtime: 0.058221
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 0
x-served-by: cache-bma1632-BMA
x-cache: MISS
x-cache-hits: 1
x-timer: S1669515098.414892,VS0,VE107
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 101
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no
151.101.86.217200 OK 101 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash db7f725cadb8e5989af1f1d717404307
9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b
f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6
GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-pagination: {"reviews":{"total_pages":0,"page":1}}
content-type: application/json; charset=utf-8
x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f
x-runtime: 0.058221
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 0
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669515098.423636,VS0,VE99
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 101
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-7BNLJ6Y01L>m=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7BNLJ6Y01L>m=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7BNLJ6Y01L>m=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.ark.no
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ark.no/wro/ark_responsive.js?_=1669213137557
88.151.167.196200 472 B URL HTTP/1.1 www.ark.no/wro/ark_responsive.js?_=1669213137557
IP 88.151.167.196:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
GET /wro/ark_responsive.js?_=1669213137557 HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 23 Nov 2023 14:21:24 GMT
last-modified: Wed, 23 Nov 2022 14:21:24 GMT
ETag: W/"2e0c6775a011b33b6c684f176933cc6b57d3e4b7"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.ark.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
x.klarnacdn.net/kp/lib/v1/api.js
54.230.111.46200 OK 0 B URL HTTP/2 x.klarnacdn.net/kp/lib/v1/api.js
IP 54.230.111.46:0
GET /kp/lib/v1/api.js HTTP/1.1
Host: x.klarnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Nov 2022 12:01:20 GMT
x-amz-meta-lib-version: v1.10.0-1307-g5f8bf053
x-amz-meta-app-version: v1.0.0-23020-g6893d6d595
x-amz-version-id: zF1d_PccBEnyMwLtOFNVYxlIfvx1vlpl
server: AmazonS3
content-encoding: gzip
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: public, max-age=600
etag: W/"11c28d9a39da58009bb1e1baab3047f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fGRxqZ6iMeEom5RTw6k0sQktTm6CO1IAxHveYg_keRfhUqlhjvchRQ==
X-Firefox-Spdy: h2
www.ark.no/static/header-search.min.js
88.151.167.196200 OK 0 B URL HTTP/1.1 www.ark.no/static/header-search.min.js
IP 88.151.167.196:0
GET /static/header-search.min.js HTTP/1.1
Host: www.ark.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Date: Sun, 27 Nov 2022 02:11:37 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"622bb-184a253d590"
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
www.googletagmanager.com/gtm.js?id=GTM-P3ZPLL
142.250.74.168200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P3ZPLL
IP 142.250.74.168:0
GET /gtm.js?id=GTM-P3ZPLL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 02:11:37 GMT
expires: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 02:11:37 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2