Overview

URLuk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn
IP 173.239.8.164 (United States)
ASN#27257 WEBAIR-INTERNET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-27 02:11:43 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (47)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
arkanbefaler.sannsyn.com (6) 0 2021-01-25 09:27:13 UTC 2022-11-26 08:09:22 UTC 31.169.51.140 Unknown ranking
dipaka-ead.com (2) 0 2022-10-31 13:23:43 UTC 2022-11-26 11:54:09 UTC 3.212.50.125 Unknown ranking
clever-redirect.com (1) 0 2021-02-09 06:24:33 UTC 2022-11-25 20:30:33 UTC 78.46.197.88 Unknown ranking
api-js.datadome.co (1) 8155 2017-10-11 14:14:56 UTC 2020-04-28 12:56:58 UTC 13.51.39.45
d2df291ti5v5sq.cloudfront.net (1) 0 2022-11-25 11:13:38 UTC 2022-11-27 00:04:20 UTC 54.230.111.49 Unknown ranking
gyldendal.germany-2.evergage.com (3) 0 2021-10-21 03:42:10 UTC 2022-11-26 12:20:37 UTC 3.127.112.93 Domain (evergage.com) ranked at: 5016
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
use.typekit.net (2) 494 2012-07-05 01:42:39 UTC 2020-04-03 01:06:02 UTC 23.36.76.186
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-26 08:32:06 UTC 142.251.1.156
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-26 09:58:02 UTC 142.250.74.164
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.162.142.194
q3.quotes.com (2) 0 2022-09-22 21:17:58 UTC 2022-11-25 03:54:45 UTC 178.162.151.164 Domain (quotes.com) ranked at: 251442
btpnav.com (2) 207578 2018-11-21 10:03:33 UTC 2022-11-26 05:49:07 UTC 192.99.158.241
no-go.kelkoogroup.net (5) 0 No data No data 95.211.116.27 Domain (kelkoogroup.net) ranked at: 79339
p.typekit.net (1) 620 2012-05-23 14:28:57 UTC 2020-04-17 00:28:35 UTC 23.36.76.186
arkcms.s3-eu-west-1.amazonaws.com (1) 0 No data No data 52.218.88.224 Unknown ranking
r3.o.lencr.org (8) 344 No data No data 23.36.76.226
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
status.geotrust.com (1) 3662 2018-06-23 22:14:44 UTC 2020-01-21 11:48:52 UTC 93.184.220.29
www.ark.no (24) 359147 2012-06-22 09:16:45 UTC 2022-11-26 12:20:36 UTC 88.151.167.196
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-26 11:34:11 UTC 142.250.74.174
dj4fsg3e1je59.cloudfront.net (2) 0 2017-02-20 23:16:22 UTC 2022-11-26 08:09:21 UTC 143.204.42.104 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-26 05:33:16 UTC 34.117.237.239
firedmeupppzs.com (1) 0 2018-06-16 07:03:50 UTC 2022-11-26 01:36:31 UTC 173.239.5.6 Unknown ranking
api.yadore.com (1) 591567 2019-01-11 04:50:54 UTC 2022-11-25 20:30:18 UTC 88.99.112.2
dd.kelkoogroup.net (1) 0 No data No data 54.230.111.104 Domain (kelkoogroup.net) ranked at: 79339
static.lipscore.com (2) 483894 2015-01-29 15:18:57 UTC 2020-04-10 07:44:17 UTC 54.230.111.8
ocsp.sca1b.amazontrust.com (4) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
wapi.lipscore.com (5) 318267 2018-06-16 06:17:58 UTC 2020-05-05 04:45:05 UTC 151.101.86.217
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-26 08:39:14 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
lookandfind.me (2) 35702 2021-03-08 12:58:51 UTC 2022-11-25 20:30:18 UTC 5.9.110.29
ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2021-11-02 18:02:09 UTC 104.18.32.68
ocsp.pki.goog (10) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
cdn.evgnet.com (1) 5695 2017-08-31 07:06:40 UTC 2022-11-26 09:17:38 UTC 151.101.128.114
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-26 07:22:52 UTC 142.250.74.10
x.klarnacdn.net (1) 8025 2018-10-18 16:58:49 UTC 2020-05-05 14:42:40 UTC 54.230.111.46
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-26 11:26:18 UTC 142.250.74.168
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-26 05:33:20 UTC 34.102.187.140
uk.userwww.pcukhgdn8yr.firedmeupppzs.com (3) 0 2019-03-06 22:43:01 UTC 2022-11-27 01:12:54 UTC 74.206.228.78 Unknown ranking
track.adtraction.com (1) 515547 2013-09-27 09:04:50 UTC 2022-11-26 23:20:02 UTC 13.49.53.120
consentcdn.cookiebot.com (1) 5676 2018-08-24 08:23:12 UTC 2020-04-29 13:34:01 UTC 104.110.3.72
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-26 06:57:52 UTC 142.250.74.35
status.thawte.com (1) 5123 2019-03-13 17:00:46 UTC 2020-04-10 08:00:21 UTC 93.184.220.29
consent.cookiebot.com (2) 4972 2014-02-26 14:48:42 UTC 2020-04-13 13:32:03 UTC 104.84.152.64
d81mfvml8p5ml.cloudfront.net (1) 0 2022-10-28 14:49:01 UTC 2022-11-26 15:22:16 UTC 143.204.42.86 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-27 2 uk.userwww.pcukhgdn8yr.firedmeupppzs.com/fzn Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 173.239.8.164
Date UQ / IDS / BL URL IP
2023-02-05 09:12:36 +0000 0 - 1 - 3 productmusics.com/ru53332/AEKm6V6TUwAAtBECAFV (...) 173.239.8.164
2023-02-04 21:35:30 +0000 0 - 2 - 2 c1.applicationgrabb.com/?step_id=1&installer_ (...) 173.239.8.164
2023-02-04 02:56:33 +0000 0 - 1 - 3 mirrorlessconx.com/wp-includes/val/Validate/5 (...) 173.239.8.164
2023-02-03 22:10:08 +0000 0 - 2 - 1 c2.applicationgrabb.com/?step_id=1&installer_ (...) 173.239.8.164
2023-02-03 12:46:05 +0000 0 - 1 - 3 onlinenetflix-account101.com/Netflix_Letter1.zip 173.239.8.164


Last 5 reports on ASN: WEBAIR-INTERNET
Date UQ / IDS / BL URL IP
2023-02-05 10:32:54 +0000 0 - 1 - 4 solcidesemboisomesdejulio.com/ 173.239.5.6
2023-02-05 09:12:36 +0000 0 - 1 - 3 productmusics.com/ru53332/AEKm6V6TUwAAtBECAFV (...) 173.239.8.164
2023-02-05 08:53:06 +0000 0 - 2 - 0 c1.applicationgrabb.com/?step_id=1&installer_ (...) 74.206.228.78
2023-02-05 05:50:16 +0000 0 - 1 - 1 verify.facebook.com-------mobile---read---new (...) 173.239.5.6
2023-02-05 01:10:28 +0000 0 - 2 - 1 c1.applicationgrabb.com/?step_id=1&installer_ (...) 173.239.5.6


Last 5 reports on domain: firedmeupppzs.com
Date UQ / IDS / BL URL IP
2023-01-04 01:09:15 +0000 0 - 1 - 2 uk.userwww.pcukhgdn8yr.firedmeupppzs.com/hbb 74.206.228.78
2022-12-29 02:01:03 +0000 0 - 1 - 3 uk.userwww.pcukhgdn8yr.firedmeupppzs.com/it 173.239.8.164
2022-12-02 01:52:59 +0000 0 - 0 - 2 uk.userwww.pcukhgdn8yr.firedmeupppzs.com/557 173.239.5.6
2022-11-28 02:50:52 +0000 0 - 0 - 3 co.uk.userwww.pcukhgdn8yr.firedmeupppzs.com/pjj 173.239.5.6
2022-11-28 01:36:16 +0000 0 - 0 - 4 firedmeupppzs.com/index.html 173.239.8.164


No other reports with similar screenshot

JavaScript

Executed Scripts (35)

