urlquery - report: uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
arkanbefaler.sannsyn.com (6)	0	2021-01-25 09:27:13 UTC	2022-11-26 08:09:22 UTC	31.169.51.140	Unknown ranking
dipaka-ead.com (2)	0	2022-10-31 13:23:43 UTC	2022-11-26 11:54:09 UTC	3.212.50.125	Unknown ranking
clever-redirect.com (1)	0	2021-02-09 06:24:33 UTC	2022-11-25 20:30:33 UTC	78.46.197.88	Unknown ranking
api-js.datadome.co (1)	8155	2017-10-11 14:14:56 UTC	2020-04-28 12:56:58 UTC	13.51.39.45
d2df291ti5v5sq.cloudfront.net (1)	0	2022-11-25 11:13:38 UTC	2022-11-27 00:04:20 UTC	54.230.111.49	Unknown ranking
gyldendal.germany-2.evergage.com (3)	0	2021-10-21 03:42:10 UTC	2022-11-26 12:20:37 UTC	3.127.112.93	Domain (evergage.com) ranked at: 5016
ocsp.sectigo.com (2)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	104.18.32.68
use.typekit.net (2)	494	2012-07-05 01:42:39 UTC	2020-04-03 01:06:02 UTC	23.36.76.186
stats.g.doubleclick.net (1)	96	2013-06-10 20:21:11 UTC	2022-11-26 08:32:06 UTC	142.251.1.156
www.google.com (1)	7	2016-03-22 03:56:07 UTC	2022-11-26 09:58:02 UTC	142.250.74.164
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	35.162.142.194
q3.quotes.com (2)	0	2022-09-22 21:17:58 UTC	2022-11-25 03:54:45 UTC	178.162.151.164	Domain (quotes.com) ranked at: 251442
btpnav.com (2)	207578	2018-11-21 10:03:33 UTC	2022-11-26 05:49:07 UTC	192.99.158.241
no-go.kelkoogroup.net (5)	0	No data	No data	95.211.116.27	Domain (kelkoogroup.net) ranked at: 79339
p.typekit.net (1)	620	2012-05-23 14:28:57 UTC	2020-04-17 00:28:35 UTC	23.36.76.186
arkcms.s3-eu-west-1.amazonaws.com (1)	0	No data	No data	52.218.88.224	Unknown ranking
r3.o.lencr.org (8)	344	No data	No data	23.36.76.226
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
status.geotrust.com (1)	3662	2018-06-23 22:14:44 UTC	2020-01-21 11:48:52 UTC	93.184.220.29
www.ark.no (24)	359147	2012-06-22 09:16:45 UTC	2022-11-26 12:20:36 UTC	88.151.167.196
www.google-analytics.com (2)	40	2012-10-03 01:04:21 UTC	2022-11-26 11:34:11 UTC	142.250.74.174
dj4fsg3e1je59.cloudfront.net (2)	0	2017-02-20 23:16:22 UTC	2022-11-26 08:09:21 UTC	143.204.42.104	Unknown ranking
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-26 05:33:16 UTC	34.117.237.239
firedmeupppzs.com (1)	0	2018-06-16 07:03:50 UTC	2022-11-26 01:36:31 UTC	173.239.5.6	Unknown ranking
api.yadore.com (1)	591567	2019-01-11 04:50:54 UTC	2022-11-25 20:30:18 UTC	88.99.112.2
dd.kelkoogroup.net (1)	0	No data	No data	54.230.111.104	Domain (kelkoogroup.net) ranked at: 79339
static.lipscore.com (2)	483894	2015-01-29 15:18:57 UTC	2020-04-10 07:44:17 UTC	54.230.111.8
ocsp.sca1b.amazontrust.com (4)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.88
wapi.lipscore.com (5)	318267	2018-06-16 06:17:58 UTC	2020-05-05 04:45:05 UTC	151.101.86.217
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-11-26 08:39:14 UTC	216.239.32.36	Domain (google-analytics.com) ranked at: 8401
ocsp.digicert.com (3)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
lookandfind.me (2)	35702	2021-03-08 12:58:51 UTC	2022-11-25 20:30:18 UTC	5.9.110.29
ocsp.usertrust.com (1)	899	2012-05-21 15:43:18 UTC	2021-11-02 18:02:09 UTC	104.18.32.68
ocsp.pki.goog (10)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
cdn.evgnet.com (1)	5695	2017-08-31 07:06:40 UTC	2022-11-26 09:17:38 UTC	151.101.128.114
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-11-26 07:22:52 UTC	142.250.74.10
x.klarnacdn.net (1)	8025	2018-10-18 16:58:49 UTC	2020-05-05 14:42:40 UTC	54.230.111.46
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-11-26 11:26:18 UTC	142.250.74.168
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-26 05:33:20 UTC	34.102.187.140
uk.userwww.pcukhgdn8yr.firedmeupppzs.com (3)	0	2019-03-06 22:43:01 UTC	2022-11-27 01:12:54 UTC	74.206.228.78	Unknown ranking
track.adtraction.com (1)	515547	2013-09-27 09:04:50 UTC	2022-11-26 23:20:02 UTC	13.49.53.120
consentcdn.cookiebot.com (1)	5676	2018-08-24 08:23:12 UTC	2020-04-29 13:34:01 UTC	104.110.3.72
www.google.no (1)	25607	2016-04-05 19:50:59 UTC	2022-11-26 06:57:52 UTC	142.250.74.35
status.thawte.com (1)	5123	2019-03-13 17:00:46 UTC	2020-04-10 08:00:21 UTC	93.184.220.29
consent.cookiebot.com (2)	4972	2014-02-26 14:48:42 UTC	2020-04-13 13:32:03 UTC	104.84.152.64
d81mfvml8p5ml.cloudfront.net (1)	0	2022-10-28 14:49:01 UTC	2022-11-26 15:22:16 UTC	143.204.42.86	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-11-27	2	uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn	Malware

Date	UQ / IDS / BL	URL	IP
2023-02-05 09:12:36 +0000	0 - 1 - 3	productmusics.com/ru53332/AEKm6V6TUwAAtBECAFV (...)	173.239.8.164
2023-02-04 21:35:30 +0000	0 - 2 - 2	c1.applicationgrabb.com/?step_id=1&installer_ (...)	173.239.8.164
2023-02-04 02:56:33 +0000	0 - 1 - 3	mirrorlessconx.com/wp-includes/val/Validate/5 (...)	173.239.8.164
2023-02-03 22:10:08 +0000	0 - 2 - 1	c2.applicationgrabb.com/?step_id=1&installer_ (...)	173.239.8.164
2023-02-03 12:46:05 +0000	0 - 1 - 3	onlinenetflix-account101.com/Netflix_Letter1.zip	173.239.8.164

Date	UQ / IDS / BL	URL	IP
2023-02-05 10:32:54 +0000	0 - 1 - 4	solcidesemboisomesdejulio.com/	173.239.5.6
2023-02-05 09:12:36 +0000	0 - 1 - 3	productmusics.com/ru53332/AEKm6V6TUwAAtBECAFV (...)	173.239.8.164
2023-02-05 08:53:06 +0000	0 - 2 - 0	c1.applicationgrabb.com/?step_id=1&installer_ (...)	74.206.228.78
2023-02-05 05:50:16 +0000	0 - 1 - 1	verify.facebook.com-------mobile---read---new (...)	173.239.5.6
2023-02-05 01:10:28 +0000	0 - 2 - 1	c1.applicationgrabb.com/?step_id=1&installer_ (...)	173.239.5.6

Date	UQ / IDS / BL	URL	IP
2023-01-04 01:09:15 +0000	0 - 1 - 2	uk.userwww.pcukhgdn8yr.firedmeupppzs.com/hbb	74.206.228.78
2022-12-29 02:01:03 +0000	0 - 1 - 3	uk.userwww.pcukhgdn8yr.firedmeupppzs.com/it	173.239.8.164
2022-12-02 01:52:59 +0000	0 - 0 - 2	uk.userwww.pcukhgdn8yr.firedmeupppzs.com/557	173.239.5.6
2022-11-28 02:50:52 +0000	0 - 0 - 3	co.uk.userwww.pcukhgdn8yr.firedmeupppzs.com/pjj	173.239.5.6
2022-11-28 01:36:16 +0000	0 - 0 - 4	firedmeupppzs.com/index.html	173.239.8.164

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4833 Expires: Sun, 27 Nov 2022 03:32:05 GMT Date: Sun, 27 Nov 2022 02:11:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3697 Cache-Control: max-age=120073 Date: Sun, 27 Nov 2022 02:11:32 GMT Etag: "6381eaec-1d7" Expires: Mon, 28 Nov 2022 11:32:45 GMT Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15b59d5e62caedb4bec3ba6724906c1e Sha1: 960f801e608a56fdd11449f4face29f62cad2b21 Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11809 Expires: Sun, 27 Nov 2022 05:28:21 GMT Date: Sun, 27 Nov 2022 02:11:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 27 Nov 2022 01:19:19 GMT cache-control: public,max-age=3600 age: 3133 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 567df7db606cf5d0871aa5bc9311b6da Sha1: 4263faac7cbab2fcaf6661911dcad5091c06be17 Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: EVICdxF63kFmunFF0xxvSmv5geUcJYKWX4NQ/nfmUQJ4NdaR3etpxScGFVj3PC9BKvZ7y9aBFaw= x-amz-request-id: QDJZY7V2390WQ6DV content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 27 Nov 2022 01:44:27 GMT age: 1625 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 27 Nov 2022 02:11:32 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /fzn HTTP/1.1 Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn FQDN: uk.userwww.pcukhgdn8yr.firedmeupppzs.com IP: 74.206.228.78 HASH: 5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8 74.206.228.78 HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: nginx/1.18.0 Date: Sun, 27 Nov 2022 02:11:32 GMT Content-Length: 145 Connection: keep-alive Location: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 145 Md5: bfe2c1d1b36c62666ce9ba537d324bd4 Sha1: 4d52a7c6d2909a506a4e81559eb24e8af077c741 Sha256: 5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8 Alerts: Blocklists: - fortinet: Malware
GET / HTTP/1.1 Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: uk.userwww.pcukhgdn8yr.firedmeupppzs.com/ FQDN: uk.userwww.pcukhgdn8yr.firedmeupppzs.com IP: 74.206.228.78 HASH: 6c98980d917ee292e56b34d23c756c1c4488c19174f189ddef527a24f4145e32 74.206.228.78 HTTP/1.1 200 OK Content-Type: text/html;charset=utf-8 Server: nginx/1.18.0 Date: Sun, 27 Nov 2022 02:11:32 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 249 Md5: 0b9d0491305b5be261051b77b77bbd5f Sha1: e62f1b10b390e6a92b1af6d763889e8c9719b0bd Sha256: 6c98980d917ee292e56b34d23c756c1c4488c19174f189ddef527a24f4145e32
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 27 Nov 2022 02:08:54 GMT cache-control: public,max-age=3600 age: 159 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /favicon.ico HTTP/1.1 Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/	URL: uk.userwww.pcukhgdn8yr.firedmeupppzs.com/favicon.ico FQDN: uk.userwww.pcukhgdn8yr.firedmeupppzs.com IP: 74.206.228.78 HASH: 71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c 74.206.228.78 HTTP/1.1 404 Not Found Content-Type: text/html Server: nginx/1.18.0 Date: Sun, 27 Nov 2022 02:11:33 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 114 Md5: 021ffd3b4e081732edb9f2fa096e8ef2 Sha1: 4b0c71d74bf395719f8f91e4903609e37b513046 Sha256: 71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4264 Cache-Control: max-age=115582 Date: Sun, 27 Nov 2022 02:11:33 GMT Etag: "6381d72b-1d7" Expires: Mon, 28 Nov 2022 10:17:55 GMT Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d3df71aab146eefc49acb608796aab63 Sha1: 8401892995193919376dfcd798b09c8261579454 Sha256: a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: vAQjSA5Mb7dABT0R8Uvy1Q== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.162.142.194 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.162.142.194 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: lnaZkoMIPOztdATHHyS3kDDojP4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: firedmeupppzs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 12 Origin: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com Connection: keep-alive Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/ Upgrade-Insecure-Requests: 1	URL: firedmeupppzs.com/ FQDN: firedmeupppzs.com IP: 173.239.5.6 HASH: 75ccd9a310cefb1aa3c0db6c456543c5bd4e5fa6275ca587a6c8aced01b5f281 173.239.5.6 HTTP/1.1 200 OK Content-Type: text/html;charset=utf-8 Server: nginx/1.20.1 Date: Sun, 27 Nov 2022 02:11:33 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MSwidHMiOjE2Njk1MTUwOTMsImhhc2giOiIwNDc5ZWNiYyJ9;Expires=Sun, 27-Nov-2022 03:11:33 GMT;Max-Age=3600 Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 180 Md5: 008364e5525fa0b45b4c30b2033bbaa3 Sha1: 8063387c0363da6654175c03cc0efd6316d55ff4 Sha256: 75ccd9a310cefb1aa3c0db6c456543c5bd4e5fa6275ca587a6c8aced01b5f281
GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae HTTP/1.1 Host: q3.quotes.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://firedmeupppzs.com/ Upgrade-Insecure-Requests: 1	URL: q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae FQDN: q3.quotes.com IP: 178.162.151.164 HASH: 28e1d374a220029cf5d5938071d2278080631cef09fe5b2dd33256396d2c74f1 178.162.151.164 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 cache-control: max-age=0, private, must-revalidate connection: close content-length: 170 date: Sun, 27 Nov 2022 02:11:33 GMT server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators Size: 170 Md5: 21d72f42feb4f0c92910583f72350a59 Sha1: 7d3444f9a1db6a7acbdab21e9632c6ca9e433057 Sha256: 28e1d374a220029cf5d5938071d2278080631cef09fe5b2dd33256396d2c74f1
GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1 HTTP/1.1 Host: q3.quotes.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: q3.quotes.com/d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1 FQDN: q3.quotes.com IP: 178.162.151.164 HASH: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 178.162.151.164 HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Sun, 27 Nov 2022 02:11:33 GMT location: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d server: nginx --- Additional Info --- Magic: ASCII text, with no line terminators Size: 11 Md5: 32682312d17c7cbf18e73594f5570319 Sha1: 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d HTTP/1.1 Host: btpnav.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0T (...) FQDN: btpnav.com IP: 192.99.158.241 HASH: ddd86ffb491931e3de71184007ebe3be0bd84ff393a818245bb5244da78e31db 192.99.158.241 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cache-Control: private Server: Microsoft-IIS/10.0 X-AspNetMvc-Version: 5.2 X-AspNet-Version: 4.0.30319 Set-Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt; path=/ X-Powered-By: ASP.NET Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Content-Type Date: Sun, 27 Nov 2022 02:11:33 GMT Content-Length: 5470 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators Size: 5470 Md5: e02c7857263c70577be459cd78d79458 Sha1: 85117831d9dc8ab92b95ccd12d2c1b6cd72160f7 Sha256: ddd86ffb491931e3de71184007ebe3be0bd84ff393a818245bb5244da78e31db
POST /Redirect/ HTTP/1.1 Host: btpnav.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 358 Origin: http://btpnav.com Connection: keep-alive Referer: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt Upgrade-Insecure-Requests: 1	URL: btpnav.com/Redirect/ FQDN: btpnav.com IP: 192.99.158.241 HASH: ddb521ea96acd51e0d3df6542e974e521a7fc5b0e14fb6440e4e79e4905b736e 192.99.158.241 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Cache-Control: private Location: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 Server: Microsoft-IIS/10.0 X-AspNetMvc-Version: 5.2 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Content-Type Date: Sun, 27 Nov 2022 02:11:34 GMT Content-Length: 270 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 270 Md5: 69875c76217d69b9210ecd80864c5a3f Sha1: 5b0cf9e3a60b3748686c090e2bf9a74fc053556c Sha256: ddb521ea96acd51e0d3df6542e974e521a7fc5b0e14fb6440e4e79e4905b736e
GET /zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://btpnav.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d (...) FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: 84bd2178481065323dee44da690db2921363efe10c362883536f2b4e86f18143 3.212.50.125 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:34 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server: kXipAYyj --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1100 Md5: 91783059f1fe33914c6ce244a2e69e14 Sha1: 4732fdd7686ac6d51020c5a1539a06d896a7b723 Sha256: 84bd2178481065323dee44da690db2921363efe10c362883536f2b4e86f18143
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2340 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sun, 27 Nov 2022 02:11:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2340 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sun, 27 Nov 2022 02:11:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2340 Expires: Sun, 27 Nov 2022 02:50:34 GMT Date: Sun, 27 Nov 2022 02:11:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8584 x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCKAsGTDIAMFa1w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yeEzjiU_qN75issum4uP2zFM3C-DlSfIm728WgTPLvfvUmT0fWf-lA== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 22:02:07 GMT age: 14967 etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8584 Md5: d6328cb630204883d77babc9922075f1 Sha1: e440f7b94b53b6e7880b26f9653b1b266aae0190 Sha256: b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13049 x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cBsvpHDJoAMFhFQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0 x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 01:46:48 GMT age: 1486 etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13049 Md5: 1db6041a0bdb2319ae85afcc30caaeec Sha1: 3b0ec6a7188dadf986f72fda8110296d9abd6f35 Sha256: 05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9073 x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b8JuVHY7IAMFtRg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0 x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT x-amz-cf-pop: SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 16:41:41 GMT age: 34193 etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9073 Md5: ccb536b51f31391c89fb2abe3be6c749 Sha1: c9a5ab962bfdd174aecd4809d770f0fe305ab8e4 Sha256: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4803 x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iFHoIAMF2-g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:51:37 GMT age: 15597 etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4803 Md5: cc0a257323f882caff067adb86d906e4 Sha1: cedf2f21be7cd366bd46055b62b5513db3011dfc Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7380 x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iEegIAMFeuQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 21:50:08 GMT age: 15686 etag: "97a135335f5b1b042adeb385718f8808cb78528b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7380 Md5: 76c00eceed956377d7469ef58b0815cb Sha1: 97a135335f5b1b042adeb385718f8808cb78528b Sha256: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8817 x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b-krGE6AIAMF2Kg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0 x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 16:15:20 GMT age: 35774 etag: "308c08784ce4a0757cbd112807555b83e17a1d56" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8817 Md5: 741ddfb19764ac9a77509e7e87cfbfb2 Sha1: 308c08784ce4a0757cbd112807555b83e17a1d56 Sha256: e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 Upgrade-Insecure-Requests: 1	URL: dipaka-ead.com/zcredirect?visitid=d074b5a5-6df8-11ed-82 (...) FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: 88a7a57b8904544a9bd9b6e165ab2884bdc4ff112fd452af211b3447bda73e34 3.212.50.125 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:35 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS Server: QOmeMSPK --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 350 Md5: d095ed6846f98f495edf201231f48a9f Sha1: 927469eb6400d68d93c73abac2048e43c0a36f2c Sha256: 88a7a57b8904544a9bd9b6e165ab2884bdc4ff112fd452af211b3447bda73e34
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 410eb00e90a31db5fcbfbe2dd46eac00f7c4423f39b124b5f313fc2576444e0b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "410EB00E90A31DB5FCBFBE2DD46EAC00F7C4423F39B124B5F313FC2576444E0B" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1418 Expires: Sun, 27 Nov 2022 02:35:13 GMT Date: Sun, 27 Nov 2022 02:11:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1673b0486c9be61bd85835b847b21e01 Sha1: f27163859dd9db5043c4b1a67f7156112032d722 Sha256: 410eb00e90a31db5fcbfbe2dd46eac00f7c4423f39b124b5f313fc2576444e0b
GET /s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4 HTTP/1.1 Host: clever-redirect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dipaka-ead.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: clever-redirect.com/s/r6?s=623619497&s2=gamboge-moose&s (...) FQDN: clever-redirect.com IP: 78.46.197.88 HASH: cb4473dd7f16b3b1d00315cf2b5207271b53593b9f3b2c8ccad3ef239d7df417 78.46.197.88 HTTP/2 200 OK content-type: text/html; charset=UTF-8 referrer-policy: no-referrer x-powered-by: PHP/7.4.27 set-cookie: fde7d8409902205b0ea4c877b43ca40b=f819c981f8d4a4fc68abc2833b2998e329ea2393fb2c7bb5cfdd73e997a8f952a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22fde7d8409902205b0ea4c877b43ca40b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly content-length: 343 date: Sun, 27 Nov 2022 02:11:35 GMT server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (343), with no line terminators Size: 343 Md5: be29a96690d7c112bd1cdf10b8c12cf0 Sha1: bb43c5f0196d76faa94def56c0ddad270189135b Sha256: cb4473dd7f16b3b1d00315cf2b5207271b53593b9f3b2c8ccad3ef239d7df417
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 748d34be18b9cd25ddb8f887e7de9e7aed70ce8501962796ebc302ae9075ec91 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "748D34BE18B9CD25DDB8F887E7DE9E7AED70CE8501962796EBC302AE9075EC91" Last-Modified: Sat, 26 Nov 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17875 Expires: Sun, 27 Nov 2022 07:09:30 GMT Date: Sun, 27 Nov 2022 02:11:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2fc5d0e264068b334c44f627b7581cb0 Sha1: b13ae71a3e2727587f2b2b212ced135feb6703e0 Sha256: 748d34be18b9cd25ddb8f887e7de9e7aed70ce8501962796ebc302ae9075ec91
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf HTTP/1.1 Host: lookandfind.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a7 (...) FQDN: lookandfind.me IP: 5.9.110.29 HASH: 48a4a0112b6901c8412c8841e111a6b5222d318c7e227b6cbd2caa15820b0b4c 5.9.110.29 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:35 GMT Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k X-Powered-By: PHP/8.1.10 Set-Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly Referrer-Policy: strict-origin-when-cross-origin Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c1234b292029f73930b3c268fb278c4d Sha1: 7ee9df2b0fe1a956ce300adeba8cdb3199f726cf Sha256: 48a4a0112b6901c8412c8841e111a6b5222d318c7e227b6cbd2caa15820b0b4c
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397 HTTP/1.1 Host: lookandfind.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin	URL: lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2% (...) FQDN: lookandfind.me IP: 5.9.110.29 HASH: 71e6352f0fb5f404cb68e1ce1b36f13034d42d389d624773b3b1dfa8de36b041 5.9.110.29 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:35 GMT Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k X-Powered-By: PHP/8.1.10 Referrer-Policy: strict-origin-when-cross-origin Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators Size: 867 Md5: 4e55a087a564aa24d050f8ce32ec31b0 Sha1: fbe2770fad8aa2da1a98652d06e2cc8c0e8fcdce Sha256: 71e6352f0fb5f404cb68e1ce1b36f13034d42d389d624773b3b1dfa8de36b041
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: bb6992d0c6858671c529cfc4dc5d7368f7dac927e3ebed6a402812a007b665d9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BB6992D0C6858671C529CFC4DC5D7368F7DAC927E3EBED6A402812A007B665D9" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7604 Expires: Sun, 27 Nov 2022 04:18:20 GMT Date: Sun, 27 Nov 2022 02:11:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 204b24e9ac60abc06a19386cb6571322 Sha1: dd66f37e6d236ee6b0f7c9b54ef64c715da2942b Sha256: bb6992d0c6858671c529cfc4dc5d7368f7dac927e3ebed6a402812a007b665d9
GET /v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9 HTTP/1.1 Host: api.yadore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lookandfind.me/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: api.yadore.com/v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDc (...) FQDN: api.yadore.com IP: 88.99.112.2 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 88.99.112.2 HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Sun, 27 Nov 2022 02:11:36 GMT location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false server: nginx x-powered-by: PHP/8.0.25 content-length: 0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: status.thawte.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.thawte.com/ FQDN: status.thawte.com IP: 93.184.220.29 HASH: c19862f9090eadde6ca024265a2fa6cb1def302c0d00473840738fe63a902fb5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4711 Cache-Control: max-age=146260 Date: Sun, 27 Nov 2022 02:11:36 GMT Etag: "63824d45-1d7" Expires: Mon, 28 Nov 2022 18:49:16 GMT Last-Modified: Sat, 26 Nov 2022 17:30:45 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 42d19e502650716229ee612769e3fc14 Sha1: 2812ab691f84a638f5cbcdf16e7fc606c819acb1 Sha256: c19862f9090eadde6ca024265a2fa6cb1def302c0d00473840738fe63a902fb5
GET /ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lookandfind.me/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=16694920 (...) FQDN: no-go.kelkoogroup.net IP: 95.211.116.27 HASH: bcf60ae146df44bd8729a0fef555f9779a6434dfdc58f152c7fce24b5aa8f9ec 95.211.116.27 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:36 GMT leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191 clickId: 107698111_1669515096213_5564741 country: no Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory X-DataDome: protected Request-Time: PT0.01749S X-Robots-Tag: noindex,nofollow Referrer-Policy: origin-when-cross-origin X-Frame-Options: ALLOWALL X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: master-only Content-Length: 32670 Set-Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure kelkooID=a4c626f-184b6dab095-1a421c; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly P3P: CP="Anything" ApacheTracking: localhost Keep-Alive: timeout=40, max=95 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002) Size: 32670 Md5: 9f0f3c96933a982fff2e2eadc8561311 Sha1: 2917b2f051a8bf34d0c992051b0419dc17eeadf9 Sha256: bcf60ae146df44bd8729a0fef555f9779a6434dfdc58f152c7fce24b5aa8f9ec