Executed Evals (38)
#1 JavaScript::Eval (size: 115) - SHA256: 99a997d159d337c44af7805bc7eca3ffa61c48c4ae65ada123beb0d11d067ad9
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(7).closest(".aa-Products").attributes["class"].value
})();
#2 JavaScript::Eval (size: 103) - SHA256: e9412fe4cc0616a76d7d479ed35196856388a352b3825d2657a7c119910fbb36
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(13).indexOf("statistics:true") ? !0 : !1
})();
#3 JavaScript::Eval (size: 118) - SHA256: 38897c85dd500ae03b2e252ccd4063f328ef97dce07ed9ab4a15399a5fb1635c
(function() {
    try {
        return google_tag_manager["GTM-P3ZPLL"].macro(15).closest("div.clickandcollect") ? !0 : !1
    } catch (a) {}
})();
#4 JavaScript::Eval (size: 102) - SHA256: ba2b023639cae3f661ba4c15866b6180f8b04f4508b3191afeed4a488b9a4b32
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(17).indexOf("marketing:true") ? !0 : !1
})();
#5 JavaScript::Eval (size: 179) - SHA256: aa621fd6b11acad52dd0267f2b6255a607a50455d9f6b9563a6c40147ba431c1
(function() {
    if (google_tag_manager["GTM-P3ZPLL"].macro(38)) return 0 == google_tag_manager["GTM-P3ZPLL"].macro(39).trim().indexOf("0 result", 0) ? "0 results" : "without autocomplete"
})();
#6 JavaScript::Eval (size: 118) - SHA256: ac06c8a6c7197ccf2af93670eb5274eb0cb48f8ff185669d81f0ffda2d7b8dc2
(function() {
    try {
        return google_tag_manager["GTM-P3ZPLL"].macro(57).closest("div.clickandcollect") ? !0 : !1
    } catch (a) {}
})();
#7 JavaScript::Eval (size: 118) - SHA256: c645a4590d504efb197324122f165087213b11af7a01b7c8cfc7d0164fc6fa67
(function() {
    try {
        return google_tag_manager["GTM-P3ZPLL"].macro(10).closest("div.clickandcollect") ? !0 : !1
    } catch (a) {}
})();
#8 JavaScript::Eval (size: 118) - SHA256: 4069306803d60acc8e4a29bce95b55dba6c1ef7665406f47ef1dadbbfded4940
(function() {
    try {
        return google_tag_manager["GTM-P3ZPLL"].macro(33).closest("div.clickandcollect") ? !0 : !1
    } catch (a) {}
})();
#9 JavaScript::Eval (size: 102) - SHA256: 9d7357ccee4065707148169d753e7b224d3fd488459ad7ead2132253324f4188
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(59).indexOf("marketing:true") ? !0 : !1
})();
#10 JavaScript::Eval (size: 179) - SHA256: 164addc8f12f21dde8d6970406d5f21ae39be5d540c82ad6dabb4fefb09836a3
(function() {
    if (google_tag_manager["GTM-P3ZPLL"].macro(63)) return 0 == google_tag_manager["GTM-P3ZPLL"].macro(64).trim().indexOf("0 result", 0) ? "0 results" : "without autocomplete"
})();
#11 JavaScript::Eval (size: 102) - SHA256: dd6580ca69971587c3ad87d4b9b9cea22272f00a3304dbf4c93dcd4b1f55edd8
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(12).indexOf("marketing:true") ? !0 : !1
})();
#12 JavaScript::Eval (size: 1435) - SHA256: 47c5a874d0c80deeae31c74259b5cce522b6b024f71f96d328d81b7fab4bf240
(function() {
    var b = [];
    if ("productClick" === google_tag_manager["GTM-P3ZPLL"].macro(19)) return google_tag_manager["GTM-P3ZPLL"].macro(20).click.products.map(function(a) {
        b.push({
            item_name: a.name,
            item_id: a.id,
            index: a.position,
            quantity: a.quantity,
            price: a.price
        })
    }), b;
    if ("detailView" === google_tag_manager["GTM-P3ZPLL"].macro(21)) return google_tag_manager["GTM-P3ZPLL"].macro(22).detail.products.map(function(a) {
        b.push({
            item_name: a.name,
            item_id: a.id,
            price: a.price
        })
    }), b;
    if ("addToCart" === google_tag_manager["GTM-P3ZPLL"].macro(23)) return google_tag_manager["GTM-P3ZPLL"].macro(24).add.products.map(function(a) {
        b.push({
            item_name: a.name,
            item_id: a.id,
            index: a.position,
            quantity: a.quantity,
            price: a.price
        })
    }), b;
    if ("removeFromCart" === google_tag_manager["GTM-P3ZPLL"].macro(25)) return google_tag_manager["GTM-P3ZPLL"].macro(26).remove.products.map(function(a) {
        b.push({
            item_name: a.name,
            item_id: a.id,
            quantity: a.quantity,
            price: a.price
        })
    }), b;
    if ("checkout" === google_tag_manager["GTM-P3ZPLL"].macro(27)) return google_tag_manager["GTM-P3ZPLL"].macro(28).checkout.products.map(function(a) {
        b.push({
            item_name: a.name,
            item_id: a.id,
            quantity: a.quantity,
            price: a.price
        })
    }), b;
    if ("purchase" === google_tag_manager["GTM-P3ZPLL"].macro(29) || "clickcollectsingle" === google_tag_manager["GTM-P3ZPLL"].macro(30)) return google_tag_manager["GTM-P3ZPLL"].macro(31).purchase.products.map(function(a) {
        b.push({
            item_name: a.name,
            item_id: a.id,
            quantity: a.quantity,
            price: a.price
        })
    }), b
})();
#13 JavaScript::Eval (size: 116) - SHA256: a8dd3775f897127348e06f0fd46fb2a3482e156a2e11eaa7366472832f75bcb7
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(34).closest(".aa-Products").attributes["class"].value
})();
#14 JavaScript::Eval (size: 103) - SHA256: 7621a08a7d1fa4943acb34e35fac810469d73e0a41405e0afbbb4ed0ced28048
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(37).indexOf("statistics:true") ? !0 : !1
})();
#15 JavaScript::Eval (size: 117) - SHA256: 0908b34d7b43fb6de02d1c322675917e2cf767b0786c8eddaf9d95c2486df44f
(function() {
    try {
        return google_tag_manager["GTM-P3ZPLL"].macro(2).closest("div.clickandcollect") ? !0 : !1
    } catch (a) {}
})();
#16 JavaScript::Eval (size: 116) - SHA256: 5befed0a3332d8b954972d64699b307b12479cf19e69d0a6e39819cf0a0425fa
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(16).closest(".aa-Products").attributes["class"].value
})();
#17 JavaScript::Eval (size: 103) - SHA256: c8192b10550361a7af0dbd56ead98d5e4b62acdd0debf9414bf6099adbf165cb
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(55).indexOf("statistics:true") ? !0 : !1
})();
#18 JavaScript::Eval (size: 115) - SHA256: b1d7cf6532bff58e33409f704a622fc8d461c029405b6f9f89b845d827b64983
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(3).closest(".aa-Products").attributes["class"].value
})();
#19 JavaScript::Eval (size: 101) - SHA256: 7c04f71969d1af2b8db15dc54667f84f2b3efbf63325707a0003fa2f58b50f7b
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(4).indexOf("marketing:true") ? !0 : !1
})();
#20 JavaScript::Eval (size: 102) - SHA256: 878143d03aa077958e9452d4edabba607e312da09668a0a49ad2b9f833e74e53
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(5).indexOf("statistics:true") ? !0 : !1
})();
#21 JavaScript::Eval (size: 1105) - SHA256: 90db4122d97325326bcd1790c6f293ab21a811f3094bdb93091532f124a7fc80
(function() {
    function l(a, b) {
        for (var e = 0; e < a.length; e++)
            if (a[e].toLowerCase().includes("*")) {
                if (b.toLowerCase().startsWith(a[e].toLowerCase().slice(0, -1))) return !0
            } else if (b.toLowerCase() == a[e].toLowerCase()) return !0
    }

    function m(a) {
        return [{
            n: "email",
            r: /[a-zA-Z0-9-_.]+(@|%40)[a-zA-Z0-9-_.]+[a-zA-Z]/g
        }, {
            n: "norwegian_id",
            r: /[0-3]{1}[0-9]{1}\d{9}/g
        }].forEach(function(b) {
            a = a.replace(b.r, "[possible_" + b.n + "_removed]")
        }), a
    }
    try {
        var n = "_ga _gcl text dclid gcl* dc_* utm_*".split(" "),
            g = [],
            c = [],
            k = [],
            d = google_tag_manager["GTM-P3ZPLL"].macro(35);
        String.prototype.startsWith || (String.prototype.startsWith = function(a, b) {
            return this.substr(!b || 0 > b ? 0 : +b, a.length) === a
        });
        String.prototype.includes || (String.prototype.includes = function(a, b) {
            "number" !== typeof b && (b = 0);
            return b + a.length > this.length ? !1 : -1 !== this.indexOf(a, b)
        });
        if (-1 < d.indexOf("?")) {
            d = d.split(/\?(.+)/, 2);
            g = d[1].split("\x26");
            for (var h = 0; h < g.length; h++) c = g[h].split("\x3d"), l(n, c[0]) && ("text" === c[0] && (c[1] = m(c[1])), k.push(c.join("\x3d")));
            var f = d[0] + "?" + k.join("\x26");
            "?" === f.slice(-1) ? f =
                f.slice(0, -1) : f;
            return f
        }
        return d
    } catch (a) {
        console.error(a)
    }
})();
#22 JavaScript::Eval (size: 102) - SHA256: 5f4e54b155ab956f788b9113891f89b1512390108c8def34852498ec00cea12f
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(36).indexOf("marketing:true") ? !0 : !1
})();
#23 JavaScript::Eval (size: 103) - SHA256: 64955a8fd153dc493be763c56c22e600b690dfb773f5036258f1fd48cb837b62
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(60).indexOf("statistics:true") ? !0 : !1
})();
#24 JavaScript::Eval (size: 179) - SHA256: 61bb4267f0eca65dfacc4387ac5b24037207f7868ea24efd5b21fdeaa94f5f0a
(function() {
    if (google_tag_manager["GTM-P3ZPLL"].macro(66)) return 0 == google_tag_manager["GTM-P3ZPLL"].macro(67).trim().indexOf("0 result", 0) ? "0 results" : "without autocomplete"
})();
#25 JavaScript::Eval (size: 116) - SHA256: 9c502b841ed92208bc695ac9cf16daf1245bd6b3832e69c8f37a071abe4a8041
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(11).closest(".aa-Products").attributes["class"].value
})();
#26 JavaScript::Eval (size: 118) - SHA256: 6f10c9446e2e240dae00ec07449a8c4db71f90b87276caa2dfceac2406f6df6a
(function() {
    try {
        return google_tag_manager["GTM-P3ZPLL"].macro(52).closest("div.clickandcollect") ? !0 : !1
    } catch (a) {}
})();
#27 JavaScript::Eval (size: 116) - SHA256: 2626fea2e5bf9c1aa99ddd59fe106a2dfb13f2366fc8c44a3af774283249c8ed
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(53).closest(".aa-Products").attributes["class"].value
})();
#28 JavaScript::Eval (size: 116) - SHA256: 701f5eb3e07d2a8f4ddd2ef12a89a39596da2c3a6d38566e07625915c1ca058d
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(58).closest(".aa-Products").attributes["class"].value
})();
#29 JavaScript::Eval (size: 117) - SHA256: 0fae101ba27ce95b2ae17a9c806d8424b0294d6ca171b1f5e0a2088ccda0dafa
(function() {
    try {
        return google_tag_manager["GTM-P3ZPLL"].macro(6).closest("div.clickandcollect") ? !0 : !1
    } catch (a) {}
})();
#30 JavaScript::Eval (size: 102) - SHA256: 7ab6ea3c60a4ad20d9dc82d800ef4e09d665c14ab73f43310f7b25c4aa642575
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(54).indexOf("marketing:true") ? !0 : !1
})();
#31 JavaScript::Eval (size: 274) - SHA256: 369687b2ddfaa9e481c24b333421f6c8e719c322bcc3dae816a357b0b023c97f
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(65) ? function(a) {
        a.set("location", a.get("location") + "\x26searchCategory\x3d" + google_tag_manager["GTM-P3ZPLL"].macro(68));
        a.set("dimension11", a.get("clientId"))
    } : function(a) {
        a.set("dimension11", a.get("clientId"))
    }
})();
#32 JavaScript::Eval (size: 101) - SHA256: 6d826bbe4866170eef302a56b6c72c266874baa8b9ed28e178e1edfa3220e5fa
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(8).indexOf("marketing:true") ? !0 : !1
})();
#33 JavaScript::Eval (size: 102) - SHA256: c7b593bb511750ffe26dc6d49a32fd7c24e0d8f99c3a85fd5246b8a73764e86e
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(9).indexOf("statistics:true") ? !0 : !1
})();
#34 JavaScript::Eval (size: 103) - SHA256: 400bb15f487be8b2b4f4e441e9393bd692e2efb3ab064c51d4594fb96e7b1e14
(function() {
    return -1 !== google_tag_manager["GTM-P3ZPLL"].macro(18).indexOf("statistics:true") ? !0 : !1
})();
#35 JavaScript::Eval (size: 179) - SHA256: c3fd71b96e090af987dba590baaa9be10d2a4412d2c2dc8b4bf5d3b2d0d4c028
(function() {
    if (google_tag_manager["GTM-P3ZPLL"].macro(41)) return 0 == google_tag_manager["GTM-P3ZPLL"].macro(42).trim().indexOf("0 result", 0) ? "0 results" : "without autocomplete"
})();
#36 JavaScript::Eval (size: 274) - SHA256: 21a036aeb80d23b93867d2d81878fbc9bc48d345f4f825f3ea1bf06dd88479fe
(function() {
    return google_tag_manager["GTM-P3ZPLL"].macro(40) ? function(a) {
        a.set("location", a.get("location") + "\x26searchCategory\x3d" + google_tag_manager["GTM-P3ZPLL"].macro(43));
        a.set("dimension11", a.get("clientId"))
    } : function(a) {
        a.set("dimension11", a.get("clientId"))
    }
})();
#37 JavaScript::Eval (size: 405) - SHA256: 3037646b0e8bf9185f3f52e1459ca4b55bd872014ee549a10688dc3d77cf2a34
(function() {
    var a = document.getElementsByClassName("add-to-cart-inventory__status")[0].innerText;
    return -1 !== a.indexOf("P\u00e5 lager") ? "P\u00e5 lager" : -1 !== a.indexOf("Utsolgt") ? "Utsolgt" : -1 !== a.indexOf("Ikke p\u00e5 lager") ? "Midlertidig utsolgt" : -1 !== a.indexOf("I butikk") ? "Kun tilgjengelig for Klikk\x26Hent" : -1 !== a.indexOf("Forh\u00e5ndsbestill") ? "Tilgjengelig for forh\u00e5ndsbestilling" : "not set"
})();
#38 JavaScript::Eval (size: 173) - SHA256: 25dde99d9a3b3b538cf06ffc178df8cc853a7fd0365cc076d8ebcc027641f267
(function() {
    var a = google_tag_manager["GTM-P3ZPLL"].macro(61).detail;
    a.products[0].dimension10 = google_tag_manager["GTM-P3ZPLL"].macro(62);
    return a = {
        ecommerce: {
            detail: a
        }
    }
})();