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false Content-Type: text/plain;charset=utf-8 Content-Length: 536 Origin: https://no-go.kelkoogroup.net Connection: keep-alive Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61 (...) FQDN: no-go.kelkoogroup.net IP: 95.211.116.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 95.211.116.27 HTTP/1.1 200 OK Content-Type: text/plain; charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:36 GMT Request-Time: PT0.002804S X-Robots-Tag: noindex,nofollow Referrer-Policy: origin-when-cross-origin X-Frame-Options: ALLOWALL X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: master-only Content-Length: 0 P3P: CP="Anything" ApacheTracking: localhost Keep-Alive: timeout=40, max=98 Connection: Keep-Alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false Connection: keep-alive Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: no-go.kelkoogroup.net/assets/images/p.png?country=no&k= (...) FQDN: no-go.kelkoogroup.net IP: 95.211.116.27 HASH: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 95.211.116.27 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 27 Nov 2022 02:11:36 GMT Request-Time: PT0.001148S X-Robots-Tag: noindex,nofollow Cache-Control: private, must-revalidate Referrer-Policy: origin-when-cross-origin X-Frame-Options: ALLOWALL X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: master-only Content-Length: 68 P3P: CP="Anything" ApacheTracking: localhost Keep-Alive: timeout=40, max=80 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data Size: 68 Md5: 91e42db1c66c0b276abf6234dc50b2eb Sha1: c1986af3c26609b8b7d8933f99c51c1a89e9ea6b Sha256: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /tags.js HTTP/1.1 Host: dd.kelkoogroup.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://no-go.kelkoogroup.net/ Connection: keep-alive Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	URL: dd.kelkoogroup.net/tags.js FQDN: dd.kelkoogroup.net IP: 54.230.111.104 HASH: 4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb 54.230.111.104 HTTP/2 200 OK content-type: text/javascript content-length: 43164 server: Apache strict-transport-security: max-age=63072000; includeSubDomains; preload last-modified: Thu, 17 Nov 2022 15:19:16 GMT accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront), 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) date: Sun, 27 Nov 2022 01:20:30 GMT cache-control: max-age=3600, public expires: Sun, 27 Nov 2022 02:19:58 GMT etag: "33bf8-5edac1cc94a7f-gzip" vary: Accept-Encoding x-cache: Hit from cloudfront x-amz-cf-pop: FRA60-P2, OSL50-P1 x-amz-cf-id: dkYLkd0Xpu5tIZdyjk5_J0oPF4Eu4YrMd-cDv_QfDhOIgabmsa6j_Q== age: 3098 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65432) Size: 43164 Md5: 1e9601b9f2fcd0d1d742e87fd046749c Sha1: 88431bfdad7d8be4cf62396a57aebcec0de09827 Sha256: 4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb
GET /favicon.ico HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false Connection: keep-alive Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: no-go.kelkoogroup.net/favicon.ico FQDN: no-go.kelkoogroup.net IP: 95.211.116.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 95.211.116.27 HTTP/1.0 403 Forbidden Server: BigIP Connection: Keep-Alive Content-Length: 0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false Connection: keep-alive Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin	URL: no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541c (...) FQDN: no-go.kelkoogroup.net IP: 95.211.116.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 95.211.116.27 HTTP/1.1 303 See Other Content-Type: text/plain Date: Sun, 27 Nov 2022 02:11:36 GMT leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191 clickId: 107698111_1669515096213_5564741 country: no Location: https://track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory X-DataDome: protected Request-Time: PT0.014161S X-Robots-Tag: noindex,nofollow Referrer-Policy: origin-when-cross-origin X-Frame-Options: ALLOWALL X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: master-only Content-Length: 0 Set-Cookie: datadome=1IOcQZFmcEjZwPyQJ-HPW_dTenvKnz-8rKqxfyACqRx3_Gwi7NI0VlWy6hObFkMrDItN60SdtAaEbw1F04JXA9oZyGwAO2xR1dM5AI~zfDuE7-TTO3~ckKrsh39n1IqU; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure P3P: CP="Anything" ApacheTracking: localhost Keep-Alive: timeout=40, max=94 Connection: Keep-Alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.usertrust.com/ FQDN: ocsp.usertrust.com IP: 104.18.32.68 HASH: f46b45c4c5213add16b3696dff48ecae96c1f01d761dcc44e37641ef6784ae8c 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:36 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 01:51:17 GMT Expires: Sat, 03 Dec 2022 01:51:16 GMT Etag: "f1c5ce4fb8c1b312d4a6ca6ccc0afdc9764de782" Cache-Control: max-age=602982,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 1681 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7707558959f6b4f7-OSL --- Additional Info --- Magic: data Size: 471 Md5: aad2eb2715bd2f733f7f464d18820e81 Sha1: f1c5ce4fb8c1b312d4a6ca6ccc0afdc9764de782 Sha256: f46b45c4c5213add16b3696dff48ecae96c1f01d761dcc44e37641ef6784ae8c
POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.geotrust.com/ FQDN: status.geotrust.com IP: 93.184.220.29 HASH: b298255fed758b4cbc6765ad14def8f2088806e1c1d54e72f2d4d8f54de68078 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1397 Cache-Control: max-age=163469 Date: Sun, 27 Nov 2022 02:11:36 GMT Etag: "63829d70-1d7" Expires: Mon, 28 Nov 2022 23:36:05 GMT Last-Modified: Sat, 26 Nov 2022 23:12:48 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 078b9e6c4a43b802b3509f943a136fd7 Sha1: 149c6045698afe5ac71fb9e58d235413d8fa428e Sha256: b298255fed758b4cbc6765ad14def8f2088806e1c1d54e72f2d4d8f54de68078
POST /js/ HTTP/1.1 Host: api-js.datadome.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 4137 Origin: https://no-go.kelkoogroup.net Connection: keep-alive Referer: https://no-go.kelkoogroup.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: api-js.datadome.co/js/ FQDN: api-js.datadome.co IP: 13.51.39.45 HASH: e9da6c853de2c85d2c0ac4e37d2ffb2c15c0b8b03f425e141565f514f3ddc074 13.51.39.45 HTTP/2 200 OK content-type: application/json;charset=utf-8 date: Sun, 27 Nov 2022 02:11:36 GMT content-length: 235 server: DataDome access-control-allow-origin: * pragma: no-cache cache-control: no-cache, no-store, must-revalidate expires: 0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 235 Md5: d2610b8a4d3809168bc20cf07472f5df Sha1: fea34c527275b6b6f54cff82c071ec43e73ce8c4 Sha256: e9da6c853de2c85d2c0ac4e37d2ffb2c15c0b8b03f425e141565f514f3ddc074
GET /t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1 Host: track.adtraction.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://no-go.kelkoogroup.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2 (...) FQDN: track.adtraction.com IP: 13.49.53.120 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.49.53.120 HTTP/1.1 302 Cache-Control: no-cache Access-Control-Allow-Origin: * X-TraceId: 2cb9b664-3f06-493c-badf-fec36f6c2406 Set-Cookie: at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04; Max-Age=94608000; Path=/; Domain=track.adtraction.com; SameSite=None; Secure Location: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Transfer-Encoding: chunked Date: Sun, 27 Nov 2022 02:11:36 GMT Connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 1051b3c6025a727cb596abbce26416175e04c001fd521f239349df01d4982e39 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1510 Cache-Control: max-age=170808 Date: Sun, 27 Nov 2022 02:11:36 GMT Etag: "6382b9aa-1d7" Expires: Tue, 29 Nov 2022 01:38:24 GMT Last-Modified: Sun, 27 Nov 2022 01:13:14 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: b0417f7562764247b4a3ff9217831048 Sha1: 67c470b75d382380e82c12982a18a4d98a44404b Sha256: 1051b3c6025a727cb596abbce26416175e04c001fd521f239349df01d4982e39
GET /boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://no-go.kelkoogroup.net/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: f807d8749080fb2a629e80357151c7676198874b7dcd5cb568b72a76e13e8ce6 88.151.167.196 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:36 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Language: no Cache-Control: public,max-age=10800, private X-Cache-Status: MISS Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (338), with CRLF, LF line terminators Size: 35087 Md5: c1fa6666a3bbbf0c1981573470a3cb7f Sha1: 3c38ac8a7dc5f7edee204525a6798f2f8d0052f1 Sha256: f807d8749080fb2a629e80357151c7676198874b7dcd5cb568b72a76e13e8ce6
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e388353a642bc503beff27c23339e2b5 Sha1: 7849301df8cbfa3f9c019b1d4033b66e0f44c4bd Sha256: 5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://no-go.kelkoogroup.net Connection: keep-alive Referer: https://no-go.kelkoogroup.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: www.google-analytics.com/collect?v=1&_v=j96&t=pageview& (...) FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 142.250.74.174 HTTP/2 200 OK content-type: image/gif access-control-allow-origin: https://no-go.kelkoogroup.net date: Sun, 27 Nov 2022 02:11:37 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT x-content-type-options: nosniff access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 35 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: 28d6814f309ea289f847c69cf91194c6 Sha1: 0f4e929dd5bb2564f7ab9c76338e04e292a42ace Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /wro/ark_responsive.css?_=1669213137557 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/wro/ark_responsive.css?_=1669213137557 FQDN: www.ark.no IP: 88.151.167.196 HASH: 8ca68813ddfdba5be43a7357cbbe1b5a0bd66ade327a0bff6126273b174b1771 88.151.167.196 HTTP/1.1 200 Content-Type: text/css;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:36 GMT Transfer-Encoding: chunked Vary: Accept-Encoding cache-control: public, max-age=315360000 expires: Thu, 16 Nov 2023 22:11:36 GMT last-modified: Wed, 16 Nov 2022 22:11:36 GMT ETag: W/"1dfaaa8129ec8bbbd3deb8cf9c689a583683470" X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly --- Additional Info --- Magic: ASCII text, with very long lines (11679) Size: 351503 Md5: f0afbbb4d6e93b760006379694d7da13 Sha1: 122ea0da8b680eed0896699238a0307efe347bef Sha256: 8ca68813ddfdba5be43a7357cbbe1b5a0bd66ade327a0bff6126273b174b1771
GET /wro/addons_responsive.css?_=1669213137557 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/wro/addons_responsive.css?_=1669213137557 FQDN: www.ark.no IP: 88.151.167.196 HASH: 8d161b1a9434d6c394ff7e15c7534f651c0e0ae75738655c9bf4eac076397512 88.151.167.196 HTTP/1.1 200 Content-Type: text/css;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding cache-control: public, max-age=315360000 expires: Thu, 16 Nov 2023 21:57:54 GMT last-modified: Wed, 16 Nov 2022 21:57:54 GMT ETag: W/"1ac4f62a4e595c7683f2f4fa6d13255372a39192" X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (11140) Size: 12278 Md5: 216f08b4ee6d77be2b4c3a56c2ee5451 Sha1: c1ec92884e985e9557d3f031e34618fd0c6c354e Sha256: 8d161b1a9434d6c394ff7e15c7534f651c0e0ae75738655c9bf4eac076397512
GET /vgu7prb.css HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: use.typekit.net/vgu7prb.css FQDN: use.typekit.net IP: 23.36.76.186 HASH: d057627e92229d3b57763859da0b6d3f6f8457b7db60d223279d228ff7b83a6c 23.36.76.186 HTTP/2 200 OK content-type: text/css;charset=utf-8 server: nginx vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; cache-control: private, max-age=600, stale-while-revalidate=604800 timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip content-length: 748 date: Sun, 27 Nov 2022 02:11:37 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (516) Size: 748 Md5: 3453162d92bf8b997d346882fde33714 Sha1: 20cc0e9deece4903bf48252409be7f8e37efd3a3 Sha256: d057627e92229d3b57763859da0b6d3f6f8457b7db60d223279d228ff7b83a6c
GET /_ui/responsive/common/js/before-dom-ready.js?_=1669213137557 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/js/before-dom-ready.js (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: 7f80dce27a7e5eeb3be2fd88e807c6a6fe7ca8df4f14d2304e80cd130d50653f 88.151.167.196 HTTP/1.1 200 Content-Type: application/javascript;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"4185-1668634529010" Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: ASCII text Size: 960 Md5: 07cec007e266c0dde7d13b1ea4f12ee5 Sha1: f36ebc5c3d6fc6b63f0855e354387b91d376b586 Sha256: 7f80dce27a7e5eeb3be2fd88e807c6a6fe7ca8df4f14d2304e80cd130d50653f
GET /_ui/shared/js/generatedVariables.js HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/shared/js/generatedVariables.js FQDN: www.ark.no IP: 88.151.167.196 HASH: ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840 88.151.167.196 HTTP/1.1 200 Content-Type: application/javascript;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Content-Length: 272 X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"272-1668636399382" Last-Modified: Wed, 16 Nov 2022 22:06:39 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Accept-Ranges: bytes Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: ASCII text Size: 272 Md5: 2509fe5a4bc5022a5f08b29a8dc7bf56 Sha1: ae1575c0593c35fa10ef1f38d7fc3ca87bc87326 Sha256: ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840
GET /p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css HTTP/1.1 Host: p.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	URL: p.typekit.net/p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.3 (...) FQDN: p.typekit.net IP: 23.36.76.186 HASH: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb 23.36.76.186 HTTP/2 200 OK content-type: text/css accept-ranges: bytes access-control-allow-origin: * cache-control: public, max-age=604800 cross-origin-resource-policy: cross-origin etag: "613bee4d-5" last-modified: Fri, 10 Sep 2021 23:46:21 GMT server: nginx content-length: 5 unused62: 8096267 date: Sun, 27 Nov 2022 02:11:37 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 5 Md5: 83d24d4b43cc7eef2b61e66c95f3d158 Sha1: f0cafc285ee23bb6c28c5166f305493c4331c84d Sha256: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /_ui/shared/js/analyticsmediator.js HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/shared/js/analyticsmediator.js FQDN: www.ark.no IP: 88.151.167.196 HASH: dce57ddbe6ab1cfbdefd5958949d3a18011279c9819651401327c26cf353884b 88.151.167.196 HTTP/1.1 200 Content-Type: application/javascript;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"1099-1668635653873" Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: ASCII text Size: 406 Md5: e9e6515b6d0a979b3cbf1585f5ea8593 Sha1: 019dc45c7d9a25f12a0fd2e55e971f9d91d6923a Sha256: dce57ddbe6ab1cfbdefd5958949d3a18011279c9819651401327c26cf353884b
GET /user-data/javascript-variables.js HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/user-data/javascript-variables.js FQDN: www.ark.no IP: 88.151.167.196 HASH: f31749f6a4d1bcdfa6af2f9e32c5b5d504229adfc0d291304b6168d8c51b1670 88.151.167.196 HTTP/1.1 200 Content-Type: application/javascript;charset=UTF-8 X-Frame-Options: ALLOWALL Set-Cookie: JSESSIONID=78CDF310434080ECB99E837A8FC279D5; Path=/; Secure; HttpOnly anonymous-consents=%5B%5D; Max-Age=31536000; Expires=Mon, 27-Nov-2023 02:11:37 GMT; Path=/; Secure; HttpOnly cookie-notification=NOT_ACCEPTED; Max-Age=360000000; Expires=Mon, 24-Apr-2034 18:11:37 GMT; Path=/; Secure SRVID=P1; path=/; HttpOnly; Secure NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Language: no Content-Length: 679 Date: Sun, 27 Nov 2022 02:11:36 GMT --- Additional Info --- Magic: ASCII text Size: 679 Md5: 620dfe83ec2c047894b01ad5b875d645 Sha1: 0babf60bb7fbf0e2d7f19d96727d1e73d799fc95 Sha256: f31749f6a4d1bcdfa6af2f9e32c5b5d504229adfc0d291304b6168d8c51b1670
GET /static/header-search.min.css HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/static/header-search.min.css FQDN: www.ark.no IP: 88.151.167.196 HASH: b574fd83f0380206cffb01cad4beed9591d3daa178c58e3df2eb6fc64062c760 88.151.167.196 HTTP/1.1 200 OK Content-Type: text/css; charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:37 GMT Accept-Ranges: bytes Cache-Control: public, max-age=0 Content-Encoding: gzip ETag: W/"e7ec-184a253d590" Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT Transfer-Encoding: chunked Vary: Accept-Encoding Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (59370) Size: 11073 Md5: b374aa6d5ab506a81b333b6a1ac5c959 Sha1: 5a53ec11595b533e6e6a4cf511d1d242042032f5 Sha256: b574fd83f0380206cffb01cad4beed9591d3daa178c58e3df2eb6fc64062c760
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e388353a642bc503beff27c23339e2b5 Sha1: 7849301df8cbfa3f9c019b1d4033b66e0f44c4bd Sha256: 5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
GET /beacon/gyldendal/ark_production/scripts/evergage.min.js HTTP/1.1 Host: cdn.evgnet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.evgnet.com/beacon/gyldendal/ark_production/scripts/ (...) FQDN: cdn.evgnet.com IP: 151.101.128.114 HASH: 7fd56328f62e0516c09fe7691225f80baa44fbd46019224172d9a932bc6bcbc5 151.101.128.114 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 x-amz-id-2: faPkUFcnsvGPsNBBeMYEalTXsNaKZdlfdm26+FltH/351NHnj8baSZR4Vx40VSYsvribpgjGB6I= x-amz-request-id: S19JP7RQBXGHVSQ2 x-amz-replication-status: COMPLETED last-modified: Sat, 26 Nov 2022 07:43:47 GMT etag: "39bc0ec486db4097b88063bbf18a0a65" cache-control: max-age=120 content-encoding: gzip x-amz-meta-evergage-beacon-ver: 16 x-amz-meta-evergage-sum: 96f2de31f3cfc41ead0a6c913ccf85ed130d951a x-amz-version-id: SjR9IpUexr7lbUtSMflzvSYqFoiv8nqV server: AmazonS3 via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sun, 27 Nov 2022 02:11:37 GMT age: 114 x-served-by: cache-iad-kiad7000038-IAD, cache-bma1648-BMA x-cache: HIT, HIT x-cache-hits: 50, 1 x-timer: S1669515097.111552,VS0,VE2 vary: Accept-Encoding timing-allow-origin: * content-length: 50013 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (594) Size: 50013 Md5: 39bc0ec486db4097b88063bbf18a0a65 Sha1: 14fb3dd0ff72962bb028dcbc83f22c1acc9f77be Sha256: 7fd56328f62e0516c09fe7691225f80baa44fbd46019224172d9a932bc6bcbc5
GET /medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/medias/icon-innbundet.svg?context=bWFzdGVyfH (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: 651edc2a0abc01a83a06cc633c50f8513fd2c6f89bf3f48f1dc141dfb3bd1bde 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: public,max-age=31536000 Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT X-Content-Type-Options: nosniff content-security-policy: sandbox X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (505) Size: 833 Md5: a65a28e2ad19b9e91ca93072bfbe63b8 Sha1: 6da5492a8ef70f757684e6d8c7fdf5465f8e8ef5 Sha256: 651edc2a0abc01a83a06cc633c50f8513fd2c6f89bf3f48f1dc141dfb3bd1bde
GET /wro/addons_responsive.js?_=1669213137557 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/wro/addons_responsive.js?_=1669213137557 FQDN: www.ark.no IP: 88.151.167.196 HASH: 9da5304bd17271e262e1035f642e811db52dedf663ca9350cf221afe1ff368b5 88.151.167.196 HTTP/1.1 200 Content-Type: text/javascript;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding cache-control: public, max-age=315360000 expires: Thu, 16 Nov 2023 22:11:36 GMT last-modified: Wed, 16 Nov 2022 22:11:36 GMT ETag: W/"a38ffc581f14c7c21274979251d7750c976f8bc3" X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (11839) Size: 55204 Md5: 2db791df263b17f02f3f8fc8f06f4337 Sha1: ada8a25364bcc1b1599ab300210b4aa47eca4f0b Sha256: 9da5304bd17271e262e1035f642e811db52dedf663ca9350cf221afe1ff368b5
GET /medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/medias/icon-lydbok.svg?context=bWFzdGVyfHJvb (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: 63d0ff4f0676641152de7bf3b26d17331570e705a592d1baa207becfb0db8287 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: public,max-age=31536000 Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT X-Content-Type-Options: nosniff content-security-policy: sandbox X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213) Size: 1111 Md5: 0a85c6a1e5c3ffbc071617fbd9ac913a Sha1: 2de167bf33e1c83bcc6a2d3d4edd56db38edc7a0 Sha256: 63d0ff4f0676641152de7bf3b26d17331570e705a592d1baa207becfb0db8287
GET /medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8M (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: 2bf262cf6bd9b866c2c7a363ca13d02b50c1c5ef10f90e945794b41cf68a0311 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: public,max-age=31536000 Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT X-Content-Type-Options: nosniff content-security-policy: sandbox X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (607) Size: 713 Md5: 59bea278cf46189e717d7c8d24532688 Sha1: c322abc6e6291e5ce89103324935099ed4d22659 Sha256: 2bf262cf6bd9b866c2c7a363ca13d02b50c1c5ef10f90e945794b41cf68a0311
GET /_ui/responsive/common/images/novicell/exchange.svg HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/images/novicell/exchan (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: 5ffc92b06847b5911df0f94bfd3dde0a6ec7adc1f46226e679e5f3d78ca0fe40 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"2002-1668634529039" Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (637) Size: 821 Md5: cfa6637ae45a37a2696c599217b51100 Sha1: 8e40845ea27fac927c1a0ffebee688b07a0511db Sha256: 5ffc92b06847b5911df0f94bfd3dde0a6ec7adc1f46226e679e5f3d78ca0fe40
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 619fa0039b94697fc8a5bd24f57e8aa2 Sha1: 53a366391a51d625029cc6d32fb4e8b6060990fd Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
GET /medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/medias/ARK-logo-rgb.png?context=bWFzdGVyfHJv (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: 5b4539a78df44e55a07e737bcbb2b3c4f0e991c1e94eb5eba68cd039a9ad73ab 88.151.167.196 HTTP/1.1 200 Content-Type: image/png Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Content-Length: 5375 X-Frame-Options: ALLOWALL ETag: c9090923bba9332b51b1e7fd3123786a Cache-Control: public,max-age=31536000 Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT X-Content-Type-Options: nosniff content-security-policy: sandbox X-Cache-Status: HIT Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: PNG image data, 84 x 84, 8-bit/color RGBA, non-interlaced\012- data Size: 5375 Md5: 694117356cff0567f422a7151b0bef89 Sha1: cff747b3405329e61434661350b787eb78974bc5 Sha256: 5b4539a78df44e55a07e737bcbb2b3c4f0e991c1e94eb5eba68cd039a9ad73ab
GET /assets/no/lipscore-v1.js HTTP/1.1 Host: static.lipscore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: static.lipscore.com/assets/no/lipscore-v1.js FQDN: static.lipscore.com IP: 54.230.111.8 HASH: 9736aad14a6b6460b71f0cbdc9d1f0035cd4c8947029b788450afcf35376a92e 54.230.111.8 HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 69216 Connection: keep-alive Last-Modified: Fri, 25 Nov 2022 09:21:17 GMT Content-Encoding: gzip Accept-Ranges: bytes Server: AmazonS3 Date: Sat, 26 Nov 2022 09:42:00 GMT ETag: "97e709db0efc7e4edcf01c2a116c6e10" X-Cache: Hit from cloudfront Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 8eaZjazjSEBxBKD1Nsf-32u_ZT-IdQ5yj-TF0D0nzw9k-36zVcSROQ== Age: 59378 --- Additional Info --- Magic: ASCII text, with very long lines (589) Size: 69216 Md5: 97e709db0efc7e4edcf01c2a116c6e10 Sha1: 7509e2a1739bb8bf0d1b43942128a760f4c7e918 Sha256: 9736aad14a6b6460b71f0cbdc9d1f0035cd4c8947029b788450afcf35376a92e
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: affc28e0f7113182ca099f5b442fc29e7cece3560ed5dfa34049463f8b28fd5e 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Sun, 27 Nov 2022 02:11:37 GMT Etag: "638282c1-1d7" Last-Modified: Sun, 27 Nov 2022 01:39:14 GMT Server: ECS (dcb/7F39) X-Cache: Miss from cloudfront Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: iz3vM4Cl2NcPIkwE7VOpRcEPF4GXJYUfR8CcOnW8SHvnoJs8suQqKg== Age: 1943 --- Additional Info --- Magic: data Size: 471 Md5: 51fae185a90e21e2aad28dae22e6e206 Sha1: ecc25e2aeda71bf2c549b67fe3564b0764f235d8 Sha256: affc28e0f7113182ca099f5b442fc29e7cece3560ed5dfa34049463f8b28fd5e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0ee1d1a60ec1770ec3e880a25c257f5d Sha1: 015b05feff63bdcf8fae4d1a8c0c83c923a2ca67 Sha256: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
GET /_ui/responsive/common/images/novicell/icons2.svg HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/images/novicell/icons2.svg FQDN: www.ark.no IP: 88.151.167.196 HASH: 748803c439e7801084d8c6e89068513dcd62c1fa40b7efa6d2f638d2a61d2ff3 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"13291-1668636417977" Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (1330) Size: 4859 Md5: 70c1bf2e0f79bc0aa4d4db691f9bc7a3 Sha1: 495e5325437a26f559639c130907738b814636b6 Sha256: 748803c439e7801084d8c6e89068513dcd62c1fa40b7efa6d2f638d2a61d2ff3
GET /_ui/responsive/common/images/basket.svg HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/images/basket.svg FQDN: www.ark.no IP: 88.151.167.196 HASH: 797706ae7c9eaf6990b12849249aa0315b75183818d7a5f0a7b5e1b9a18c8ce8 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"1586-1668636417967" Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1585) Size: 594 Md5: 9138a81597c7a7be51c2c04a23f55d48 Sha1: e38874fa64494f77be7bedfafd07ec8e6a597cd4 Sha256: 797706ae7c9eaf6990b12849249aa0315b75183818d7a5f0a7b5e1b9a18c8ce8
GET /_ui/responsive/common/images/login.svg HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/images/login.svg FQDN: www.ark.no IP: 88.151.167.196 HASH: bef4b9504593faecec695ea3116301541c0dc1eb6b416c2975efae0db63bc525 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT ntCoent-Length: 315 X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"315-1668635653863" Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Accept-Ranges: bytes Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly Content-Encoding: gzip Content-Length: 248 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (315), with no line terminators Size: 248 Md5: e65002a0979088d966fe62fa04ad8546 Sha1: 4944836607208694e22e687730313c8b7c581575 Sha256: bef4b9504593faecec695ea3116301541c0dc1eb6b416c2975efae0db63bc525
GET /_ui/responsive/common/images/heart.svg HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/images/heart.svg FQDN: www.ark.no IP: 88.151.167.196 HASH: 3db00c85a23dc9c933ba41c66ea40b54a117378940f2f50ed07e4c1e8e85e358 88.151.167.196 HTTP/1.1 200 Content-Type: image/svg+xml;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT ntCoent-Length: 810 X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"810-1668634529034" Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Accept-Ranges: bytes Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly Content-Encoding: gzip Content-Length: 485 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810), with no line terminators Size: 485 Md5: bf6c87810144048478a4af1e7036172e Sha1: 1df92e763e945e02c10a65ab7ff4dd2d2a8326b8 Sha256: 3db00c85a23dc9c933ba41c66ea40b54a117378940f2f50ed07e4c1e8e85e358
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: e4eeb595763dca3a9e7866f1ea60fdb43c68718066023c54cebfe08de82934bf 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=113180 Date: Sun, 27 Nov 2022 02:11:37 GMT Etag: "6381d450-1d7" Expires: Mon, 28 Nov 2022 09:37:57 GMT Last-Modified: Sat, 26 Nov 2022 08:54:40 GMT Server: ECS (bsa/EB17) X-Cache: Miss from cloudfront Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 56noltW0rS3jWEaFECUOzyjtMwofkuF6XWdi8LZUBujsHudKzOtc6A== Age: 2597 --- Additional Info --- Magic: data Size: 471 Md5: ce06bb900fc5b1f7fc3714d1540a99be Sha1: 603ba95c950a10f70dcaa634512e3058c6852e2b Sha256: e4eeb595763dca3a9e7866f1ea60fdb43c68718066023c54cebfe08de82934bf
GET /2020/click_and_collect_icon_pdp.png HTTP/1.1 Host: arkcms.s3-eu-west-1.amazonaws.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: arkcms.s3-eu-west-1.amazonaws.com/2020/click_and_collec (...) FQDN: arkcms.s3-eu-west-1.amazonaws.com IP: 52.218.88.224 HASH: 6aaec1fe9381c3deb009111c81a4e4c599b1b3fdbb346ab0412c850d00b82603 52.218.88.224 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: R5xHVfc6Jmit1KfUYFZDKEerCXW7fJwV911TLdLTGNNPMGhd/Vj7tENvunndd3l+PNQQ9XvDhKM= x-amz-request-id: WM1JG975W1K2M8ME Date: Sun, 27 Nov 2022 02:11:38 GMT Last-Modified: Wed, 09 Dec 2020 10:28:47 GMT ETag: "ae12c3709e57f42d625e8c0e5bbd65ff" x-amz-meta-cb-modifiedtime: Wed, 09 Dec 2020 10:28:18 GMT x-amz-version-id: rcTJgyMvadfkuGRJwZxwntujgFgIeUke Accept-Ranges: bytes Server: AmazonS3 Content-Length: 579 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 579 Md5: ae12c3709e57f42d625e8c0e5bbd65ff Sha1: 4da0f6b488bce010ef84fb38a488814ba8b41cc2 Sha256: 6aaec1fe9381c3deb009111c81a4e4c599b1b3fdbb346ab0412c850d00b82603
GET /assets/lipscore-v1.css HTTP/1.1 Host: static.lipscore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: static.lipscore.com/assets/lipscore-v1.css FQDN: static.lipscore.com IP: 54.230.111.8 HASH: 7597379ecb627246ef4309081cce9d17780443654ffe9270a33448189e4dfdfb 54.230.111.8 HTTP/1.1 200 OK Content-Type: text/css Content-Length: 11566 Connection: keep-alive Last-Modified: Fri, 25 Nov 2022 09:19:44 GMT Content-Encoding: gzip Accept-Ranges: bytes Server: AmazonS3 Date: Sat, 26 Nov 2022 09:42:01 GMT ETag: "ad324c13384f3748c4d121fab666b608" X-Cache: Hit from cloudfront Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: IhLbntTrKMJxZuRFSdf7HNaWtTRcYuXuBgHSSHik6PXRd0bwW78o3Q== Age: 59377 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 11566 Md5: ad324c13384f3748c4d121fab666b608 Sha1: de2833b8d80bd2ca7b1a077086e803fa9f947cc5 Sha256: 7597379ecb627246ef4309081cce9d17780443654ffe9270a33448189e4dfdfb
GET /_ui/responsive/common/images/spinner.gif HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/images/spinner.gif FQDN: www.ark.no IP: 88.151.167.196 HASH: cc059971515e77a7ff8e6771b1bfdf11c39370ad399c85ae151e620f79ff6ea1 88.151.167.196 HTTP/1.1 200 Content-Type: image/gif;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Content-Length: 1101 X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"1101-1668634529044" Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT Expires: Sun, 27 Nov 2022 08:11:37 GMT X-Cache-Status: HIT Accept-Ranges: bytes Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 1101 Md5: 5ce7976b7df2fc004edd0514e74c912f Sha1: 8e274e6894bfa048d740598ad9dc347c843b53e8 Sha256: cc059971515e77a7ff8e6771b1bfdf11c39370ad399c85ae151e620f79ff6ea1
GET /af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ark.no Connection: keep-alive Referer: https://use.typekit.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: use.typekit.net/af/0230dd/00000000000000007735bb33/30/l (...) FQDN: use.typekit.net IP: 23.36.76.186 HASH: ef02debd597b2a650c8e3657bf87d2d0ac2c6cdd10cf5c074eaff5eae53fafb2 23.36.76.186 HTTP/2 200 OK content-type: application/font-woff2 server: nginx content-length: 24224 etag: "e8db8b219fe0e512ab6df6bb665cccbe9558a4d8" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Sun, 27 Nov 2022 02:11:37 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), CFF, length 24224, version 1.0\012- data Size: 24224 Md5: f005bbf156a8b3f0d2a3f617decb7504 Sha1: 22df422ea62af0cbe56d87697fa73ed43753c2ba Sha256: ef02debd597b2a650c8e3657bf87d2d0ac2c6cdd10cf5c074eaff5eae53fafb2
GET /rc/35408/scripts/s.js HTTP/1.1 Host: d2df291ti5v5sq.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: d2df291ti5v5sq.cloudfront.net/rc/35408/scripts/s.js FQDN: d2df291ti5v5sq.cloudfront.net IP: 54.230.111.49 HASH: 0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f 54.230.111.49 HTTP/2 200 OK content-type: application/javascript content-length: 17 date: Sat, 26 Nov 2022 02:21:01 GMT last-modified: Tue, 04 Oct 2022 12:17:09 GMT etag: "a33a21825ee0bbfbd37c7f17465ee58b" x-amz-meta-version: -1 x-amz-meta-previous: rc/35408/scripts/s-1664885824.js x-amz-meta-blankedout: true x-amz-meta-deployeddate: 2022-10-04 12:17:04 x-amz-meta-invalidationid: I32KDJXI400N4D accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Fok3Qj4e7WGRAf9HyzgkGwmZoT8g7R7kvwleuEAStNinI1O_BCNGfg== age: 85837 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 17 Md5: a33a21825ee0bbfbd37c7f17465ee58b Sha1: 0a1cea8a83e1df552650c210cc03ec629839dc1a Sha256: 0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f
GET /uc.js HTTP/1.1 Host: consent.cookiebot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: consent.cookiebot.com/uc.js FQDN: consent.cookiebot.com IP: 104.84.152.64 HASH: 33a05733a663a3d87ea1275899038ec82a2824de58b8fd07f02c9852dbc56c43 104.84.152.64 HTTP/2 200 OK content-type: application/javascript content-encoding: gzip last-modified: Tue, 22 Nov 2022 07:34:39 GMT accept-ranges: bytes etag: "db2e3fe144fed81:0" vary: Accept-Encoding request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef access-control-expose-headers: Request-Context content-length: 31705 cache-control: public, max-age=1131 expires: Sun, 27 Nov 2022 02:30:28 GMT date: Sun, 27 Nov 2022 02:11:37 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499) Size: 31705 Md5: 696e11ea704a1a9043864196e1dd41ee Sha1: a322a1d9858541cb17a662d8267c1a86b91fc6c3 Sha256: 33a05733a663a3d87ea1275899038ec82a2824de58b8fd07f02c9852dbc56c43
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 8d8650abacabb9cde08eabb6326ed35756090fa4d77d4d44060b73e6af31ae3d 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=154710 Date: Sun, 27 Nov 2022 02:11:37 GMT Etag: "638271f1-1d7" Expires: Mon, 28 Nov 2022 21:10:07 GMT Last-Modified: Sat, 26 Nov 2022 20:07:13 GMT Server: ECS (bsa/EB17) X-Cache: Miss from cloudfront Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: gmWJR-Tita-wP-QDHjjS_BrmTTE3uX9kKIs-LXp4IHVfTmL08s_grg== Age: 3774 --- Additional Info --- Magic: data Size: 471 Md5: b967106f3fa216e144d901203204b3b8 Sha1: e3e51dd036cc513690c8248c638bd71707548ee9 Sha256: 8d8650abacabb9cde08eabb6326ed35756090fa4d77d4d44060b73e6af31ae3d
GET /sdk/bc-v4.min.html HTTP/1.1 Host: consentcdn.cookiebot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: consentcdn.cookiebot.com/sdk/bc-v4.min.html FQDN: consentcdn.cookiebot.com IP: 104.110.3.72 HASH: 907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35 104.110.3.72 HTTP/2 200 OK content-type: text/html accept-ranges: bytes etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163" last-modified: Mon, 04 Apr 2022 07:23:49 GMT server: AkamaiNetStorage x-akamai-transformed: 9 - 0 pmb=mRUM,1 vary: Accept-Encoding content-encoding: gzip cache-control: max-age=29771517 expires: Mon, 06 Nov 2023 16:03:34 GMT date: Sun, 27 Nov 2022 02:11:37 GMT content-length: 392 server-timing: cdn-cache; desc=HIT, edge; dur=1 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators Size: 392 Md5: e7268eccad39bd651697fa793a52cc5c Sha1: 47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3 Sha256: 907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false HTTP/1.1 Host: consent.cookiebot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: consent.cookiebot.com/8c9951dd-c473-46c7-8264-2482c3354 (...) FQDN: consent.cookiebot.com IP: 104.84.152.64 HASH: 29c946240c2fb857034d9cf18349ba5efd809b6cca05b1763a7c0dcc790789e1 104.84.152.64 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 cache-control: private, max-age=1200 content-encoding: gzip last-modified: Sun, 27 Nov 2022 02:11:37 GMT vary: Accept-Encoding request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef access-control-expose-headers: Request-Context content-length: 59843 date: Sun, 27 Nov 2022 02:11:37 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65499) Size: 59843 Md5: 7436aa0eae55cff68d222f7c93841936 Sha1: b23b07beca0a9cde7d3e882bcb55f5327f3ebb49 Sha256: 29c946240c2fb857034d9cf18349ba5efd809b6cca05b1763a7c0dcc790789e1
POST /api2/event/ark_production HTTP/1.1 Host: gyldendal.germany-2.evergage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 1818 Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: gyldendal.germany-2.evergage.com/api2/event/ark_production FQDN: gyldendal.germany-2.evergage.com IP: 3.127.112.93 HASH: 9ce193b71199392d1a0c946715dafff7e796c04b651ebb4ab1cff033d7f33cce 3.127.112.93 HTTP/2 200 OK content-type: application/json;charset=UTF-8 date: Sun, 27 Nov 2022 02:11:37 GMT set-cookie: AWSALB=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/ AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: https://www.ark.no timing-allow-origin: * access-control-allow-credentials: true x-content-type-options: nosniff vary: accept-encoding content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 7403 Md5: ff71b8cd337b2ba74a00f00736dfc378 Sha1: 727a3759c538f93f418d476be1d3b4f2a764b233 Sha256: 9ce193b71199392d1a0c946715dafff7e796c04b651ebb4ab1cff033d7f33cce
GET /iged132l.js HTTP/1.1 Host: d81mfvml8p5ml.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: d81mfvml8p5ml.cloudfront.net/iged132l.js FQDN: d81mfvml8p5ml.cloudfront.net IP: 143.204.42.86 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 143.204.42.86 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 content-length: 0 last-modified: Mon, 19 Aug 2019 10:24:46 GMT accept-ranges: bytes server: AmazonS3 date: Sun, 27 Nov 2022 02:11:37 GMT cache-control: max-age=600 etag: "d41d8cd98f00b204e9800998ecf8427e" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: wmUo18jW6YiVixePFPQVyn3RzayLXaBqortCtBANAlE6917Sq0ZcGw== age: 277 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Sun, 27 Nov 2022 00:41:08 GMT expires: Sun, 27 Nov 2022 02:41:08 GMT cache-control: public, max-age=7200 age: 5429 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: d0546bd03ec73e190f947699b0c10bf1a1f2b7c5610d1267456ca6fffbb584c0 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=159869 Date: Sun, 27 Nov 2022 02:11:38 GMT Etag: "63828e0b-1d7" Expires: Mon, 28 Nov 2022 22:36:07 GMT Last-Modified: Sat, 26 Nov 2022 22:07:07 GMT Server: ECS (dcb/7F14) X-Cache: Miss from cloudfront Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: zx6P2A-CHPR5TrFMf8bnwXUbnMXwb77v05P5KIcB1aI2sq_ABXtgHQ== Age: 1740 --- Additional Info --- Magic: data Size: 471 Md5: 425f07b8f307197c46e95ccff387c113 Sha1: b1b40dc823e78f05088972064a4e7f51d0806cad Sha256: d0546bd03ec73e190f947699b0c10bf1a1f2b7c5610d1267456ca6fffbb584c0
GET /9780226543178/img/0-S HTTP/1.1 Host: dj4fsg3e1je59.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: dj4fsg3e1je59.cloudfront.net/9780226543178/img/0-S FQDN: dj4fsg3e1je59.cloudfront.net IP: 143.204.42.104 HASH: 6f8d7dff432d7c7ef0ca00c423217d57f27566645d30ac87ed98e2e005e70b21 143.204.42.104 HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 18273 Connection: keep-alive Date: Sun, 27 Nov 2022 02:11:39 GMT Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT ETag: "475d683320e29259c5f56ffbeff6e312" Cache-Control: max-age=604800 x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 94I5BaeFaVKMxpwEE-7KfxSmlRxV-MBlW5h63U2BAfnyOuNjXZLbOA== --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x180, components 3\012- data Size: 18273 Md5: 475d683320e29259c5f56ffbeff6e312 Sha1: d40bf2f373dc49dca5e5036fdd4e64885bab6889 Sha256: 6f8d7dff432d7c7ef0ca00c423217d57f27566645d30ac87ed98e2e005e70b21
GET /9780226543178/img/0 HTTP/1.1 Host: dj4fsg3e1je59.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: dj4fsg3e1je59.cloudfront.net/9780226543178/img/0 FQDN: dj4fsg3e1je59.cloudfront.net IP: 143.204.42.104 HASH: 9d24d2a713c9b8c28dbfec01d2f3c81dd01278853d93e88830aee2a58aa9bdae 143.204.42.104 HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 129797 Connection: keep-alive Date: Sun, 27 Nov 2022 02:11:39 GMT Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT ETag: "5035c9db58868e24a8e20e1afa1cebdc" Cache-Control: max-age=604800 x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Miss from cloudfront Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: iYElR33T0vz-gRxX1F6WgCdqotEHan5P9DCs9PAUMd0JoEmLgbiCmQ== --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 426x640, components 3\012- data Size: 129797 Md5: 5035c9db58868e24a8e20e1afa1cebdc Sha1: 29daedbf86b1f2487ab3aa0c6fc32d88857c86e4 Sha256: 9d24d2a713c9b8c28dbfec01d2f3c81dd01278853d93e88830aee2a58aa9bdae
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT Expires: Sat, 03 Dec 2022 12:28:29 GMT Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6" Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 770755930d32b4f1-OSL --- Additional Info --- Magic: data Size: 472 Md5: 404c846bf9cbbe0ac7d69a1db047e258 Sha1: cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6 Sha256: 6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT Expires: Sat, 03 Dec 2022 12:28:29 GMT Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6" Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 770755930e7bb527-OSL --- Additional Info --- Magic: data Size: 472 Md5: 404c846bf9cbbe0ac7d69a1db047e258 Sha1: cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6 Sha256: 6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125