Executed Writes (0)


HTTP Transactions (124)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4833
Expires: Sun, 27 Nov 2022 03:32:05 GMT
Date: Sun, 27 Nov 2022 02:11:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3697
Cache-Control: max-age=120073
Date: Sun, 27 Nov 2022 02:11:32 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:32:45 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11809
Expires: Sun, 27 Nov 2022 05:28:21 GMT
Date: Sun, 27 Nov 2022 02:11:32 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 01:19:19 GMT
cache-control: public,max-age=3600
age: 3133
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: EVICdxF63kFmunFF0xxvSmv5geUcJYKWX4NQ/nfmUQJ4NdaR3etpxScGFVj3PC9BKvZ7y9aBFaw=
x-amz-request-id: QDJZY7V2390WQ6DV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 01:44:27 GMT
age: 1625
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 27 Nov 2022 02:11:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /fzn HTTP/1.1 
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         74.206.228.78
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:32 GMT
Content-Length: 145
Connection: keep-alive
Location: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   145
Md5:    bfe2c1d1b36c62666ce9ba537d324bd4
Sha1:   4d52a7c6d2909a506a4e81559eb24e8af077c741
Sha256: 5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         74.206.228.78
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   249
Md5:    0b9d0491305b5be261051b77b77bbd5f
Sha1:   e62f1b10b390e6a92b1af6d763889e8c9719b0bd
Sha256: 6c98980d917ee292e56b34d23c756c1c4488c19174f189ddef527a24f4145e32
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 02:08:54 GMT
cache-control: public,max-age=3600
age: 159
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: uk.userwww.pcukhgdn8yr.firedmeupppzs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/

search
                                         74.206.228.78
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.18.0
Date: Sun, 27 Nov 2022 02:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   114
Md5:    021ffd3b4e081732edb9f2fa096e8ef2
Sha1:   4b0c71d74bf395719f8f91e4903609e37b513046
Sha256: 71dc6b3c545761e64c88967c0f8005939255df258bf60e122b238095d0c9659c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4264
Cache-Control: max-age=115582
Date: Sun, 27 Nov 2022 02:11:33 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:17:55 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vAQjSA5Mb7dABT0R8Uvy1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.162.142.194
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lnaZkoMIPOztdATHHyS3kDDojP4=

                                        
                                            POST / HTTP/1.1 
Host: firedmeupppzs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com
Connection: keep-alive
Referer: http://uk.userwww.pcukhgdn8yr.firedmeupppzs.com/
Upgrade-Insecure-Requests: 1

search
                                         173.239.5.6
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx/1.20.1
Date: Sun, 27 Nov 2022 02:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MSwidHMiOjE2Njk1MTUwOTMsImhhc2giOiIwNDc5ZWNiYyJ9;Expires=Sun, 27-Nov-2022 03:11:33 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   180
Md5:    008364e5525fa0b45b4c30b2033bbaa3
Sha1:   8063387c0363da6654175c03cc0efd6316d55ff4
Sha256: 75ccd9a310cefb1aa3c0db6c456543c5bd4e5fa6275ca587a6c8aced01b5f281
                                        
                                            GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae HTTP/1.1 
Host: q3.quotes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://firedmeupppzs.com/
Upgrade-Insecure-Requests: 1

search
                                         178.162.151.164
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
date: Sun, 27 Nov 2022 02:11:33 GMT
server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   170
Md5:    21d72f42feb4f0c92910583f72350a59
Sha1:   7d3444f9a1db6a7acbdab21e9632c6ca9e433057
Sha256: 28e1d374a220029cf5d5938071d2278080631cef09fe5b2dd33256396d2c74f1
                                        
                                            GET /d05eb8c2-6df8-11ed-b601-bfd5cacf12ae?hr=1 HTTP/1.1 
Host: q3.quotes.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         178.162.151.164
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 27 Nov 2022 02:11:33 GMT
location: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d HTTP/1.1 
Host: btpnav.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         192.99.158.241
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 27 Nov 2022 02:11:33 GMT
Content-Length: 5470


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Size:   5470
Md5:    e02c7857263c70577be459cd78d79458
Sha1:   85117831d9dc8ab92b95ccd12d2c1b6cd72160f7
Sha256: ddd86ffb491931e3de71184007ebe3be0bd84ff393a818245bb5244da78e31db
                                        
                                            POST /Redirect/ HTTP/1.1 
Host: btpnav.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 358
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=OWF4aGVlZG5NYmVFUUhjTGdFNF9VTmZ0TlljRjlXZUlqZzJRS3RFNzk5M2pjMC02elNrVEJCVEhPbElzR3c4RnlJZU1SUHBsbDRfNWJqdlpRVXJUSTNDMC1HREFWTDljRmpTbDRQdG0wRkw4TDVYUDN2bmg2WFdySUY5ZndWR0p3ZXdGM1FwdGxEeG82VTcyaVV0bE9nMg2&id=dbeca73d-f746-45f1-b235-a98a80be5e9d
Cookie: iCwYucZXYVDcYmt=iCwYucZXYVDcYmt
Upgrade-Insecure-Requests: 1

search
                                         192.99.158.241
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 27 Nov 2022 02:11:34 GMT
Content-Length: 270


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   270
Md5:    69875c76217d69b9210ecd80864c5a3f
Sha1:   5b0cf9e3a60b3748686c090e2bf9a74fc053556c
Sha256: ddb521ea96acd51e0d3df6542e974e521a7fc5b0e14fb6440e4e79e4905b736e
                                        
                                            GET /zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: kXipAYyj


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1100
Md5:    91783059f1fe33914c6ce244a2e69e14
Sha1:   4732fdd7686ac6d51020c5a1539a06d896a7b723
Sha256: 84bd2178481065323dee44da690db2921363efe10c362883536f2b4e86f18143
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sun, 27 Nov 2022 02:11:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8584
x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCKAsGTDIAMFa1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yeEzjiU_qN75issum4uP2zFM3C-DlSfIm728WgTPLvfvUmT0fWf-lA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:02:07 GMT
age: 14967
etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8584
Md5:    d6328cb630204883d77babc9922075f1
Sha1:   e440f7b94b53b6e7880b26f9653b1b266aae0190
Sha256: b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 1486
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13049
Md5:    1db6041a0bdb2319ae85afcc30caaeec
Sha1:   3b0ec6a7188dadf986f72fda8110296d9abd6f35
Sha256: 05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:41:41 GMT
age: 34193
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9073
Md5:    ccb536b51f31391c89fb2abe3be6c749
Sha1:   c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
Sha256: b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 15597
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 15686
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7380
Md5:    76c00eceed956377d7469ef58b0815cb
Sha1:   97a135335f5b1b042adeb385718f8808cb78528b
Sha256: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 35774
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8817
Md5:    741ddfb19764ac9a77509e7e87cfbfb2
Sha1:   308c08784ce4a0757cbd112807555b83e17a1d56
Sha256: e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
                                        