OPTIONS /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1 Host: arkanbefaler.sannsyn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-ssasid Referer: https://www.ark.no/ Origin: https://www.ark.no Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark& (...) FQDN: arkanbefaler.sannsyn.com IP: 31.169.51.140 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.169.51.140 HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 0 Connection: keep-alive Vary: Origin Access-Control-Max-Age: 2678400 Access-Control-Allow-Origin: https://www.ark.no Access-Control-Allow-Headers: x-ssasid Access-Control-Allow-Methods: GET Access-Control-Allow-Credentials: true --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1 Host: arkanbefaler.sannsyn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br x-ssasid: undefined Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: arkanbefaler.sannsyn.com/jsrecapi/1.0/crec?service=ark& (...) FQDN: arkanbefaler.sannsyn.com IP: 31.169.51.140 HASH: 23fd6190610ad846e5a02bc487f55720036cbcc6cdc76c4371bf6f0d53a5c4fb 31.169.51.140 HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 2114 Connection: keep-alive Vary: Origin,Accept-Encoding X-Roll: https://bit.ly/IqT6zt Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; SameSite=None; Path=/; Domain=.sannsyn.com; Secure ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly X-Robots-Tag: none Cache-Control: no-cache Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Content-Encoding: gzip X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Access-Control-Allow-Origin: https://www.ark.no Access-Control-Allow-Credentials: true X-Permitted-Cross-Domain-Policies: master-only --- Additional Info --- Magic: ASCII text, with very long lines (5774), with no line terminators Size: 2114 Md5: fe0d2046777bffcdf62cf81b73a6bc14 Sha1: b2f64b5fe301bceb77864767c7847e2d594b548e Sha256: 23fd6190610ad846e5a02bc487f55720036cbcc6cdc76c4371bf6f0d53a5c4fb
POST /pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true HTTP/1.1 Host: gyldendal.germany-2.evergage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 0 Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: gyldendal.germany-2.evergage.com/pr?.top=714&item=%7B%2 (...) FQDN: gyldendal.germany-2.evergage.com IP: 3.127.112.93 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.127.112.93 HTTP/2 204 No Content date: Sun, 27 Nov 2022 02:11:38 GMT set-cookie: AWSALB=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/ AWSALBCORS=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: https://www.ark.no timing-allow-origin: * x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true HTTP/1.1 Host: gyldendal.germany-2.evergage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 0 Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: gyldendal.germany-2.evergage.com/msreceiver?.cStat=%5B% (...) FQDN: gyldendal.germany-2.evergage.com IP: 3.127.112.93 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.127.112.93 HTTP/2 204 No Content date: Sun, 27 Nov 2022 02:11:38 GMT set-cookie: AWSALB=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/ AWSALBCORS=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: https://www.ark.no timing-allow-origin: * x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?api_key=6a2538253ca1d39fa2a02b28 HTTP/1.1 Host: wapi.lipscore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: wapi.lipscore.com/hit?api_key=6a2538253ca1d39fa2a02b28 FQDN: wapi.lipscore.com IP: 151.101.86.217 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 151.101.86.217 HTTP/2 200 OK server: Varnish retry-after: 0 access-control-allow-credentials: true accept-ranges: bytes date: Sun, 27 Nov 2022 02:11:38 GMT via: 1.1 varnish x-served-by: cache-bma1632-BMA x-cache: HIT x-cache-hits: 0 x-timer: S1669515098.380212,VS0,VE0 access-control-allow-origin: https://www.ark.no content-length: 0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1 Host: wapi.lipscore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: wapi.lipscore.com/initial_data/settings/show?api_key=6a (...) FQDN: wapi.lipscore.com IP: 151.101.86.217 HASH: 70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d 151.101.86.217 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: Cowboy access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE access-control-expose-headers: X-Pagination access-control-max-age: 86400 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff access-control-allow-credentials: true access-control-allow-headers: X-Http-Method-Override cache-control: public, no-cache x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3 x-runtime: 0.019999 via: 1.1 vegur, 1.1 varnish accept-ranges: bytes date: Sun, 27 Nov 2022 02:11:38 GMT age: 435586 x-served-by: cache-bma1632-BMA x-cache: HIT x-cache-hits: 1128 x-timer: S1669515098.382350,VS0,VE0 vary: Origin access-control-allow-origin: https://www.ark.no content-length: 8414 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (8414), with no line terminators Size: 8414 Md5: e8d8b9129babd714cca17d25abf71ad4 Sha1: 7f16913bb726daa1e041311b8a59afde1afeeb53 Sha256: 70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d
GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1 Host: wapi.lipscore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: wapi.lipscore.com/initial_data/settings/show?api_key=6a (...) FQDN: wapi.lipscore.com IP: 151.101.86.217 HASH: 70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d 151.101.86.217 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: Cowboy access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE access-control-expose-headers: X-Pagination access-control-max-age: 86400 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff access-control-allow-credentials: true access-control-allow-headers: X-Http-Method-Override cache-control: public, no-cache x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3 x-runtime: 0.019999 via: 1.1 vegur, 1.1 varnish accept-ranges: bytes date: Sun, 27 Nov 2022 02:11:38 GMT age: 435586 x-served-by: cache-bma1632-BMA x-cache: HIT x-cache-hits: 1129 x-timer: S1669515098.383094,VS0,VE0 vary: Origin access-control-allow-origin: https://www.ark.no content-length: 8414 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (8414), with no line terminators Size: 8414 Md5: e8d8b9129babd714cca17d25abf71ad4 Sha1: 7f16913bb726daa1e041311b8a59afde1afeeb53 Sha256: 70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d
GET /availability/pdp?productCode=9780226543178 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: www.ark.no/availability/pdp?productCode=9780226543178 FQDN: www.ark.no IP: 88.151.167.196 HASH: 0c6cf5aec64255cb7a68dd18fdd3d74fbdf8e17f0b57163d6a56cc51c4051c66 88.151.167.196 HTTP/1.1 200 Content-Type: application/json;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:38 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Language: no Expires: Sun, 27 Nov 2022 02:21:38 GMT Cache-Control: max-age=600 X-Cache-Status: MISS Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly --- Additional Info --- Magic: JSON data\012- , Unicode text, UTF-8 text, with very long lines (2239) Size: 891 Md5: 2f4045c27a0414f6eb6d0850d0b07ae3 Sha1: 4260241f2f4823e436ffe4c3d80a612ab0610a40 Sha256: 0c6cf5aec64255cb7a68dd18fdd3d74fbdf8e17f0b57163d6a56cc51c4051c66
OPTIONS /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1 Host: arkanbefaler.sannsyn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: PUT Access-Control-Request-Headers: x-ssasid Referer: https://www.ark.no/ Origin: https://www.ark.no Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecomme (...) FQDN: arkanbefaler.sannsyn.com IP: 31.169.51.140 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.169.51.140 HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 0 Connection: keep-alive Vary: Origin Access-Control-Max-Age: 2678400 Access-Control-Allow-Origin: https://www.ark.no Access-Control-Allow-Headers: x-ssasid Access-Control-Allow-Methods: PUT Access-Control-Allow-Credentials: true --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1 Host: arkanbefaler.sannsyn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-ssasid Referer: https://www.ark.no/ Origin: https://www.ark.no Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonym (...) FQDN: arkanbefaler.sannsyn.com IP: 31.169.51.140 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 31.169.51.140 HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 0 Connection: keep-alive Vary: Origin Access-Control-Max-Age: 2678400 Access-Control-Allow-Origin: https://www.ark.no Access-Control-Allow-Headers: x-ssasid Access-Control-Allow-Methods: GET Access-Control-Allow-Credentials: true --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1 Host: arkanbefaler.sannsyn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381 Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: arkanbefaler.sannsyn.com/jsrecapi/1.0/update/ark/anonym (...) FQDN: arkanbefaler.sannsyn.com IP: 31.169.51.140 HASH: 6daceca4f48edfe3ad59017d91d992780701c48ecd8ced756786dbe43672756c 31.169.51.140 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 112 Connection: keep-alive Vary: Origin,Accept-Encoding X-Roll: https://bit.ly/IqT6zt Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly X-Robots-Tag: none Cache-Control: no-cache Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Content-Encoding: gzip X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Access-Control-Allow-Origin: https://www.ark.no Access-Control-Allow-Credentials: true X-Permitted-Cross-Domain-Policies: master-only --- Additional Info --- Magic: ASCII text, with no line terminators Size: 112 Md5: bfecd897f0d45955aacbf3871470a55c Sha1: afe50e942444b4afd7f02ec661e2a57d8d1bfbd0 Sha256: 6daceca4f48edfe3ad59017d91d992780701c48ecd8ced756786dbe43672756c
PUT /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1 Host: arkanbefaler.sannsyn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381 Content-Type: text/plain;charset=UTF-8 Content-Length: 31 Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: arkanbefaler.sannsyn.com/ajaxrecapi/1.0/compoundrecomme (...) FQDN: arkanbefaler.sannsyn.com IP: 31.169.51.140 HASH: 514d64a22455748eea207c4acda8e17829e42d70d62b6b02cc31d9c69d734df6 31.169.51.140 HTTP/1.1 200 OK Content-Type: application/json Server: nginx Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 644 Connection: keep-alive Vary: Origin,Accept-Encoding X-Roll: https://bit.ly/IqT6zt Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly X-Robots-Tag: none Cache-Control: no-cache Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Content-Encoding: gzip X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Access-Control-Allow-Origin: https://www.ark.no Access-Control-Allow-Credentials: true X-Permitted-Cross-Domain-Policies: master-only --- Additional Info --- Magic: JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (2112), with no line terminators Size: 644 Md5: 1c746910a313ee5559492f412ed71a86 Sha1: 9c5963e7030054dddc78f23465215b026f5c794e Sha256: 514d64a22455748eea207c4acda8e17829e42d70d62b6b02cc31d9c69d734df6
GET /_ui/responsive/common/images/vipps-hurtigkasse.png HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/_ui/responsive/common/images/vipps-hurtigkas (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: c9c6c68525f916981a25c4b1b58625d5c56e62a3c16f038f85a8cff9cbec0a32 88.151.167.196 HTTP/1.1 200 Content-Type: image/png;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:38 GMT Content-Length: 28119 X-Frame-Options: ALLOWALL Cache-Control: max-age=21600 ETag: W/"28119-1668634529048" Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT Expires: Sun, 27 Nov 2022 08:11:38 GMT X-Cache-Status: HIT Accept-Ranges: bytes Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly --- Additional Info --- Magic: PNG image data, 1507 x 200, 8-bit/color RGBA, interlaced\012- data Size: 28119 Md5: 20763c896b5e9d795b71ab8282e5060f Sha1: 335fa1f43ef3427bbf77eb8ae6730d8f647c8e03 Sha256: c9c6c68525f916981a25c4b1b58625d5c56e62a3c16f038f85a8cff9cbec0a32
GET /boker/productCacheSensitiveDetails?productCode=9780226543178 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: www.ark.no/boker/productCacheSensitiveDetails?productCo (...) FQDN: www.ark.no IP: 88.151.167.196 HASH: 3a6936dafa790349fe3ab4f1fc781e8f189f9fa242357a41297ac8323c4c2985 88.151.167.196 HTTP/1.1 200 Content-Type: application/json;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:38 GMT Transfer-Encoding: chunked Vary: Accept-Encoding X-Frame-Options: ALLOWALL Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Language: no X-Cache-Status: MISS Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1334), with no line terminators Size: 634 Md5: c5bec405abedb3d6a9c7c8df26281569 Sha1: 1eab051eee859cdab002e34dc0cd3b97e379b185 Sha256: 3a6936dafa790349fe3ab4f1fc781e8f189f9fa242357a41297ac8323c4c2985
GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1 Host: wapi.lipscore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: wapi.lipscore.com/initial_data/products/show?api_key=6a (...) FQDN: wapi.lipscore.com IP: 151.101.86.217 HASH: f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6 151.101.86.217 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: Cowboy access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE access-control-expose-headers: X-Pagination access-control-max-age: 86400 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff access-control-allow-credentials: true access-control-allow-headers: X-Http-Method-Override cache-control: public, no-cache x-pagination: {"reviews":{"total_pages":0,"page":1}} x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f x-runtime: 0.058221 via: 1.1 vegur, 1.1 varnish accept-ranges: bytes date: Sun, 27 Nov 2022 02:11:38 GMT age: 0 x-served-by: cache-bma1632-BMA x-cache: MISS x-cache-hits: 1 x-timer: S1669515098.414892,VS0,VE107 vary: Origin access-control-allow-origin: https://www.ark.no content-length: 101 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 101 Md5: db7f725cadb8e5989af1f1d717404307 Sha1: 9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b Sha256: f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6
GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1 Host: wapi.lipscore.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: wapi.lipscore.com/initial_data/products/show?api_key=6a (...) FQDN: wapi.lipscore.com IP: 151.101.86.217 HASH: f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6 151.101.86.217 HTTP/2 200 OK content-type: application/json; charset=utf-8 server: Cowboy access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE access-control-expose-headers: X-Pagination access-control-max-age: 86400 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff access-control-allow-credentials: true access-control-allow-headers: X-Http-Method-Override cache-control: public, no-cache x-pagination: {"reviews":{"total_pages":0,"page":1}} x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f x-runtime: 0.058221 via: 1.1 vegur, 1.1 varnish accept-ranges: bytes date: Sun, 27 Nov 2022 02:11:38 GMT age: 0 x-served-by: cache-bma1632-BMA x-cache: HIT x-cache-hits: 1 x-timer: S1669515098.423636,VS0,VE99 vary: Origin access-control-allow-origin: https://www.ark.no content-length: 101 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 101 Md5: db7f725cadb8e5989af1f1d717404307 Sha1: 9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b Sha256: f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6
POST /g/collect?v=2&tid=G-7BNLJ6Y01L&gtm=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-7BNLJ6 (...) FQDN: region1.google-analytics.com IP: 216.239.32.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.32.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://www.ark.no date: Sun, 27 Nov 2022 02:11:38 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wro/ark_responsive.js?_=1669213137557 HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.ark.no/wro/ark_responsive.js?_=1669213137557 FQDN: www.ark.no IP: 88.151.167.196 HASH: 294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890 88.151.167.196 HTTP/1.1 200 Content-Type: text/javascript;charset=UTF-8 Server: nginx Date: Sun, 27 Nov 2022 02:11:37 GMT Transfer-Encoding: chunked Vary: Accept-Encoding cache-control: public, max-age=315360000 expires: Thu, 23 Nov 2023 14:21:24 GMT last-modified: Wed, 23 Nov 2022 14:21:24 GMT ETag: W/"2e0c6775a011b33b6c684f176933cc6b57d3e4b7" X-Cache-Status: HIT Content-Encoding: gzip Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info --- Magic: data Size: 472 Md5: a22bc94a1116f343d9c3377cfd4fc5b2 Sha1: b0bad6a620abd0c33a96c32721ad87849da9f9e6 Sha256: 294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://www.ark.no Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 142.251.1.156 HASH: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a 142.251.1.156 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://www.ark.no strict-transport-security: max-age=10886400; includeSubDomains; preload date: Sun, 27 Nov 2022 02:11:38 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 48c0473b7821185d937e685216e2168b Sha1: 3743e47f8a429a5e87b86cb582d78940733d9d2e Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a22bc94a1116f343d9c3377cfd4fc5b2 Sha1: b0bad6a620abd0c33a96c32721ad87849da9f9e6 Sha256: 294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 30f833b25d6e5af2229d9584c6f6cf97 Sha1: ee79c3fa994d53c1d0687ca61353d63cce459e25 Sha256: 1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: f3424fd0abb5ab18be62cd209cb3d3dc Sha1: dbb2a21b12e92c8837c4346b6d052454bb6dffd6 Sha256: e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd= (...) FQDN: www.google.com IP: 142.250.74.164 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.164 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 27 Nov 2022 02:11:38 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1 (...) FQDN: www.google.no IP: 142.250.74.35 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.35 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 27 Nov 2022 02:11:38 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e922b25acaba2d7f8921ebe973a4b261 Sha1: 5dd4c237c84a652cbcf3db163529f3788ceafc46 Sha256: a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 27 Nov 2022 02:11:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: f3424fd0abb5ab18be62cd209cb3d3dc Sha1: dbb2a21b12e92c8837c4346b6d052454bb6dffd6 Sha256: e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
GET /kp/lib/v1/api.js HTTP/1.1 Host: x.klarnacdn.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: x.klarnacdn.net/kp/lib/v1/api.js FQDN: x.klarnacdn.net IP: 54.230.111.46 54.230.111.46 HTTP/2 200 OK content-type: application/javascript x-amz-replication-status: COMPLETED last-modified: Tue, 22 Nov 2022 12:01:20 GMT x-amz-meta-lib-version: v1.10.0-1307-g5f8bf053 x-amz-meta-app-version: v1.0.0-23020-g6893d6d595 x-amz-version-id: zF1d_PccBEnyMwLtOFNVYxlIfvx1vlpl server: AmazonS3 content-encoding: gzip date: Sun, 27 Nov 2022 02:11:37 GMT cache-control: public, max-age=600 etag: W/"11c28d9a39da58009bb1e1baab3047f1" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: fGRxqZ6iMeEom5RTw6k0sQktTm6CO1IAxHveYg_keRfhUqlhjvchRQ== X-Firefox-Spdy: h2 --- Additional Info ---
GET /static/header-search.min.js HTTP/1.1 Host: www.ark.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: www.ark.no/static/header-search.min.js FQDN: www.ark.no IP: 88.151.167.196 88.151.167.196 HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Date: Sun, 27 Nov 2022 02:11:37 GMT Accept-Ranges: bytes Cache-Control: public, max-age=0 Content-Encoding: gzip ETag: W/"622bb-184a253d590" Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT Transfer-Encoding: chunked Vary: Accept-Encoding Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly --- Additional Info ---
GET /gtm.js?id=GTM-P3ZPLL HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-P3ZPLL FQDN: www.googletagmanager.com IP: 142.250.74.168 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 27 Nov 2022 02:11:37 GMT expires: Sun, 27 Nov 2022 02:11:37 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 89559 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ark.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Open+Sans:400,300,300it (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 27 Nov 2022 02:11:37 GMT date: Sun, 27 Nov 2022 02:11:37 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3697 

                                        
                                            
Cache-Control: max-age=120073 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:32 GMT 

                                        
                                            
Etag: "6381eaec-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 11:32:45 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT 

                                        
                                            
Server: ECS (ska/F70E) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    15b59d5e62caedb4bec3ba6724906c1e

                                                Sha1:   960f801e608a56fdd11449f4face29f62cad2b21

                                                Sha256: 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 27 Nov 2022 01:19:19 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 3133 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    567df7db606cf5d0871aa5bc9311b6da

                                                Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17

                                                Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:32 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         74.206.228.78

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html;charset=utf-8

                                        

                                        
                                            
Server: nginx/1.18.0 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:32 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text

                                                Size:   249

                                                Md5:    0b9d0491305b5be261051b77b77bbd5f

                                                Sha1:   e62f1b10b390e6a92b1af6d763889e8c9719b0bd

                                                Sha256: 6c98980d917ee292e56b34d23c756c1c4488c19174f189ddef527a24f4145e32

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/

                                         74.206.228.78

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx/1.18.0 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:33 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   114

                                                Md5:    021ffd3b4e081732edb9f2fa096e8ef2

                                                Sha1:   4b0c71d74bf395719f8f91e4903609e37b513046

                                                Sha256: 71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: vAQjSA5Mb7dABT0R8Uvy1Q== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         35.162.142.194

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: lnaZkoMIPOztdATHHyS3kDDojP4= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae HTTP/1.1 

                                        
                                            
Host: q3.quotes.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://firedmeupppzs.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         178.162.151.164

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
connection: close 

                                        
                                            
content-length: 170 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:33 GMT 

                                        
                                            
server: nginx 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators

                                                Size:   170

                                                Md5:    21d72f42feb4f0c92910583f72350a59

                                                Sha1:   7d3444f9a1db6a7acbdab21e9632c6ca9e433057

                                                Sha256: 28e1d374a220029cf5d5938071d2278080631cef09fe5b2dd33256396d2c74f1

                                        
                                            GET /click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d HTTP/1.1 

                                        
                                            
Host: btpnav.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         192.99.158.241

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNetMvc-Version: 5.2 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
Set-Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt; path=/ 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Headers: Content-Type 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:33 GMT 

                                        
                                            
Content-Length: 5470 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators

                                                Size:   5470

                                                Md5:    e02c7857263c70577be459cd78d79458

                                                Sha1:   85117831d9dc8ab92b95ccd12d2c1b6cd72160f7

                                                Sha256: ddd86ffb491931e3de71184007ebe3be0bd84ff393a818245bb5244da78e31db

                                        
                                            GET /zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1 

                                        
                                            
Host: dipaka-ead.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://btpnav.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         3.212.50.125

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/html;charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:34 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET,POST,OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag 

                                        
                                            
Server: kXipAYyj 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   1100

                                                Md5:    91783059f1fe33914c6ce244a2e69e14

                                                Sha1:   4732fdd7686ac6d51020c5a1539a06d896a7b723

                                                Sha256: 84bd2178481065323dee44da690db2921363efe10c362883536f2b4e86f18143

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2340 

                                        
                                            
Expires: Sun, 27 Nov 2022 02:50:34 GMT 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:34 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8584 

                                        
                                            
x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cCKAsGTDIAMFa1w= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: yeEzjiU_qN75issum4uP2zFM3C-DlSfIm728WgTPLvfvUmT0fWf-lA== 

                                        
                                            
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 22:02:07 GMT 

                                        
                                            
age: 14967 

                                        
                                            
etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8584

                                                Md5:    d6328cb630204883d77babc9922075f1

                                                Sha1:   e440f7b94b53b6e7880b26f9653b1b266aae0190

                                                Sha256: b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9073 

                                        
                                            
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: b8JuVHY7IAMFtRg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C3 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ== 

                                        
                                            
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 16:41:41 GMT 

                                        
                                            
age: 34193 

                                        
                                            
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9073

                                                Md5:    ccb536b51f31391c89fb2abe3be6c749

                                                Sha1:   c9a5ab962bfdd174aecd4809d770f0fe305ab8e4

                                                Sha256: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7380 

                                        
                                            
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cOo4iEegIAMFeuQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA== 

                                        
                                            
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 26 Nov 2022 21:50:08 GMT 

                                        
                                            
age: 15686 

                                        
                                            
etag: "97a135335f5b1b042adeb385718f8808cb78528b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7380

                                                Md5:    76c00eceed956377d7469ef58b0815cb

                                                Sha1:   97a135335f5b1b042adeb385718f8808cb78528b

                                                Sha256: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61

                                        
                                            GET /zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 

                                        
                                            
Host: dipaka-ead.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         3.212.50.125

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/html;charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:35 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET,POST,OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag 

                                        
                                            
redirected: JS 

                                        
                                            
Server: QOmeMSPK 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   350

                                                Md5:    d095ed6846f98f495edf201231f48a9f

                                                Sha1:   927469eb6400d68d93c73abac2048e43c0a36f2c

                                                Sha256: 88a7a57b8904544a9bd9b6e165ab2884bdc4ff112fd452af211b3447bda73e34

                                        
                                            GET /s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4 HTTP/1.1 

                                        
                                            
Host: clever-redirect.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dipaka-ead.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         78.46.197.88

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
referrer-policy: no-referrer 

                                        
                                            
x-powered-by: PHP/7.4.27 

                                        
                                            
set-cookie: fde7d8409902205b0ea4c877b43ca40b=f819c981f8d4a4fc68abc2833b2998e329ea2393fb2c7bb5cfdd73e997a8f952a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22fde7d8409902205b0ea4c877b43ca40b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly 

                                        
                                            
content-length: 343 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:35 GMT 

                                        
                                            
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (343), with no line terminators

                                                Size:   343

                                                Md5:    be29a96690d7c112bd1cdf10b8c12cf0

                                                Sha1:   bb43c5f0196d76faa94def56c0ddad270189135b

                                                Sha256: cb4473dd7f16b3b1d00315cf2b5207271b53593b9f3b2c8ccad3ef239d7df417

                                        
                                            GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf HTTP/1.1 

                                        
                                            
Host: lookandfind.me

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         5.9.110.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:35 GMT 

                                        
                                            
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k 

                                        
                                            
X-Powered-By: PHP/8.1.10 

                                        
                                            
Set-Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly 

                                        
                                            
Referrer-Policy: strict-origin-when-cross-origin 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    c1234b292029f73930b3c268fb278c4d

                                                Sha1:   7ee9df2b0fe1a956ce300adeba8cdb3199f726cf

                                                Sha256: 48a4a0112b6901c8412c8841e111a6b5222d318c7e227b6cbd2caa15820b0b4c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "BB6992D0C6858671C529CFC4DC5D7368F7DAC927E3EBED6A402812A007B665D9" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7604 

                                        
                                            
Expires: Sun, 27 Nov 2022 04:18:20 GMT 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    204b24e9ac60abc06a19386cb6571322

                                                Sha1:   dd66f37e6d236ee6b0f7c9b54ef64c715da2942b

                                                Sha256: bb6992d0c6858671c529cfc4dc5d7368f7dac927e3ebed6a402812a007b665d9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: status.thawte.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4711 

                                        
                                            
Cache-Control: max-age=146260 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
Etag: "63824d45-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 18:49:16 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 17:30:45 GMT 

                                        
                                            
Server: ECS (ska/F705) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    42d19e502650716229ee612769e3fc14

                                                Sha1:   2812ab691f84a638f5cbcdf16e7fc606c819acb1

                                                Sha256: c19862f9090eadde6ca024265a2fa6cb1def302c0d00473840738fe63a902fb5

                                        
                                            POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1 

                                        
                                            
Host: no-go.kelkoogroup.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false 

                                        
                                            
Content-Type: text/plain;charset=utf-8 

                                        
                                            
Content-Length: 536 

                                        
                                            
Origin: https://no-go.kelkoogroup.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         95.211.116.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
Request-Time: PT0.002804S 

                                        
                                            
X-Robots-Tag: noindex,nofollow 

                                        
                                            
Referrer-Policy: origin-when-cross-origin 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Permitted-Cross-Domain-Policies: master-only 

                                        
                                            
Content-Length: 0 

                                        
                                            
P3P: CP="Anything" 

                                        
                                            
ApacheTracking: localhost 

                                        
                                            
Keep-Alive: timeout=40, max=98 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /tags.js HTTP/1.1 

                                        
                                            
Host: dd.kelkoogroup.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://no-go.kelkoogroup.net/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-site

                                         54.230.111.104

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript

                                        

                                        
                                            
content-length: 43164 

                                        
                                            
server: Apache 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubDomains; preload 

                                        
                                            
last-modified: Thu, 17 Nov 2022 15:19:16 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront), 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) 

                                        
                                            
date: Sun, 27 Nov 2022 01:20:30 GMT 

                                        
                                            
cache-control: max-age=3600, public 

                                        
                                            
expires: Sun, 27 Nov 2022 02:19:58 GMT 

                                        
                                            
etag: "33bf8-5edac1cc94a7f-gzip" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-pop: FRA60-P2, OSL50-P1 

                                        
                                            
x-amz-cf-id: dkYLkd0Xpu5tIZdyjk5_J0oPF4Eu4YrMd-cDv_QfDhOIgabmsa6j_Q== 

                                        
                                            
age: 3098 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65432)

                                                Size:   43164

                                                Md5:    1e9601b9f2fcd0d1d742e87fd046749c

                                                Sha1:   88431bfdad7d8be4cf62396a57aebcec0de09827

                                                Sha256: 4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb

                                        
                                            GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1 

                                        
                                            
Host: no-go.kelkoogroup.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         95.211.116.27

                                        
                                            HTTP/1.1 303 See Other 

                                        
                                            
Content-Type: text/plain

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191 

                                        
                                            
clickId: 107698111_1669515096213_5564741 

                                        
                                            
country: no 

                                        
                                            
Location: https://track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 

                                        
                                            
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory 

                                        
                                            
X-DataDome: protected 

                                        
                                            
Request-Time: PT0.014161S 

                                        
                                            
X-Robots-Tag: noindex,nofollow 

                                        
                                            
Referrer-Policy: origin-when-cross-origin 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Permitted-Cross-Domain-Policies: master-only 

                                        
                                            
Content-Length: 0 

                                        
                                            
Set-Cookie: datadome=1IOcQZFmcEjZwPyQJ-HPW_dTenvKnz-8rKqxfyACqRx3_Gwi7NI0VlWy6hObFkMrDItN60SdtAaEbw1F04JXA9oZyGwAO2xR1dM5AI~zfDuE7-TTO3~ckKrsh39n1IqU; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure 

                                        
                                            
P3P: CP="Anything" 

                                        
                                            