                                            GET /zcredirect?visitid=d074b5a5-6df8-11ed-8285-0a033d3b8991&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/d074b5a5-6df8-11ed-8285-0a033d3b8991/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: QOmeMSPK


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   350
Md5:    d095ed6846f98f495edf201231f48a9f
Sha1:   927469eb6400d68d93c73abac2048e43c0a36f2c
Sha256: 88a7a57b8904544a9bd9b6e165ab2884bdc4ff112fd452af211b3447bda73e34
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "410EB00E90A31DB5FCBFBE2DD46EAC00F7C4423F39B124B5F313FC2576444E0B"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1418
Expires: Sun, 27 Nov 2022 02:35:13 GMT
Date: Sun, 27 Nov 2022 02:11:35 GMT
Connection: keep-alive

                                        
                                            GET /s/r6?s=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4 HTTP/1.1 
Host: clever-redirect.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         78.46.197.88
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: fde7d8409902205b0ea4c877b43ca40b=f819c981f8d4a4fc68abc2833b2998e329ea2393fb2c7bb5cfdd73e997a8f952a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22fde7d8409902205b0ea4c877b43ca40b%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 343
date: Sun, 27 Nov 2022 02:11:35 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (343), with no line terminators
Size:   343
Md5:    be29a96690d7c112bd1cdf10b8c12cf0
Sha1:   bb43c5f0196d76faa94def56c0ddad270189135b
Sha256: cb4473dd7f16b3b1d00315cf2b5207271b53593b9f3b2c8ccad3ef239d7df417
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "748D34BE18B9CD25DDB8F887E7DE9E7AED70CE8501962796EBC302AE9075EC91"
Last-Modified: Sat, 26 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17875
Expires: Sun, 27 Nov 2022 07:09:30 GMT
Date: Sun, 27 Nov 2022 02:11:35 GMT
Connection: keep-alive

                                        
                                            GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=ark.no&s1=623619497&s2=gamboge-moose&s3=xray-raj-vqpwomygx4&s5=cf HTTP/1.1 
Host: lookandfind.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         5.9.110.29
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:35 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 28-Nov-2022 02:11:35 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c1234b292029f73930b3c268fb278c4d
Sha1:   7ee9df2b0fe1a956ce300adeba8cdb3199f726cf
Sha256: 48a4a0112b6901c8412c8841e111a6b5222d318c7e227b6cbd2caa15820b0b4c
                                        
                                            GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DbGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ%3D%3D%26i%3DCHhW4CrFeeCAHxWD%26placementId%3Dd80da561a4cb1a0e606254ec6fca3cd9&h=a2ba18e0766a6b000c011937d0e88397 HTTP/1.1 
Host: lookandfind.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: a1bddec9f5b4cf65ca8d53e66258ca05=cd68acb3ec5f0d14411314de57b56e531ca80bf4e493f103986b8a537293d315a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a1bddec9f5b4cf65ca8d53e66258ca05%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         5.9.110.29
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:35 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Size:   867
Md5:    4e55a087a564aa24d050f8ce32ec31b0
Sha1:   fbe2770fad8aa2da1a98652d06e2cc8c0e8fcdce
Sha256: 71e6352f0fb5f404cb68e1ce1b36f13034d42d389d624773b3b1dfa8de36b041
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BB6992D0C6858671C529CFC4DC5D7368F7DAC927E3EBED6A402812A007B665D9"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7604
Expires: Sun, 27 Nov 2022 04:18:20 GMT
Date: Sun, 27 Nov 2022 02:11:36 GMT
Connection: keep-alive

                                        
                                            GET /v2/r?e=bGxuZm9VT1NDMkM2L1QwQ2xrV3hWb2dDcklaNmlCVVdYOXdwUEgxemVOd0FUTkNaak45bUN0MzhEWU4zenh2dnRWb0lzcVMwM1JqZ1hWc1YxS0pzQVFPd09ESjlGanNrbzRXRjZtRW5DZHJxbzI2ZjZBeU8wVXFrK21MdUdvbEUwR2hLN01hVmlkQm1oSU44bENxWTFnTlNaMGxhTWxQSHQ0L1N0UldId0d5VmgzZk9JOHY0ZGUya1BsSFQ0TFUvNlRVQzNFY2VuNWprbVkyZGxhcWtPMVZhT2dxZW5YZ2dMZm1zVGRBWkM4aHhoayt4MGJpRDl1RWFPaVFvTGp4SVJTTFFrdEdTOGdPOVVsMUk3dnYrNVhwalcrUUU0MDEzY3U5K0pZbkphd1hsOWJudkV1b1BsS3hicys0d2VNL0F6NnIvQzFWSHU3Q3JlWHNiblJxbzlCVGhYRktXTmowelJDdXY5amw0TDRQLzd4Y3FNemcySG1SWGZZUzFBd09OdUxNd0J3SFZsb1VuYnZxdHRLZmt2MUtFRGtDWEZZOGhsK2IvZnc9PQ==&i=CHhW4CrFeeCAHxWD&placementId=d80da561a4cb1a0e606254ec6fca3cd9 HTTP/1.1 
Host: api.yadore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         88.99.112.2
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 02:11:36 GMT
location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4711
Cache-Control: max-age=146260
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "63824d45-1d7"
Expires: Mon, 28 Nov 2022 18:49:16 GMT
Last-Modified: Sat, 26 Nov 2022 17:30:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false HTTP/1.1 
Host: no-go.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         95.211.116.27
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:36 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191
clickId: 107698111_1669515096213_5564741
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.01749S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 32670
Set-Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure kelkooID=a4c626f-184b6dab095-1a421c; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Size:   32670
Md5:    9f0f3c96933a982fff2e2eadc8561311
Sha1:   2917b2f051a8bf34d0c992051b0419dc17eeadf9
Sha256: bcf60ae146df44bd8729a0fef555f9779a6434dfdc58f152c7fce24b5aa8f9ec
                                        
                                            POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1 
Host: no-go.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.116.27
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:36 GMT
Request-Time: PT0.002804S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive

                                        
                                            GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741 HTTP/1.1 
Host: no-go.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.116.27
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 27 Nov 2022 02:11:36 GMT
Request-Time: PT0.001148S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=80
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    91e42db1c66c0b276abf6234dc50b2eb
Sha1:   c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
Sha256: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
                                        
                                            GET /tags.js HTTP/1.1 
Host: dd.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         54.230.111.104
HTTP/2 200 OK
content-type: text/javascript
                                        
content-length: 43164
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 15:19:16 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront), 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
date: Sun, 27 Nov 2022 01:20:30 GMT
cache-control: max-age=3600, public
expires: Sun, 27 Nov 2022 02:19:58 GMT
etag: "33bf8-5edac1cc94a7f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: dkYLkd0Xpu5tIZdyjk5_J0oPF4Eu4YrMd-cDv_QfDhOIgabmsa6j_Q==
age: 3098
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65432)
Size:   43164
Md5:    1e9601b9f2fcd0d1d742e87fd046749c
Sha1:   88431bfdad7d8be4cf62396a57aebcec0de09827
Sha256: 4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: no-go.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.116.27
HTTP/1.0 403 Forbidden
                                        
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

                                        
                                            GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a707dc4bf57eb987e7fc2c340bc48af431b803fbef4ad61d1ef7fcc753cf27605a740b1bef442527212ef1aea736b725d29e7a72590beefd3634faf83795ace8a3ec0ad2d3ff508e39ff96970662b2c003f4c4f38258dcc16707378865addbadd5b9661b5d59ff4a671bf385d07e6686556f21a16dfba42aad08f993e1354807be8297cfac740e078a8fe3370a9bd2f73e9250a0b481f949bac03203537332e237cf6d742d95d8f25f1bd856d59a6160c43a318212def71574686a0fb684b16a48fc0326b5cb231689c1cf45974566aba6d904d0c2dc4f00d6ced440414bbec2b76700cfb521927882faedbc78c3220d4e11aa548cd0cc7a8d05faedc8686babe4&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&clickId=107698111_1669515096213_5564741&url=https%3A%2F%2Ftrack.adtraction.com%2Ft%2Ft%3Fa%3D1487386349%26as%3D1090656293%26t%3D2%26tk%3D1%26epi%3Ddc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191%26url%3Dhttps%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1 
Host: no-go.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1669492063874&.sig=pUuQhboVEnX9MRhcJ2bCkKrWxNs-&affiliationId=96965886&comId=100505999&country=no&offerId=9a811cf41fd8b0a4acd6bf00aeec72f9&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=f01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=4G~emZrQ4jNg7hQt46Vr5brEBrnD4kuhcRsaZz5Pw-K78FktimbLo1Z-SqP2mmcY-3jshiXSDDd87kBEOD8IjFgcID4rSIYgRMPZ6Yc4FJkZSObMLhQiPWEF3SLutHl8; kelkooID=a4c626f-184b6dab095-1a421c; _ga=GA1.2.1865332856.1669515096; _gid=GA1.2.54496176.1669515096
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         95.211.116.27
HTTP/1.1 303 See Other
Content-Type: text/plain
                                        
Date: Sun, 27 Nov 2022 02:11:36 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191
clickId: 107698111_1669515096213_5564741
country: no
Location: https://track.adtraction.com/t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.014161S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=1IOcQZFmcEjZwPyQJ-HPW_dTenvKnz-8rKqxfyACqRx3_Gwi7NI0VlWy6hObFkMrDItN60SdtAaEbw1F04JXA9oZyGwAO2xR1dM5AI~zfDuE7-TTO3~ckKrsh39n1IqU; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:36 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=94
Connection: Keep-Alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:36 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 01:51:17 GMT
Expires: Sat, 03 Dec 2022 01:51:16 GMT
Etag: "f1c5ce4fb8c1b312d4a6ca6ccc0afdc9764de782"
Cache-Control: max-age=602982,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1681
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7707558959f6b4f7-OSL

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1397
Cache-Control: max-age=163469
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "63829d70-1d7"
Expires: Mon, 28 Nov 2022 23:36:05 GMT
Last-Modified: Sat, 26 Nov 2022 23:12:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /js/ HTTP/1.1 
Host: api-js.datadome.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4137
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         13.51.39.45
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Sun, 27 Nov 2022 02:11:36 GMT
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   235
Md5:    d2610b8a4d3809168bc20cf07472f5df
Sha1:   fea34c527275b6b6f54cff82c071ec43e73ce8c4
Sha256: e9da6c853de2c85d2c0ac4e37d2ffb2c15c0b8b03f425e141565f514f3ddc074
                                        
                                            GET /t/t?a=1487386349&as=1090656293&t=2&tk=1&epi=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&url=https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178 HTTP/1.1 
Host: track.adtraction.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         13.49.53.120
HTTP/1.1 302
                                        
Cache-Control: no-cache
Access-Control-Allow-Origin: *
X-TraceId: 2cb9b664-3f06-493c-badf-fec36f6c2406
Set-Cookie: at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04; Max-Age=94608000; Path=/; Domain=track.adtraction.com; SameSite=None; Secure
Location: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Transfer-Encoding: chunked
Date: Sun, 27 Nov 2022 02:11:36 GMT
Connection: close

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1510
Cache-Control: max-age=170808
Date: Sun, 27 Nov 2022 02:11:36 GMT
Etag: "6382b9aa-1d7"
Expires: Tue, 29 Nov 2022 01:38:24 GMT
Last-Modified: Sun, 27 Nov 2022 01:13:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:36 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
Cache-Control: public,max-age=10800, private
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (338), with CRLF, LF line terminators
Size:   35087
Md5:    c1fa6666a3bbbf0c1981573470a3cb7f
Sha1:   3c38ac8a7dc5f7edee204525a6798f2f8d0052f1
Sha256: f807d8749080fb2a629e80357151c7676198874b7dcd5cb568b72a76e13e8ce6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1669492063874%26.sig%3DpUuQhboVEnX9MRhcJ2bCkKrWxNs-%26affiliationId%3D96965886%26comId%3D100505999%26country%3Dno%26offerId%3D9a811cf41fd8b0a4acd6bf00aeec72f9%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Df01467d31c1ecfcd61f8eec1aba9b34705f6b585fc6fb50138012ba72e6d8241%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100505999%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Ark.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1865332856.1669515096&tid=UA-168544891-6&_gid=54496176.1669515096&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1669515096221_1485191&cd3=100505999&cd4=a4c626f-184b6dab095-1a421c&cd5=&cd6=96965886%7C100505999%7C&z=1318479611 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: image/gif
                                        
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Sun, 27 Nov 2022 02:11:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wro/ark_responsive.css?_=1669213137557 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: text/css;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:36 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 22:11:36 GMT
last-modified: Wed, 16 Nov 2022 22:11:36 GMT
ETag: W/"1dfaaa8129ec8bbbd3deb8cf9c689a583683470"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:36 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  ASCII text, with very long lines (11679)
Size:   351503
Md5:    f0afbbb4d6e93b760006379694d7da13
Sha1:   122ea0da8b680eed0896699238a0307efe347bef
Sha256: 8ca68813ddfdba5be43a7357cbbe1b5a0bd66ade327a0bff6126273b174b1771
                                        
                                            GET /wro/addons_responsive.css?_=1669213137557 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: text/css;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 21:57:54 GMT
last-modified: Wed, 16 Nov 2022 21:57:54 GMT
ETag: W/"1ac4f62a4e595c7683f2f4fa6d13255372a39192"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (11140)
Size:   12278
Md5:    216f08b4ee6d77be2b4c3a56c2ee5451
Sha1:   c1ec92884e985e9557d3f031e34618fd0c6c354e
Sha256: 8d161b1a9434d6c394ff7e15c7534f651c0e0ae75738655c9bf4eac076397512
                                        
                                            GET /vgu7prb.css HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 748
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (516)
Size:   748
Md5:    3453162d92bf8b997d346882fde33714
Sha1:   20cc0e9deece4903bf48252409be7f8e37efd3a3
Sha256: d057627e92229d3b57763859da0b6d3f6f8457b7db60d223279d228ff7b83a6c
                                        
                                            GET /_ui/responsive/common/js/before-dom-ready.js?_=1669213137557 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: application/javascript;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"4185-1668634529010"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  ASCII text
Size:   960
Md5:    07cec007e266c0dde7d13b1ea4f12ee5
Sha1:   f36ebc5c3d6fc6b63f0855e354387b91d376b586
Sha256: 7f80dce27a7e5eeb3be2fd88e807c6a6fe7ca8df4f14d2304e80cd130d50653f
                                        
                                            GET /_ui/shared/js/generatedVariables.js HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: application/javascript;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Length: 272
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"272-1668636399382"
Last-Modified: Wed, 16 Nov 2022 22:06:39 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  ASCII text
Size:   272
Md5:    2509fe5a4bc5022a5f08b29a8dc7bf56
Sha1:   ae1575c0593c35fa10ef1f38d7fc3ca87bc87326
Sha256: ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840
                                        
                                            GET /p.css?s=1&k=vgu7prb&ht=tk&f=39496.39498.39504.39506&a=92739817&app=typekit&e=css HTTP/1.1 
Host: p.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5
Md5:    83d24d4b43cc7eef2b61e66c95f3d158
Sha1:   f0cafc285ee23bb6c28c5166f305493c4331c84d
Sha256: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
                                        
                                            GET /_ui/shared/js/analyticsmediator.js HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: application/javascript;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1099-1668635653873"
Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  ASCII text
Size:   406
Md5:    e9e6515b6d0a979b3cbf1585f5ea8593
Sha1:   019dc45c7d9a25f12a0fd2e55e971f9d91d6923a
Sha256: dce57ddbe6ab1cfbdefd5958949d3a18011279c9819651401327c26cf353884b
                                        
                                            GET /user-data/javascript-variables.js HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: application/javascript;charset=UTF-8
                                        
X-Frame-Options: ALLOWALL
Set-Cookie: JSESSIONID=78CDF310434080ECB99E837A8FC279D5; Path=/; Secure; HttpOnly anonymous-consents=%5B%5D; Max-Age=31536000; Expires=Mon, 27-Nov-2023 02:11:37 GMT; Path=/; Secure; HttpOnly cookie-notification=NOT_ACCEPTED; Max-Age=360000000; Expires=Mon, 24-Apr-2034 18:11:37 GMT; Path=/; Secure SRVID=P1; path=/; HttpOnly; Secure NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
Content-Length: 679
Date: Sun, 27 Nov 2022 02:11:36 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   679
Md5:    620dfe83ec2c047894b01ad5b875d645
Sha1:   0babf60bb7fbf0e2d7f19d96727d1e73d799fc95
Sha256: f31749f6a4d1bcdfa6af2f9e32c5b5d504229adfc0d291304b6168d8c51b1670
                                        
                                            GET /static/header-search.min.css HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:37 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"e7ec-184a253d590"
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (59370)
Size:   11073
Md5:    b374aa6d5ab506a81b333b6a1ac5c959
Sha1:   5a53ec11595b533e6e6a4cf511d1d242042032f5
Sha256: b574fd83f0380206cffb01cad4beed9591d3daa178c58e3df2eb6fc64062c760
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /beacon/gyldendal/ark_production/scripts/evergage.min.js HTTP/1.1 
Host: cdn.evgnet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.128.114
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: faPkUFcnsvGPsNBBeMYEalTXsNaKZdlfdm26+FltH/351NHnj8baSZR4Vx40VSYsvribpgjGB6I=
x-amz-request-id: S19JP7RQBXGHVSQ2
x-amz-replication-status: COMPLETED
last-modified: Sat, 26 Nov 2022 07:43:47 GMT
etag: "39bc0ec486db4097b88063bbf18a0a65"
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 16
x-amz-meta-evergage-sum: 96f2de31f3cfc41ead0a6c913ccf85ed130d951a
x-amz-version-id: SjR9IpUexr7lbUtSMflzvSYqFoiv8nqV
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:37 GMT
age: 114
x-served-by: cache-iad-kiad7000038-IAD, cache-bma1648-BMA
x-cache: HIT, HIT
x-cache-hits: 50, 1
x-timer: S1669515097.111552,VS0,VE2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 50013
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (594)
Size:   50013
Md5:    39bc0ec486db4097b88063bbf18a0a65
Sha1:   14fb3dd0ff72962bb028dcbc83f22c1acc9f77be
Sha256: 7fd56328f62e0516c09fe7691225f80baa44fbd46019224172d9a932bc6bcbc5
                                        
                                            GET /medias/icon-innbundet.svg?context=bWFzdGVyfHJvb3R8MTY1NXxpbWFnZS9zdmcreG1sfGhmZi9oN2MvMTE4MDgyMDA4NTE0ODYuc3ZnfDdlMGU4NzdiODNmODJhMjQ4ZGM1ZjRiNTUyZTc3ODQwM2MwZWI2ZmNiMzgyMGU4OWYwYmVjZDEwYWVmNzM2OTQ HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (505)
Size:   833
Md5:    a65a28e2ad19b9e91ca93072bfbe63b8
Sha1:   6da5492a8ef70f757684e6d8c7fdf5465f8e8ef5
Sha256: 651edc2a0abc01a83a06cc633c50f8513fd2c6f89bf3f48f1dc141dfb3bd1bde
                                        
                                            GET /wro/addons_responsive.js?_=1669213137557 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: text/javascript;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 16 Nov 2023 22:11:36 GMT
last-modified: Wed, 16 Nov 2022 22:11:36 GMT
ETag: W/"a38ffc581f14c7c21274979251d7750c976f8bc3"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (11839)
Size:   55204
Md5:    2db791df263b17f02f3f8fc8f06f4337
Sha1:   ada8a25364bcc1b1599ab300210b4aa47eca4f0b
Sha256: 9da5304bd17271e262e1035f642e811db52dedf663ca9350cf221afe1ff368b5
                                        