ApacheTracking: localhost 

                                        
                                            
Keep-Alive: timeout=40, max=94 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: status.geotrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1397 

                                        
                                            
Cache-Control: max-age=163469 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
Etag: "63829d70-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 23:36:05 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 23:12:48 GMT 

                                        
                                            
Server: ECS (ska/F717) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    078b9e6c4a43b802b3509f943a136fd7

                                                Sha1:   149c6045698afe5ac71fb9e58d235413d8fa428e

                                                Sha256: b298255fed758b4cbc6765ad14def8f2088806e1c1d54e72f2d4d8f54de68078

                                        
                                            GET /t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1 

                                        
                                            
Host: track.adtraction.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://no-go.kelkoogroup.net/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.49.53.120

                                        
                                            HTTP/1.1 302

                                        

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-TraceId: 2cb9b664-3f06-493c-badf-fec36f6c2406 

                                        
                                            
Set-Cookie: at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04; Max-Age=94608000; Path=/; Domain=track.adtraction.com; SameSite=None; Secure 

                                        
                                            
Location: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://no-go.kelkoogroup.net/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/html;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Strict-Transport-Security: max-age=31536000 ; includeSubDomains 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Language: no 

                                        
                                            
Cache-Control: public,max-age=10800, private 

                                        
                                            
X-Cache-Status: MISS 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (338), with CRLF, LF line terminators

                                                Size:   35087

                                                Md5:    c1fa6666a3bbbf0c1981573470a3cb7f

                                                Sha1:   3c38ac8a7dc5f7edee204525a6798f2f8d0052f1

                                                Sha256: f807d8749080fb2a629e80357151c7676198874b7dcd5cb568b72a76e13e8ce6

                                        
                                            POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611 HTTP/1.1 

                                        
                                            
Host: www.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://no-go.kelkoogroup.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://no-go.kelkoogroup.net/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0

                                         142.250.74.174

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
access-control-allow-origin: https://no-go.kelkoogroup.net 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 35 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   35

                                                Md5:    28d6814f309ea289f847c69cf91194c6

                                                Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace

                                                Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

                                        
                                            GET /wro/ark_responsive.css?_=1669213137557 HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/css;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:36 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
expires: Thu, 16 Nov 2023 22:11:36 GMT 

                                        
                                            
last-modified: Wed, 16 Nov 2022 22:11:36 GMT 

                                        
                                            
ETag: W/"1dfaaa8129ec8bbbd3deb8cf9c689a583683470" 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (11679)

                                                Size:   351503

                                                Md5:    f0afbbb4d6e93b760006379694d7da13

                                                Sha1:   122ea0da8b680eed0896699238a0307efe347bef

                                                Sha256: 8ca68813ddfdba5be43a7357cbbe1b5a0bd66ade327a0bff6126273b174b1771

                                        
                                            GET /vgu7prb.css HTTP/1.1 

                                        
                                            
Host: use.typekit.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.76.186

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css;charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; 

                                        
                                            
cache-control: private, max-age=600, stale-while-revalidate=604800 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-length: 748 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (516)

                                                Size:   748

                                                Md5:    3453162d92bf8b997d346882fde33714

                                                Sha1:   20cc0e9deece4903bf48252409be7f8e37efd3a3

                                                Sha256: d057627e92229d3b57763859da0b6d3f6f8457b7db60d223279d228ff7b83a6c

                                        
                                            GET /_ui/shared/js/generatedVariables.js HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: application/javascript;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Content-Length: 272 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Cache-Control: max-age=21600 

                                        
                                            
ETag: W/"272-1668636399382" 

                                        
                                            
Last-Modified: Wed, 16 Nov 2022 22:06:39 GMT 

                                        
                                            
Expires: Sun, 27 Nov 2022 08:11:37 GMT 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   272

                                                Md5:    2509fe5a4bc5022a5f08b29a8dc7bf56

                                                Sha1:   ae1575c0593c35fa10ef1f38d7fc3ca87bc87326

                                                Sha256: ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840

                                        
                                            GET /_ui/shared/js/analyticsmediator.js HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: application/javascript;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Cache-Control: max-age=21600 

                                        
                                            
ETag: W/"1099-1668635653873" 

                                        
                                            
Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT 

                                        
                                            
Expires: Sun, 27 Nov 2022 08:11:37 GMT 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   406

                                                Md5:    e9e6515b6d0a979b3cbf1585f5ea8593

                                                Sha1:   019dc45c7d9a25f12a0fd2e55e971f9d91d6923a

                                                Sha256: dce57ddbe6ab1cfbdefd5958949d3a18011279c9819651401327c26cf353884b

                                        
                                            GET /static/header-search.min.css HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: public, max-age=0 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
ETag: W/"e7ec-184a253d590" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (59370)

                                                Size:   11073

                                                Md5:    b374aa6d5ab506a81b333b6a1ac5c959

                                                Sha1:   5a53ec11595b533e6e6a4cf511d1d242042032f5

                                                Sha256: b574fd83f0380206cffb01cad4beed9591d3daa178c58e3df2eb6fc64062c760

                                        
                                            GET /beacon/gyldendal/ark_production/scripts/evergage.min.js HTTP/1.1 

                                        
                                            
Host: cdn.evgnet.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         151.101.128.114

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
x-amz-id-2: faPkUFcnsvGPsNBBeMYEalTXsNaKZdlfdm26+FltH/351NHnj8baSZR4Vx40VSYsvribpgjGB6I= 

                                        
                                            
x-amz-request-id: S19JP7RQBXGHVSQ2 

                                        
                                            
x-amz-replication-status: COMPLETED 

                                        
                                            
last-modified: Sat, 26 Nov 2022 07:43:47 GMT 

                                        
                                            
etag: "39bc0ec486db4097b88063bbf18a0a65" 

                                        
                                            
cache-control: max-age=120 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-amz-meta-evergage-beacon-ver: 16 

                                        
                                            
x-amz-meta-evergage-sum: 96f2de31f3cfc41ead0a6c913ccf85ed130d951a 

                                        
                                            
x-amz-version-id: SjR9IpUexr7lbUtSMflzvSYqFoiv8nqV 

                                        
                                            
server: AmazonS3 

                                        
                                            
via: 1.1 varnish, 1.1 varnish 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
age: 114 

                                        
                                            
x-served-by: cache-iad-kiad7000038-IAD, cache-bma1648-BMA 

                                        
                                            
x-cache: HIT, HIT 

                                        
                                            
x-cache-hits: 50, 1 

                                        
                                            
x-timer: S1669515097.111552,VS0,VE2 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 50013 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (594)

                                                Size:   50013

                                                Md5:    39bc0ec486db4097b88063bbf18a0a65

                                                Sha1:   14fb3dd0ff72962bb028dcbc83f22c1acc9f77be

                                                Sha256: 7fd56328f62e0516c09fe7691225f80baa44fbd46019224172d9a932bc6bcbc5

                                        
                                            GET /wro/addons_responsive.js?_=1669213137557 HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/javascript;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
expires: Thu, 16 Nov 2023 22:11:36 GMT 

                                        
                                            
last-modified: Wed, 16 Nov 2022 22:11:36 GMT 

                                        
                                            
ETag: W/"a38ffc581f14c7c21274979251d7750c976f8bc3" 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (11839)

                                                Size:   55204

                                                Md5:    2db791df263b17f02f3f8fc8f06f4337

                                                Sha1:   ada8a25364bcc1b1599ab300210b4aa47eca4f0b

                                                Sha256: 9da5304bd17271e262e1035f642e811db52dedf663ca9350cf221afe1ff368b5

                                        
                                            GET /medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Cache-Control: public,max-age=31536000 

                                        
                                            
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
content-security-policy: sandbox 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (607)

                                                Size:   713

                                                Md5:    59bea278cf46189e717d7c8d24532688

                                                Sha1:   c322abc6e6291e5ce89103324935099ed4d22659

                                                Sha256: 2bf262cf6bd9b866c2c7a363ca13d02b50c1c5ef10f90e945794b41cf68a0311

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    619fa0039b94697fc8a5bd24f57e8aa2

                                                Sha1:   53a366391a51d625029cc6d32fb4e8b6060990fd

                                                Sha256: dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

                                        
                                            GET /assets/no/lipscore-v1.js HTTP/1.1 

                                        
                                            
Host: static.lipscore.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.230.111.8

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Content-Length: 69216 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Fri, 25 Nov 2022 09:21:17 GMT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Date: Sat, 26 Nov 2022 09:42:00 GMT 

                                        
                                            
ETag: "97e709db0efc7e4edcf01c2a116c6e10" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: 8eaZjazjSEBxBKD1Nsf-32u_ZT-IdQ5yj-TF0D0nzw9k-36zVcSROQ== 

                                        
                                            
Age: 59378 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (589)

                                                Size:   69216

                                                Md5:    97e709db0efc7e4edcf01c2a116c6e10

                                                Sha1:   7509e2a1739bb8bf0d1b43942128a760f4c7e918

                                                Sha256: 9736aad14a6b6460b71f0cbdc9d1f0035cd4c8947029b788450afcf35376a92e

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    0ee1d1a60ec1770ec3e880a25c257f5d

                                                Sha1:   015b05feff63bdcf8fae4d1a8c0c83c923a2ca67

                                                Sha256: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

                                        
                                            GET /_ui/responsive/common/images/basket.svg HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: image/svg+xml;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Cache-Control: max-age=21600 

                                        
                                            
ETag: W/"1586-1668636417967" 

                                        
                                            
Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT 

                                        
                                            
Expires: Sun, 27 Nov 2022 08:11:37 GMT 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1585)

                                                Size:   594

                                                Md5:    9138a81597c7a7be51c2c04a23f55d48

                                                Sha1:   e38874fa64494f77be7bedfafd07ec8e6a597cd4

                                                Sha256: 797706ae7c9eaf6990b12849249aa0315b75183818d7a5f0a7b5e1b9a18c8ce8

                                        
                                            GET /_ui/responsive/common/images/heart.svg HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: image/svg+xml;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
ntCoent-Length: 810 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Cache-Control: max-age=21600 

                                        
                                            
ETag: W/"810-1668634529034" 

                                        
                                            
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT 

                                        
                                            
Expires: Sun, 27 Nov 2022 08:11:37 GMT 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 485 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810), with no line terminators

                                                Size:   485

                                                Md5:    bf6c87810144048478a4af1e7036172e

                                                Sha1:   1df92e763e945e02c10a65ab7ff4dd2d2a8326b8

                                                Sha256: 3db00c85a23dc9c933ba41c66ea40b54a117378940f2f50ed07e4c1e8e85e358

                                        
                                            GET /2020/click_and_collect_icon_pdp.png HTTP/1.1 

                                        
                                            
Host: arkcms.s3-eu-west-1.amazonaws.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         52.218.88.224

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
x-amz-id-2: R5xHVfc6Jmit1KfUYFZDKEerCXW7fJwV911TLdLTGNNPMGhd/Vj7tENvunndd3l+PNQQ9XvDhKM= 

                                        
                                            
x-amz-request-id: WM1JG975W1K2M8ME 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Last-Modified: Wed, 09 Dec 2020 10:28:47 GMT 

                                        
                                            
ETag: "ae12c3709e57f42d625e8c0e5bbd65ff" 

                                        
                                            
x-amz-meta-cb-modifiedtime: Wed, 09 Dec 2020 10:28:18 GMT 

                                        
                                            
x-amz-version-id: rcTJgyMvadfkuGRJwZxwntujgFgIeUke 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 579 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   579

                                                Md5:    ae12c3709e57f42d625e8c0e5bbd65ff

                                                Sha1:   4da0f6b488bce010ef84fb38a488814ba8b41cc2

                                                Sha256: 6aaec1fe9381c3deb009111c81a4e4c599b1b3fdbb346ab0412c850d00b82603

                                        
                                            GET /_ui/responsive/common/images/spinner.gif HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: image/gif;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Content-Length: 1101 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Cache-Control: max-age=21600 

                                        
                                            
ETag: W/"1101-1668634529044" 

                                        
                                            
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT 

                                        
                                            
Expires: Sun, 27 Nov 2022 08:11:37 GMT 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   1101

                                                Md5:    5ce7976b7df2fc004edd0514e74c912f

                                                Sha1:   8e274e6894bfa048d740598ad9dc347c843b53e8

                                                Sha256: cc059971515e77a7ff8e6771b1bfdf11c39370ad399c85ae151e620f79ff6ea1

                                        
                                            GET /rc/35408/scripts/s.js HTTP/1.1 

                                        
                                            
Host: d2df291ti5v5sq.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.230.111.49

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
content-length: 17 

                                        
                                            
date: Sat, 26 Nov 2022 02:21:01 GMT 

                                        
                                            
last-modified: Tue, 04 Oct 2022 12:17:09 GMT 

                                        
                                            
etag: "a33a21825ee0bbfbd37c7f17465ee58b" 

                                        
                                            
x-amz-meta-version: -1 

                                        
                                            
x-amz-meta-previous: rc/35408/scripts/s-1664885824.js 

                                        
                                            
x-amz-meta-blankedout: true 

                                        
                                            
x-amz-meta-deployeddate: 2022-10-04 12:17:04 

                                        
                                            
x-amz-meta-invalidationid: I32KDJXI400N4D 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: Fok3Qj4e7WGRAf9HyzgkGwmZoT8g7R7kvwleuEAStNinI1O_BCNGfg== 

                                        
                                            
age: 85837 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   17

                                                Md5:    a33a21825ee0bbfbd37c7f17465ee58b

                                                Sha1:   0a1cea8a83e1df552650c210cc03ec629839dc1a

                                                Sha256: 0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=154710 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Etag: "638271f1-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 21:10:07 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 20:07:13 GMT 

                                        
                                            
Server: ECS (bsa/EB17) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: gmWJR-Tita-wP-QDHjjS_BrmTTE3uX9kKIs-LXp4IHVfTmL08s_grg== 

                                        
                                            
Age: 3774 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    b967106f3fa216e144d901203204b3b8

                                                Sha1:   e3e51dd036cc513690c8248c638bd71707548ee9

                                                Sha256: 8d8650abacabb9cde08eabb6326ed35756090fa4d77d4d44060b73e6af31ae3d

                                        
                                            GET /8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false HTTP/1.1 

                                        
                                            
Host: consent.cookiebot.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.84.152.64

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
cache-control: private, max-age=1200 

                                        
                                            
content-encoding: gzip 

                                        
                                            
last-modified: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef 

                                        
                                            
access-control-expose-headers: Request-Context 

                                        
                                            
content-length: 59843 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65499)

                                                Size:   59843

                                                Md5:    7436aa0eae55cff68d222f7c93841936

                                                Sha1:   b23b07beca0a9cde7d3e882bcb55f5327f3ebb49

                                                Sha256: 29c946240c2fb857034d9cf18349ba5efd809b6cca05b1763a7c0dcc790789e1

                                        
                                            GET /iged132l.js HTTP/1.1 

                                        
                                            
Host: d81mfvml8p5ml.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.42.86

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
content-length: 0 

                                        
                                            
last-modified: Mon, 19 Aug 2019 10:24:46 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
cache-control: max-age=600 

                                        
                                            
etag: "d41d8cd98f00b204e9800998ecf8427e" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
alt-svc: h3=":443"; ma=86400 

                                        
                                            
x-amz-cf-id: wmUo18jW6YiVixePFPQVyn3RzayLXaBqortCtBANAlE6917Sq0ZcGw== 

                                        
                                            
age: 277 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=159869 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Etag: "63828e0b-1d7" 

                                        
                                            
Expires: Mon, 28 Nov 2022 22:36:07 GMT 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 22:07:07 GMT 

                                        
                                            
Server: ECS (dcb/7F14) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: zx6P2A-CHPR5TrFMf8bnwXUbnMXwb77v05P5KIcB1aI2sq_ABXtgHQ== 

                                        
                                            
Age: 1740 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    425f07b8f307197c46e95ccff387c113

                                                Sha1:   b1b40dc823e78f05088972064a4e7f51d0806cad

                                                Sha256: d0546bd03ec73e190f947699b0c10bf1a1f2b7c5610d1267456ca6fffbb584c0

                                        
                                            GET /9780226543178/img/0 HTTP/1.1 

                                        
                                            