                                            GET /medias/icon-lydbok.svg?context=bWFzdGVyfHJvb3R8MjQxNHxpbWFnZS9zdmcreG1sfGhkYi9oNTUvMTE4MDgxOTgyOTU1ODIuc3ZnfDY4MWVhN2Y5YmExOGM4MjY0MmNhYTBhZjA4ZjFlMWRjYjg0YWU5ZDhkM2U3Yzg5Yzg1NzUxNjczNDI0ZmNhYTE HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Size:   1111
Md5:    0a85c6a1e5c3ffbc071617fbd9ac913a
Sha1:   2de167bf33e1c83bcc6a2d3d4edd56db38edc7a0
Sha256: 63d0ff4f0676641152de7bf3b26d17331570e705a592d1baa207becfb0db8287
                                        
                                            GET /medias/icon-cd.svg?context=bWFzdGVyfHJvb3R8MTg1M3xpbWFnZS9zdmcreG1sfGhhNi9oY2MvMTE4MDgxOTgxOTcyNzguc3ZnfGY3ODI3OWJlOTJhOGIxNGRlZDU2ZTI3ODE0OWJiM2EyN2QyN2IwMzc4OWNhMDZjZWNhOTgzNDRhMjJkNDFhNzM HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (607)
Size:   713
Md5:    59bea278cf46189e717d7c8d24532688
Sha1:   c322abc6e6291e5ce89103324935099ed4d22659
Sha256: 2bf262cf6bd9b866c2c7a363ca13d02b50c1c5ef10f90e945794b41cf68a0311
                                        
                                            GET /_ui/responsive/common/images/novicell/exchange.svg HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"2002-1668634529039"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (637)
Size:   821
Md5:    cfa6637ae45a37a2696c599217b51100
Sha1:   8e40845ea27fac927c1a0ffebee688b07a0511db
Sha256: 5ffc92b06847b5911df0f94bfd3dde0a6ec7adc1f46226e679e5f3d78ca0fe40
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /medias/ARK-logo-rgb.png?context=bWFzdGVyfHJvb3R8NTM3NXxpbWFnZS9wbmd8aDYxL2hiOS8xMjQxNjA1NTQxMDcxOC5wbmd8NzE0NjBhYzkyMTk3YjY3MDViNmY3NWJiODUxMGM1MTE1MzEzNDgxMDMwMWJkY2JhNzAyZWM1OTM0NWY5MjYxNw HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Length: 5375
X-Frame-Options: ALLOWALL
ETag: c9090923bba9332b51b1e7fd3123786a
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
X-Content-Type-Options: nosniff
content-security-policy: sandbox
X-Cache-Status: HIT
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  PNG image data, 84 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size:   5375
Md5:    694117356cff0567f422a7151b0bef89
Sha1:   cff747b3405329e61434661350b787eb78974bc5
Sha256: 5b4539a78df44e55a07e737bcbb2b3c4f0e991c1e94eb5eba68cd039a9ad73ab
                                        
                                            GET /assets/no/lipscore-v1.js HTTP/1.1 
Host: static.lipscore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 69216
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 09:21:17 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 26 Nov 2022 09:42:00 GMT
ETag: "97e709db0efc7e4edcf01c2a116c6e10"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8eaZjazjSEBxBKD1Nsf-32u_ZT-IdQ5yj-TF0D0nzw9k-36zVcSROQ==
Age: 59378


--- Additional Info ---
Magic:  ASCII text, with very long lines (589)
Size:   69216
Md5:    97e709db0efc7e4edcf01c2a116c6e10
Sha1:   7509e2a1739bb8bf0d1b43942128a760f4c7e918
Sha256: 9736aad14a6b6460b71f0cbdc9d1f0035cd4c8947029b788450afcf35376a92e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "638282c1-1d7"
Last-Modified: Sun, 27 Nov 2022 01:39:14 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iz3vM4Cl2NcPIkwE7VOpRcEPF4GXJYUfR8CcOnW8SHvnoJs8suQqKg==
Age: 1943

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_ui/responsive/common/images/novicell/icons2.svg HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"13291-1668636417977"
Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (1330)
Size:   4859
Md5:    70c1bf2e0f79bc0aa4d4db691f9bc7a3
Sha1:   495e5325437a26f559639c130907738b814636b6
Sha256: 748803c439e7801084d8c6e89068513dcd62c1fa40b7efa6d2f638d2a61d2ff3
                                        
                                            GET /_ui/responsive/common/images/basket.svg HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1586-1668636417967"
Last-Modified: Wed, 16 Nov 2022 22:06:57 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1585)
Size:   594
Md5:    9138a81597c7a7be51c2c04a23f55d48
Sha1:   e38874fa64494f77be7bedfafd07ec8e6a597cd4
Sha256: 797706ae7c9eaf6990b12849249aa0315b75183818d7a5f0a7b5e1b9a18c8ce8
                                        
                                            GET /_ui/responsive/common/images/login.svg HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
ntCoent-Length: 315
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"315-1668635653863"
Last-Modified: Wed, 16 Nov 2022 21:54:13 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Content-Encoding: gzip
Content-Length: 248


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (315), with no line terminators
Size:   248
Md5:    e65002a0979088d966fe62fa04ad8546
Sha1:   4944836607208694e22e687730313c8b7c581575
Sha256: bef4b9504593faecec695ea3116301541c0dc1eb6b416c2975efae0db63bc525
                                        
                                            GET /_ui/responsive/common/images/heart.svg HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/wro/ark_responsive.css?_=1669213137557
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/svg+xml;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
ntCoent-Length: 810
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"810-1668634529034"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly
Content-Encoding: gzip
Content-Length: 485


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810), with no line terminators
Size:   485
Md5:    bf6c87810144048478a4af1e7036172e
Sha1:   1df92e763e945e02c10a65ab7ff4dd2d2a8326b8
Sha256: 3db00c85a23dc9c933ba41c66ea40b54a117378940f2f50ed07e4c1e8e85e358
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113180
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "6381d450-1d7"
Expires: Mon, 28 Nov 2022 09:37:57 GMT
Last-Modified: Sat, 26 Nov 2022 08:54:40 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 56noltW0rS3jWEaFECUOzyjtMwofkuF6XWdi8LZUBujsHudKzOtc6A==
Age: 2597

                                        
                                            GET /2020/click_and_collect_icon_pdp.png HTTP/1.1 
Host: arkcms.s3-eu-west-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.218.88.224
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: R5xHVfc6Jmit1KfUYFZDKEerCXW7fJwV911TLdLTGNNPMGhd/Vj7tENvunndd3l+PNQQ9XvDhKM=
x-amz-request-id: WM1JG975W1K2M8ME
Date: Sun, 27 Nov 2022 02:11:38 GMT
Last-Modified: Wed, 09 Dec 2020 10:28:47 GMT
ETag: "ae12c3709e57f42d625e8c0e5bbd65ff"
x-amz-meta-cb-modifiedtime: Wed, 09 Dec 2020 10:28:18 GMT
x-amz-version-id: rcTJgyMvadfkuGRJwZxwntujgFgIeUke
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 579


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   579
Md5:    ae12c3709e57f42d625e8c0e5bbd65ff
Sha1:   4da0f6b488bce010ef84fb38a488814ba8b41cc2
Sha256: 6aaec1fe9381c3deb009111c81a4e4c599b1b3fdbb346ab0412c850d00b82603
                                        
                                            GET /assets/lipscore-v1.css HTTP/1.1 
Host: static.lipscore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.8
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 11566
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 09:19:44 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 26 Nov 2022 09:42:01 GMT
ETag: "ad324c13384f3748c4d121fab666b608"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IhLbntTrKMJxZuRFSdf7HNaWtTRcYuXuBgHSSHik6PXRd0bwW78o3Q==
Age: 59377


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   11566
Md5:    ad324c13384f3748c4d121fab666b608
Sha1:   de2833b8d80bd2ca7b1a077086e803fa9f947cc5
Sha256: 7597379ecb627246ef4309081cce9d17780443654ffe9270a33448189e4dfdfb
                                        
                                            GET /_ui/responsive/common/images/spinner.gif HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/gif;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Content-Length: 1101
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"1101-1668634529044"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:37 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   1101
Md5:    5ce7976b7df2fc004edd0514e74c912f
Sha1:   8e274e6894bfa048d740598ad9dc347c843b53e8
Sha256: cc059971515e77a7ff8e6771b1bfdf11c39370ad399c85ae151e620f79ff6ea1
                                        
                                            GET /af/0230dd/00000000000000007735bb33/30/l?primer=529fae943ba84bb0c97aa2fb04f947ddb3dbe491d966d03bcc808e25eefee0ce&fvd=n4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 24224
etag: "e8db8b219fe0e512ab6df6bb665cccbe9558a4d8"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 24224, version 1.0\012- data
Size:   24224
Md5:    f005bbf156a8b3f0d2a3f617decb7504
Sha1:   22df422ea62af0cbe56d87697fa73ed43753c2ba
Sha256: ef02debd597b2a650c8e3657bf87d2d0ac2c6cdd10cf5c074eaff5eae53fafb2
                                        
                                            GET /rc/35408/scripts/s.js HTTP/1.1 
Host: d2df291ti5v5sq.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 17
date: Sat, 26 Nov 2022 02:21:01 GMT
last-modified: Tue, 04 Oct 2022 12:17:09 GMT
etag: "a33a21825ee0bbfbd37c7f17465ee58b"
x-amz-meta-version: -1
x-amz-meta-previous: rc/35408/scripts/s-1664885824.js
x-amz-meta-blankedout: true
x-amz-meta-deployeddate: 2022-10-04 12:17:04
x-amz-meta-invalidationid: I32KDJXI400N4D
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fok3Qj4e7WGRAf9HyzgkGwmZoT8g7R7kvwleuEAStNinI1O_BCNGfg==
age: 85837
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   17
Md5:    a33a21825ee0bbfbd37c7f17465ee58b
Sha1:   0a1cea8a83e1df552650c210cc03ec629839dc1a
Sha256: 0df9a681956d3517ba546fb467fb16450db50fbe22a87f318e12789161f3b78f
                                        
                                            GET /uc.js HTTP/1.1 
Host: consent.cookiebot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.84.152.64
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
last-modified: Tue, 22 Nov 2022 07:34:39 GMT
accept-ranges: bytes
etag: "db2e3fe144fed81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31705
cache-control: public, max-age=1131
expires: Sun, 27 Nov 2022 02:30:28 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Size:   31705
Md5:    696e11ea704a1a9043864196e1dd41ee
Sha1:   a322a1d9858541cb17a662d8267c1a86b91fc6c3
Sha256: 33a05733a663a3d87ea1275899038ec82a2824de58b8fd07f02c9852dbc56c43
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154710
Date: Sun, 27 Nov 2022 02:11:37 GMT
Etag: "638271f1-1d7"
Expires: Mon, 28 Nov 2022 21:10:07 GMT
Last-Modified: Sat, 26 Nov 2022 20:07:13 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gmWJR-Tita-wP-QDHjjS_BrmTTE3uX9kKIs-LXp4IHVfTmL08s_grg==
Age: 3774

                                        
                                            GET /sdk/bc-v4.min.html HTTP/1.1 
Host: consentcdn.cookiebot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.110.3.72
HTTP/2 200 OK
content-type: text/html
                                        
accept-ranges: bytes
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Mon, 06 Nov 2023 16:03:34 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Size:   392
Md5:    e7268eccad39bd651697fa793a52cc5c
Sha1:   47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
Sha256: 907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
                                        
                                            GET /8c9951dd-c473-46c7-8264-2482c33544b1/cc.js?renew=false&referer=www.ark.no&dnt=false&init=false HTTP/1.1 
Host: consent.cookiebot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.84.152.64
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
cache-control: private, max-age=1200
content-encoding: gzip
last-modified: Sun, 27 Nov 2022 02:11:37 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 59843
date: Sun, 27 Nov 2022 02:11:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65499)
Size:   59843
Md5:    7436aa0eae55cff68d222f7c93841936
Sha1:   b23b07beca0a9cde7d3e882bcb55f5327f3ebb49
Sha256: 29c946240c2fb857034d9cf18349ba5efd809b6cca05b1763a7c0dcc790789e1
                                        
                                            POST /api2/event/ark_production HTTP/1.1 
Host: gyldendal.germany-2.evergage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1818
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.127.112.93
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
date: Sun, 27 Nov 2022 02:11:37 GMT
set-cookie: AWSALB=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/ AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j; Expires=Sun, 04 Dec 2022 02:11:37 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
access-control-allow-credentials: true
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7403
Md5:    ff71b8cd337b2ba74a00f00736dfc378
Sha1:   727a3759c538f93f418d476be1d3b4f2a764b233
Sha256: 9ce193b71199392d1a0c946715dafff7e796c04b651ebb4ab1cff033d7f33cce
                                        
                                            GET /iged132l.js HTTP/1.1 
Host: d81mfvml8p5ml.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.42.86
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 0
last-modified: Mon, 19 Aug 2019 10:24:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: max-age=600
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wmUo18jW6YiVixePFPQVyn3RzayLXaBqortCtBANAlE6917Sq0ZcGw==
age: 277
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 00:41:08 GMT
expires: Sun, 27 Nov 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 5429
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159869
Date: Sun, 27 Nov 2022 02:11:38 GMT
Etag: "63828e0b-1d7"
Expires: Mon, 28 Nov 2022 22:36:07 GMT
Last-Modified: Sat, 26 Nov 2022 22:07:07 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zx6P2A-CHPR5TrFMf8bnwXUbnMXwb77v05P5KIcB1aI2sq_ABXtgHQ==
Age: 1740

                                        
                                            GET /9780226543178/img/0-S HTTP/1.1 
Host: dj4fsg3e1je59.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.42.104
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 18273
Connection: keep-alive
Date: Sun, 27 Nov 2022 02:11:39 GMT
Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT
ETag: "475d683320e29259c5f56ffbeff6e312"
Cache-Control: max-age=604800
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 94I5BaeFaVKMxpwEE-7KfxSmlRxV-MBlW5h63U2BAfnyOuNjXZLbOA==


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x180, components 3\012- data
Size:   18273
Md5:    475d683320e29259c5f56ffbeff6e312
Sha1:   d40bf2f373dc49dca5e5036fdd4e64885bab6889
Sha256: 6f8d7dff432d7c7ef0ca00c423217d57f27566645d30ac87ed98e2e005e70b21
                                        
                                            GET /9780226543178/img/0 HTTP/1.1 
Host: dj4fsg3e1je59.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.42.104
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 129797
Connection: keep-alive
Date: Sun, 27 Nov 2022 02:11:39 GMT
Last-Modified: Mon, 24 Oct 2022 12:37:01 GMT
ETag: "5035c9db58868e24a8e20e1afa1cebdc"
Cache-Control: max-age=604800
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iYElR33T0vz-gRxX1F6WgCdqotEHan5P9DCs9PAUMd0JoEmLgbiCmQ==


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 426x640, components 3\012- data
Size:   129797
Md5:    5035c9db58868e24a8e20e1afa1cebdc
Sha1:   29daedbf86b1f2487ab3aa0c6fc32d88857c86e4
Sha256: 9d24d2a713c9b8c28dbfec01d2f3c81dd01278853d93e88830aee2a58aa9bdae
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT
Expires: Sat, 03 Dec 2022 12:28:29 GMT
Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6"
Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770755930d32b4f1-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:28:30 GMT
Expires: Sat, 03 Dec 2022 12:28:29 GMT
Etag: "cc9f20bfc1002e9eca2f2f63f1537d74eecb54b6"
Cache-Control: max-age=554810,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770755930e7bb527-OSL

                                        
                                            OPTIONS /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1 
Host: arkanbefaler.sannsyn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.169.51.140
HTTP/1.1 200 OK
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true

                                        
                                            GET /jsrecapi/1.0/crec?service=ark&euid=anonymous HTTP/1.1 
Host: arkanbefaler.sannsyn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: undefined
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.169.51.140
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 2114
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; SameSite=None; Path=/; Domain=.sannsyn.com; Secure ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  ASCII text, with very long lines (5774), with no line terminators
Size:   2114
Md5:    fe0d2046777bffcdf62cf81b73a6bc14
Sha1:   b2f64b5fe301bceb77864767c7847e2d594b548e
Sha256: 23fd6190610ad846e5a02bc487f55720036cbcc6cdc76c4371bf6f0d53a5c4fb
                                        
                                            POST /pr?.top=714&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%229780226543178%22%2C%22categories%22%3A%5B%7B%22type%22%3A%22c%22%2C%22_id%22%3A%22B%C3%98KER_DOKUMENTAR%20OG%20FAKTA_KUNST%20OG%20KULTUR_KUNSTMONOGRAFIER%2FTEORI%2FHISTORIE%22%7D%5D%2C%22dimensions%22%3A%7B%22Author%22%3A%5B%22Christoph%20Cox%22%5D%2C%22Format%22%3A%5B%22Pocket%22%5D%2C%22Language%22%3A%5B%22Engelsk%22%5D%2C%22ReleaseYear%22%3A%5B%222018%22%5D%2C%22Genre%22%3A%5B%5D%2C%22Topic%22%3A%5B%5D%2C%22Brand%22%3A%5B%5D%2C%22Series%22%3A%5B%5D%2C%22Location%22%3A%5B%5D%2C%22TimePeriod%22%3A%5B%5D%7D%7D&action=Viewed%20product%20page&.tt=263&.ttdns=5&.dt=1278&.lt=1874&.btdns=32&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=236537&.anonId=6262ae51e755de67&_anon=true HTTP/1.1 
Host: gyldendal.germany-2.evergage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         3.127.112.93
HTTP/2 204 No Content
                                        
date: Sun, 27 Nov 2022 02:11:38 GMT
set-cookie: AWSALB=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/ AWSALBCORS=XeBQChWForNDvXN2oyfn+rAQPJGjQS6/N8Oeux49Hdznyd2Djf7wMt6iad+yzWZQK1t4BUKS5aRQMHdKWlb6dh8O/mr2XaAJzg15dIor59WDxyfYQSZla2rPcRdT; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

                                        
                                            POST /msreceiver?.cStat=%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22og8cf%22%2C%22stat%22%3A%22i%22%7D%5D&.bv=16&_ak=gyldendal&_ds=ark_production&.scv=106&channel=Web&_r=610733&.anonId=6262ae51e755de67&_anon=true HTTP/1.1 
Host: gyldendal.germany-2.evergage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: AWSALBCORS=yrtFsGGIlIFkvDOvyLApIzoHZQsSrZoYaQTsN7twaMAYnLssxR7ChA4PLesxJHXHR+3eVQ/GKpyIhDvvyFQmJJ8lVv/7Y2y4XQeEmryHS9cKYO1ZFkSyAjJL/V9j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         3.127.112.93
HTTP/2 204 No Content
                                        
date: Sun, 27 Nov 2022 02:11:38 GMT
set-cookie: AWSALB=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/ AWSALBCORS=3zqrMHYj+CWHTJ4a56ETcZCfcSgHYc1fEWn16SlWxyrSDcprjtumGIxbeX4dM/4lTP1c2hzT3+3skTw35S/hH8syxXdz5soHqt/uDuGOgyfX+OwfGzQ4NKwsIxPh; Expires=Sun, 04 Dec 2022 02:11:38 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.ark.no
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

                                        
                                            GET /hit?api_key=6a2538253ca1d39fa2a02b28 HTTP/1.1 
Host: wapi.lipscore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.217
HTTP/2 200 OK
                                        
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1669515098.380212,VS0,VE0
access-control-allow-origin: https://www.ark.no
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1 
Host: wapi.lipscore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.217
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3
x-runtime: 0.019999
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 435586
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1128
x-timer: S1669515098.382350,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 8414
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (8414), with no line terminators
Size:   8414
Md5:    e8d8b9129babd714cca17d25abf71ad4
Sha1:   7f16913bb726daa1e041311b8a59afde1afeeb53
Sha256: 70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d
                                        
                                            GET /initial_data/settings/show?api_key=6a2538253ca1d39fa2a02b28&invitation_template_id=&lang= HTTP/1.1 
Host: wapi.lipscore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.217
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-request-id: a61baf89-97b9-4b1a-a809-947d522ee3d3
x-runtime: 0.019999
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 435586
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1129
x-timer: S1669515098.383094,VS0,VE0
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 8414
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (8414), with no line terminators
Size:   8414
Md5:    e8d8b9129babd714cca17d25abf71ad4
Sha1:   7f16913bb726daa1e041311b8a59afde1afeeb53
Sha256: 70e0e3a804747f031436d4ad1bb537da968c397af8fbb2b44fc24cfe5c99050d
                                        