Host: dj4fsg3e1je59.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.42.104

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Content-Length: 129797 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:39 GMT 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT 

                                        
                                            
ETag: "5035c9db58868e24a8e20e1afa1cebdc" 

                                        
                                            
Cache-Control: max-age=604800 

                                        
                                            
x-amz-version-id: null 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: iYElR33T0vz-gRxX1F6WgCdqotEHan5P9DCs9PAUMd0JoEmLgbiCmQ== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 426x640, components 3\012- data

                                                Size:   129797

                                                Md5:    5035c9db58868e24a8e20e1afa1cebdc

                                                Sha1:   29daedbf86b1f2487ab3aa0c6fc32d88857c86e4

                                                Sha256: 9d24d2a713c9b8c28dbfec01d2f3c81dd01278853d93e88830aee2a58aa9bdae

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT 

                                        
                                            
Expires: Sat, 03 Dec 2022 12:28:29 GMT 

                                        
                                            
Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6" 

                                        
                                            
Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb2 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 770755930e7bb527-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    404c846bf9cbbe0ac7d69a1db047e258

                                                Sha1:   cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6

                                                Sha256: 6524e600e30ce6642a5a2ce207523a35358c8802d33a25d150d188334e345125

                                        
                                            GET /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1 

                                        
                                            
Host: arkanbefaler.sannsyn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
x-ssasid: undefined 

                                        
                                            
Origin: https://www.ark.no 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.169.51.140

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Content-Length: 2114 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Origin,Accept-Encoding 

                                        
                                            
X-Roll: https://bit.ly/IqT6zt 

                                        
                                            
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly 

                                        
                                            
X-Robots-Tag: none 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Access-Control-Allow-Origin: https://www.ark.no 

                                        
                                            
Access-Control-Allow-Credentials: true 

                                        
                                            
X-Permitted-Cross-Domain-Policies: master-only 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (5774), with no line terminators

                                                Size:   2114

                                                Md5:    fe0d2046777bffcdf62cf81b73a6bc14

                                                Sha1:   b2f64b5fe301bceb77864767c7847e2d594b548e

                                                Sha256: 23fd6190610ad846e5a02bc487f55720036cbcc6cdc76c4371bf6f0d53a5c4fb

                                        
                                            POST /msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true HTTP/1.1 

                                        
                                            
Host: gyldendal.germany-2.evergage.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://www.ark.no 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         3.127.112.93

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
set-cookie: AWSALB=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/
AWSALBCORS=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure 

                                        
                                            
access-control-allow-origin: https://www.ark.no 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1 

                                        
                                            
Host: wapi.lipscore.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/javascript, */*; q=0.01 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.ark.no 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         151.101.86.217

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
server: Cowboy 

                                        
                                            
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE 

                                        
                                            
access-control-expose-headers: X-Pagination 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: X-Http-Method-Override 

                                        
                                            
cache-control: public, no-cache 

                                        
                                            
x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3 

                                        
                                            
x-runtime: 0.019999 

                                        
                                            
via: 1.1 vegur, 1.1 varnish 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
age: 435586 

                                        
                                            
x-served-by: cache-bma1632-BMA 

                                        
                                            
x-cache: HIT 

                                        
                                            
x-cache-hits: 1128 

                                        
                                            
x-timer: S1669515098.382350,VS0,VE0 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: https://www.ark.no 

                                        
                                            
content-length: 8414 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (8414), with no line terminators

                                                Size:   8414

                                                Md5:    e8d8b9129babd714cca17d25abf71ad4

                                                Sha1:   7f16913bb726daa1e041311b8a59afde1afeeb53

                                                Sha256: 70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d

                                        
                                            GET /availability/pdp?productCode=9780226543178 HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: application/json;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Strict-Transport-Security: max-age=31536000 ; includeSubDomains 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Language: no 

                                        
                                            
Expires: Sun, 27 Nov 2022 02:21:38 GMT 

                                        
                                            
Cache-Control: max-age=600 

                                        
                                            
X-Cache-Status: MISS 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (2239)

                                                Size:   891

                                                Md5:    2f4045c27a0414f6eb6d0850d0b07ae3

                                                Sha1:   4260241f2f4823e436ffe4c3d80a612ab0610a40

                                                Sha256: 0c6cf5aec64255cb7a68dd18fdd3d74fbdf8e17f0b57163d6a56cc51c4051c66

                                        
                                            OPTIONS /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1 

                                        
                                            
Host: arkanbefaler.sannsyn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: GET 

                                        
                                            
Access-Control-Request-Headers: x-ssasid 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Origin: https://www.ark.no 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.169.51.140

                                        
                                            HTTP/1.1 200 OK

                                        

                                        
                                            
Server: nginx/1.18.0 (Ubuntu) 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Origin 

                                        
                                            
Access-Control-Max-Age: 2678400 

                                        
                                            
Access-Control-Allow-Origin: https://www.ark.no 

                                        
                                            
Access-Control-Allow-Headers: x-ssasid 

                                        
                                            
Access-Control-Allow-Methods: GET 

                                        
                                            
Access-Control-Allow-Credentials: true 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            PUT /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1 

                                        
                                            
Host: arkanbefaler.sannsyn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Content-Length: 31 

                                        
                                            
Origin: https://www.ark.no 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.169.51.140

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Content-Length: 644 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Origin,Accept-Encoding 

                                        
                                            
X-Roll: https://bit.ly/IqT6zt 

                                        
                                            
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure
ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure
ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly 

                                        
                                            
X-Robots-Tag: none 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Access-Control-Allow-Origin: https://www.ark.no 

                                        
                                            
Access-Control-Allow-Credentials: true 

                                        
                                            
X-Permitted-Cross-Domain-Policies: master-only 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (2112), with no line terminators

                                                Size:   644

                                                Md5:    1c746910a313ee5559492f412ed71a86

                                                Sha1:   9c5963e7030054dddc78f23465215b026f5c794e

                                                Sha256: 514d64a22455748eea207c4acda8e17829e42d70d62b6b02cc31d9c69d734df6

                                        
                                            GET /boker/productCacheSensitiveDetails?productCode=9780226543178 HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/javascript, */*; q=0.01 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: application/json;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Frame-Options: ALLOWALL 

                                        
                                            
Cache-Control: no-cache, no-store, max-age=0, must-revalidate 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Expires: 0 

                                        
                                            
Strict-Transport-Security: max-age=31536000 ; includeSubDomains 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Content-Language: no 

                                        
                                            
X-Cache-Status: MISS 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (1334), with no line terminators

                                                Size:   634

                                                Md5:    c5bec405abedb3d6a9c7c8df26281569

                                                Sha1:   1eab051eee859cdab002e34dc0cd3b97e379b185

                                                Sha256: 3a6936dafa790349fe3ab4f1fc781e8f189f9fa242357a41297ac8323c4c2985

                                        
                                            GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1 

                                        
                                            
Host: wapi.lipscore.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/javascript, */*; q=0.01 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.ark.no 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         151.101.86.217

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
server: Cowboy 

                                        
                                            
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE 

                                        
                                            
access-control-expose-headers: X-Pagination 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: X-Http-Method-Override 

                                        
                                            
cache-control: public, no-cache 

                                        
                                            
x-pagination: {"reviews":{"total_pages":0,"page":1}} 

                                        
                                            
x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f 

                                        
                                            
x-runtime: 0.058221 

                                        
                                            
via: 1.1 vegur, 1.1 varnish 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
age: 0 

                                        
                                            
x-served-by: cache-bma1632-BMA 

                                        
                                            
x-cache: HIT 

                                        
                                            
x-cache-hits: 1 

                                        
                                            
x-timer: S1669515098.423636,VS0,VE99 

                                        
                                            
vary: Origin 

                                        
                                            
access-control-allow-origin: https://www.ark.no 

                                        
                                            
content-length: 101 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   101

                                                Md5:    db7f725cadb8e5989af1f1d717404307

                                                Sha1:   9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b

                                                Sha256: f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6

                                        
                                            GET /wro/ark_responsive.js?_=1669213137557 HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/javascript;charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
expires: Thu, 23 Nov 2023 14:21:24 GMT 

                                        
                                            
last-modified: Wed, 23 Nov 2022 14:21:24 GMT 

                                        
                                            
ETag: W/"2e0c6775a011b33b6c684f176933cc6b57d3e4b7" 

                                        
                                            
X-Cache-Status: HIT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    a22bc94a1116f343d9c3377cfd4fc5b2

                                                Sha1:   b0bad6a620abd0c33a96c32721ad87849da9f9e6

                                                Sha256: 294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    a22bc94a1116f343d9c3377cfd4fc5b2

                                                Sha1:   b0bad6a620abd0c33a96c32721ad87849da9f9e6

                                                Sha256: 294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    f3424fd0abb5ab18be62cd209cb3d3dc

                                                Sha1:   dbb2a21b12e92c8837c4346b6d052454bb6dffd6

                                                Sha256: e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1 

                                        
                                            
Host: www.google.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: cafe 

                                        
                                            
content-length: 42 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   42

                                                Md5:    d89746888da2d9510b64a9f031eaecd5

                                                Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a

                                                Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:38 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    f3424fd0abb5ab18be62cd209cb3d3dc

                                                Sha1:   dbb2a21b12e92c8837c4346b6d052454bb6dffd6

                                                Sha256: e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b

                                        
                                            GET /static/header-search.min.js HTTP/1.1 

                                        
                                            
Host: www.ark.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 

                                        
                                            
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         88.151.167.196

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: public, max-age=0 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
ETag: W/"622bb-184a253d590" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.ark.no/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
date: Sun, 27 Nov 2022 02:11:37 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn
IP	173.239.8.164 (United States)
ASN	#27257 WEBAIR-INTERNET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-27 02:11:43 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (47)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 173.239.8.164

Last 5 reports on ASN: WEBAIR-INTERNET

Last 5 reports on domain: firedmeupppzs.com

No other reports with similar screenshot

JavaScript

Executed Scripts (35)

Executed Evals (38)

#1 JavaScript::Eval (size: 115) - SHA256: 99a997d159d337c44af7805bc7eca3ffa61c48c4ae65ada123beb0d11d067ad9

#2 JavaScript::Eval (size: 103) - SHA256: e9412fe4cc0616a76d7d479ed35196856388a352b3825d2657a7c119910fbb36

#3 JavaScript::Eval (size: 118) - SHA256: 38897c85dd500ae03b2e252ccd4063f328ef97dce07ed9ab4a15399a5fb1635c

#4 JavaScript::Eval (size: 102) - SHA256: ba2b023639cae3f661ba4c15866b6180f8b04f4508b3191afeed4a488b9a4b32

#5 JavaScript::Eval (size: 179) - SHA256: aa621fd6b11acad52dd0267f2b6255a607a50455d9f6b9563a6c40147ba431c1

#6 JavaScript::Eval (size: 118) - SHA256: ac06c8a6c7197ccf2af93670eb5274eb0cb48f8ff185669d81f0ffda2d7b8dc2

#7 JavaScript::Eval (size: 118) - SHA256: c645a4590d504efb197324122f165087213b11af7a01b7c8cfc7d0164fc6fa67

#8 JavaScript::Eval (size: 118) - SHA256: 4069306803d60acc8e4a29bce95b55dba6c1ef7665406f47ef1dadbbfded4940

#9 JavaScript::Eval (size: 102) - SHA256: 9d7357ccee4065707148169d753e7b224d3fd488459ad7ead2132253324f4188

#10 JavaScript::Eval (size: 179) - SHA256: 164addc8f12f21dde8d6970406d5f21ae39be5d540c82ad6dabb4fefb09836a3

#11 JavaScript::Eval (size: 102) - SHA256: dd6580ca69971587c3ad87d4b9b9cea22272f00a3304dbf4c93dcd4b1f55edd8

#12 JavaScript::Eval (size: 1435) - SHA256: 47c5a874d0c80deeae31c74259b5cce522b6b024f71f96d328d81b7fab4bf240

#13 JavaScript::Eval (size: 116) - SHA256: a8dd3775f897127348e06f0fd46fb2a3482e156a2e11eaa7366472832f75bcb7

#14 JavaScript::Eval (size: 103) - SHA256: 7621a08a7d1fa4943acb34e35fac810469d73e0a41405e0afbbb4ed0ced28048

#15 JavaScript::Eval (size: 117) - SHA256: 0908b34d7b43fb6de02d1c322675917e2cf767b0786c8eddaf9d95c2486df44f

#16 JavaScript::Eval (size: 116) - SHA256: 5befed0a3332d8b954972d64699b307b12479cf19e69d0a6e39819cf0a0425fa

#17 JavaScript::Eval (size: 103) - SHA256: c8192b10550361a7af0dbd56ead98d5e4b62acdd0debf9414bf6099adbf165cb

#18 JavaScript::Eval (size: 115) - SHA256: b1d7cf6532bff58e33409f704a622fc8d461c029405b6f9f89b845d827b64983

#19 JavaScript::Eval (size: 101) - SHA256: 7c04f71969d1af2b8db15dc54667f84f2b3efbf63325707a0003fa2f58b50f7b

#20 JavaScript::Eval (size: 102) - SHA256: 878143d03aa077958e9452d4edabba607e312da09668a0a49ad2b9f833e74e53

#21 JavaScript::Eval (size: 1105) - SHA256: 90db4122d97325326bcd1790c6f293ab21a811f3094bdb93091532f124a7fc80

#22 JavaScript::Eval (size: 102) - SHA256: 5f4e54b155ab956f788b9113891f89b1512390108c8def34852498ec00cea12f

#23 JavaScript::Eval (size: 103) - SHA256: 64955a8fd153dc493be763c56c22e600b690dfb773f5036258f1fd48cb837b62

#24 JavaScript::Eval (size: 179) - SHA256: 61bb4267f0eca65dfacc4387ac5b24037207f7868ea24efd5b21fdeaa94f5f0a

#25 JavaScript::Eval (size: 116) - SHA256: 9c502b841ed92208bc695ac9cf16daf1245bd6b3832e69c8f37a071abe4a8041

#26 JavaScript::Eval (size: 118) - SHA256: 6f10c9446e2e240dae00ec07449a8c4db71f90b87276caa2dfceac2406f6df6a

#27 JavaScript::Eval (size: 116) - SHA256: 2626fea2e5bf9c1aa99ddd59fe106a2dfb13f2366fc8c44a3af774283249c8ed

#28 JavaScript::Eval (size: 116) - SHA256: 701f5eb3e07d2a8f4ddd2ef12a89a39596da2c3a6d38566e07625915c1ca058d

#29 JavaScript::Eval (size: 117) - SHA256: 0fae101ba27ce95b2ae17a9c806d8424b0294d6ca171b1f5e0a2088ccda0dafa

#30 JavaScript::Eval (size: 102) - SHA256: 7ab6ea3c60a4ad20d9dc82d800ef4e09d665c14ab73f43310f7b25c4aa642575

#31 JavaScript::Eval (size: 274) - SHA256: 369687b2ddfaa9e481c24b333421f6c8e719c322bcc3dae816a357b0b023c97f

#32 JavaScript::Eval (size: 101) - SHA256: 6d826bbe4866170eef302a56b6c72c266874baa8b9ed28e178e1edfa3220e5fa

#33 JavaScript::Eval (size: 102) - SHA256: c7b593bb511750ffe26dc6d49a32fd7c24e0d8f99c3a85fd5246b8a73764e86e

#34 JavaScript::Eval (size: 103) - SHA256: 400bb15f487be8b2b4f4e441e9393bd692e2efb3ab064c51d4594fb96e7b1e14

#35 JavaScript::Eval (size: 179) - SHA256: c3fd71b96e090af987dba590baaa9be10d2a4412d2c2dc8b4bf5d3b2d0d4c028

#36 JavaScript::Eval (size: 274) - SHA256: 21a036aeb80d23b93867d2d81878fbc9bc48d345f4f825f3ea1bf06dd88479fe

#37 JavaScript::Eval (size: 405) - SHA256: 3037646b0e8bf9185f3f52e1459ca4b55bd872014ee549a10688dc3d77cf2a34

#38 JavaScript::Eval (size: 173) - SHA256: 25dde99d9a3b3b538cf06ffc178df8cc853a7fd0365cc076d8ebcc027641f267

Executed Writes (0)

HTTP Transactions (124)

Network Intrusion Detection Systems