                                            GET /availability/pdp?productCode=9780226543178 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
Expires: Sun, 27 Nov 2022 02:21:38 GMT
Cache-Control: max-age=600
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (2239)
Size:   891
Md5:    2f4045c27a0414f6eb6d0850d0b07ae3
Sha1:   4260241f2f4823e436ffe4c3d80a612ab0610a40
Sha256: 0c6cf5aec64255cb7a68dd18fdd3d74fbdf8e17f0b57163d6a56cc51c4051c66
                                        
                                            OPTIONS /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1 
Host: arkanbefaler.sannsyn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.169.51.140
HTTP/1.1 200 OK
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: PUT
Access-Control-Allow-Credentials: true

                                        
                                            OPTIONS /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1 
Host: arkanbefaler.sannsyn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ssasid
Referer: https://www.ark.no/
Origin: https://www.ark.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.169.51.140
HTTP/1.1 200 OK
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Max-Age: 2678400
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Headers: x-ssasid
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true

                                        
                                            GET /jsrecapi/1.0/update/ark/anonymous/9780226543178/webread HTTP/1.1 
Host: arkanbefaler.sannsyn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.169.51.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 112
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   112
Md5:    bfecd897f0d45955aacbf3871470a55c
Sha1:   afe50e942444b4afd7f02ec661e2a57d8d1bfbd0
Sha256: 6daceca4f48edfe3ad59017d91d992780701c48ecd8ced756786dbe43672756c
                                        
                                            PUT /ajaxrecapi/1.0/compoundrecommend/ark/ItemPageAssembly HTTP/1.1 
Host: arkanbefaler.sannsyn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-ssasid: ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Content-Type: text/plain;charset=UTF-8
Content-Length: 31
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIiwic3Nhc2lkX2NpdHMiOiJ5ZXMifSwibmJmIjoxNjY5NTE1MDk4LCJpYXQiOjE2Njk1MTUwOTh9.BBYwk26o-7c8PjcqHtzhotqQ7oPsUxOs5puP6ZTgOn8; ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.169.51.140
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 644
Connection: keep-alive
Vary: Origin,Accept-Encoding
X-Roll: https://bit.ly/IqT6zt
Set-Cookie: ssas_session=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNzYXNpZCI6InNzYXNfZmM4OGNhNjAtOGQ2YS00OTRlLWE1MjctMjM1YWNkNWJhMzgxIn0sIm5iZiI6MTY2OTUxNTA5OCwiaWF0IjoxNjY5NTE1MDk4fQ.xgKazem7A5rznNObAIANL06JFXclzdz1mja2fT9LabY; SameSite=None; Path=/; Domain=.sannsyn.com; Secure ssasid=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure ssasid2=ssas_fc88ca60-8d6a-494e-a527-235acd5ba381; Max-Age=31536000; Expires=Mon, 27 Nov 2023 02:11:38 GMT; SameSite=None; Path=/; Domain=sannsyn.com; Secure; HTTPOnly
X-Robots-Tag: none
Cache-Control: no-cache
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://www.ark.no
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (2112), with no line terminators
Size:   644
Md5:    1c746910a313ee5559492f412ed71a86
Sha1:   9c5963e7030054dddc78f23465215b026f5c794e
Sha256: 514d64a22455748eea207c4acda8e17829e42d70d62b6b02cc31d9c69d734df6
                                        
                                            GET /_ui/responsive/common/images/vipps-hurtigkasse.png HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: image/png;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Content-Length: 28119
X-Frame-Options: ALLOWALL
Cache-Control: max-age=21600
ETag: W/"28119-1668634529048"
Last-Modified: Wed, 16 Nov 2022 21:35:29 GMT
Expires: Sun, 27 Nov 2022 08:11:38 GMT
X-Cache-Status: HIT
Accept-Ranges: bytes
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  PNG image data, 1507 x 200, 8-bit/color RGBA, interlaced\012- data
Size:   28119
Md5:    20763c896b5e9d795b71ab8282e5060f
Sha1:   335fa1f43ef3427bbf77eb8ae6730d8f647c8e03
Sha256: c9c6c68525f916981a25c4b1b58625d5c56e62a3c16f038f85a8cff9cbec0a32
                                        
                                            GET /boker/productCacheSensitiveDetails?productCode=9780226543178 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660; JSESSIONID=78CDF310434080ECB99E837A8FC279D5; anonymous-consents=%5B%5D; cookie-notification=NOT_ACCEPTED; SRVID=P1; _sfid_5b1e={%22anonymousId%22:%226262ae51e755de67%22%2C%22consents%22:[]}; _evga_4241={%22uuid%22:%226262ae51e755de67%22}; _gcl_au=1.1.745765744.1669515098; _ga_7BNLJ6Y01L=GS1.1.1669515097.1.0.1669515097.0.0.0; _ga=GA1.2.292147554.1669515098; _gid=GA1.2.1535784343.1669515098; _gat_UA-21555284-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:38 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Language: no
X-Cache-Status: MISS
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:38 GMT;path=/;secure;httponly


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1334), with no line terminators
Size:   634
Md5:    c5bec405abedb3d6a9c7c8df26281569
Sha1:   1eab051eee859cdab002e34dc0cd3b97e379b185
Sha256: 3a6936dafa790349fe3ab4f1fc781e8f189f9fa242357a41297ac8323c4c2985
                                        
                                            GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1 
Host: wapi.lipscore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.217
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-pagination: {"reviews":{"total_pages":0,"page":1}}
x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f
x-runtime: 0.058221
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 0
x-served-by: cache-bma1632-BMA
x-cache: MISS
x-cache-hits: 1
x-timer: S1669515098.414892,VS0,VE107
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 101
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   101
Md5:    db7f725cadb8e5989af1f1d717404307
Sha1:   9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b
Sha256: f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6
                                        
                                            GET /initial_data/products/show?api_key=6a2538253ca1d39fa2a02b28&internal_id=9780226543178&widgets=r%2Cr_sl%2Cr_sm%2Crw_l%2Crw_p&translate_to_lang=no HTTP/1.1 
Host: wapi.lipscore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.217
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
x-pagination: {"reviews":{"total_pages":0,"page":1}}
x-request-id: f3f91877-1ed3-49fa-bc4a-70141de1b39f
x-runtime: 0.058221
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 02:11:38 GMT
age: 0
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669515098.423636,VS0,VE99
vary: Origin
access-control-allow-origin: https://www.ark.no
content-length: 101
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   101
Md5:    db7f725cadb8e5989af1f1d717404307
Sha1:   9a16eb8f50206bc3c50412e1c4f27a36ed7b2b3b
Sha256: f0178da2f64013cb2a4d65d50ac1f89b4209fb5bf907b3d083dd2ab556a7f9c6
                                        
                                            POST /g/collect?v=2&tid=G-7BNLJ6Y01L&gtm=2oeb90&_p=408592828&cid=292147554.1669515098&ul=en-us&sr=1280x1024&_s=1&sid=1669515097&sct=1&seg=0&dl=https%3A%2F%2Fwww.ark.no%2Fboker%2FChristoph-Cox-Sonic-Flux-9780226543178%3Futm_source%3Dadtraction%26utm_medium%3DKelkoo%2BNO%26utm_campaign%3DPrice%2520comparison%26at_gd%3D9B6824339BFD6174A0C86D4541E08CF95B46FD04&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Sonic%20Flux%20%7C%20Christoph%20Cox%20%7C%20ARK%20Bokhandel&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.ark.no
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wro/ark_responsive.js?_=1669213137557 HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200
Content-Type: text/javascript;charset=UTF-8
                                        
Server: nginx
Date: Sun, 27 Nov 2022 02:11:37 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
cache-control: public, max-age=315360000
expires: Thu, 23 Nov 2023 14:21:24 GMT
last-modified: Wed, 23 Nov 2022 14:21:24 GMT
ETag: W/"2e0c6775a011b33b6c684f176933cc6b57d3e4b7"
X-Cache-Status: HIT
Content-Encoding: gzip
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&gjid=1843882532&_gid=1535784343.1669515098&_u=YADAAEAAAAAAACAEK~&z=1618520310 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.ark.no
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.251.1.156
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.ark.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21555284-1&cid=292147554.1669515098&jid=447157032&_u=YADAAEAAAAAAACAEK~&z=1564874615 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 02:11:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 02:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /kp/lib/v1/api.js HTTP/1.1 
Host: x.klarnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.46
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Nov 2022 12:01:20 GMT
x-amz-meta-lib-version: v1.10.0-1307-g5f8bf053
x-amz-meta-app-version: v1.0.0-23020-g6893d6d595
x-amz-version-id: zF1d_PccBEnyMwLtOFNVYxlIfvx1vlpl
server: AmazonS3
content-encoding: gzip
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: public, max-age=600
etag: W/"11c28d9a39da58009bb1e1baab3047f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fGRxqZ6iMeEom5RTw6k0sQktTm6CO1IAxHveYg_keRfhUqlhjvchRQ==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/header-search.min.js HTTP/1.1 
Host: www.ark.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/boker/Christoph-Cox-Sonic-Flux-9780226543178?utm_source=adtraction&utm_medium=Kelkoo+NO&utm_campaign=Price%20comparison&at_gd=9B6824339BFD6174A0C86D4541E08CF95B46FD04
Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         88.151.167.196
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 02:11:37 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"622bb-184a253d590"
Last-Modified: Wed, 23 Nov 2022 02:31:54 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: NSC_D18_MCWT_bsl_izcsjt_qspe=ffffffff09c6e4d645525d5f4f58455e445a4a423660;expires=Sun, 27-Nov-2022 02:41:37 GMT;path=/;secure;httponly


--- Additional Info ---
                                        
                                            GET /gtm.js?id=GTM-P3ZPLL HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 02:11:37 GMT
expires: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ark.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 02:11:37 GMT
date: Sun, 27 Nov 2022 02:11:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---