r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10727
Expires: Mon, 19 Sep 2022 22:50:42 GMT
Date: Mon, 19 Sep 2022 19:51:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 19:12:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Yp-JBgobi-R1WoUBad90vJ6HNOIG5XlzGVTeGeXiTtZQRg-wPfX0kA==
Age: 2347
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nG2upPa75WFxuInaS-rDkHNV0lsojQzUW_Lyc9QiLbdg3lvxb5X2Jg==
age: 55002
X-Firefox-Spdy: h2
c1.applicationgrabb.com/?step_id=1&installer_id=2855205737230047377&publisher_id=2606&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=8335587448226971034&external_id=0&session_id=9615859151959696159&hardware_id=14515253311944759031&product_name=converted+file&=&=&=&=&=&filesize=2.3&product_title=ListenToYouTube.com&installer_file_name=converted+file&product_file_name=converted+file.mp3&product_download_url=http://srv51.li&igno=&ignore_downloader=1&reffer=http://www.listentoyoutube.com/
173.239.5.6200 OK 251 B URL HTTP/1.1 c1.applicationgrabb.com/?step_id=1&installer_id=2855205737230047377&publisher_id=2606&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=8335587448226971034&external_id=0&session_id=9615859151959696159&hardware_id=14515253311944759031&product_name=converted+file&=&=&=&=&=&filesize=2.3&product_title=ListenToYouTube.com&installer_file_name=converted+file&product_file_name=converted+file.mp3&product_download_url=http://srv51.li&igno=&ignore_downloader=1&reffer=http://www.listentoyoutube.com/
IP 173.239.5.6:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8af508c68367fa252150433d59391636
ef0db24a657b533ba77ab3f5cf112663b9ce4599
b7537f7e96b8d2fbb56a69c57570f5b02e42aeb15e4a77987be33377076d5651
GET /?step_id=1&installer_id=2855205737230047377&publisher_id=2606&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=8335587448226971034&external_id=0&session_id=9615859151959696159&hardware_id=14515253311944759031&product_name=converted+file&=&=&=&=&=&filesize=2.3&product_title=ListenToYouTube.com&installer_file_name=converted+file&product_file_name=converted+file.mp3&product_download_url=http://srv51.li&igno=&ignore_downloader=1&reffer=http://www.listentoyoutube.com/ HTTP/1.1
Host: c1.applicationgrabb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 19 Sep 2022 19:51:55 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:51:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
c1.applicationgrabb.com/favicon.ico
173.239.5.6404 Not Found 114 B URL HTTP/1.1 c1.applicationgrabb.com/favicon.ico
IP 173.239.5.6:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4dda89292ffda632595d8e4040ef07c8
55c26cf87340555b3c09ba932bbabfc066a8d0ea
2615795f2aaccceaee3a5a92bcb488c122aed8a152f042633e41657fff9f7278
GET /favicon.ico HTTP/1.1
Host: c1.applicationgrabb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c1.applicationgrabb.com/?step_id=1&installer_id=2855205737230047377&publisher_id=2606&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=8335587448226971034&external_id=0&session_id=9615859151959696159&hardware_id=14515253311944759031&product_name=converted+file&=&=&=&=&=&filesize=2.3&product_title=ListenToYouTube.com&installer_file_name=converted+file&product_file_name=converted+file.mp3&product_download_url=http://srv51.li&igno=&ignore_downloader=1&reffer=http://www.listentoyoutube.com/
HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Mon, 19 Sep 2022 19:51:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 19:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 19:28:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nvt6-RmaOKyK6ujDAOwpHhrDxk5pOiulBhFIbOy2DCN5jOuovyQdZg==
Age: 2914
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:51:56 GMT
Last-Modified: Mon, 19 Sep 2022 19:07:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HJWxBiW1S6d5xFcfbIWxhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DTm2lqw/3ZrUN4sA98IxRPeWLXA=
applicationgrabb.com/
173.239.5.6200 OK 246 B IP 173.239.5.6:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a87e9316e932bb72a5df6170800fc422
4dd8d95771ba6dbf1cf54eff5e2bc6b2633bdc3a
262fd4b244b9a18a0eb77f3ffd0ee50eb610016e4ee6e764a364e6d3ff71a8a3
Analyzer Verdict Alert fortinet Phishing
POST / HTTP/1.1
Host: applicationgrabb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 12
Origin: http://c1.applicationgrabb.com
Connection: keep-alive
Referer: http://c1.applicationgrabb.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 19 Sep 2022 19:51:57 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6NjQsInRzIjoxNjYzNjE3MTE3LCJoYXNoIjoiYWY0YjE2YjIifQ==;Expires=Mon, 19-Sep-2022 20:51:57 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip
balor-ghn.com/zcvisitor/84130245-3854-11ed-8de3-0a46f6c5025b/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
34.194.66.161200 996 B URL HTTP/1.1 balor-ghn.com/zcvisitor/84130245-3854-11ed-8de3-0a46f6c5025b/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7e718afe6e9727870e7fa9e11608fa5e
30a57860feaf9a16028a3634d969901c8414f301
de579c1b4d3b12d44270625414ccaa1aec6eba06c33c683cef05c13b2243fedd
GET /zcvisitor/84130245-3854-11ed-8de3-0a46f6c5025b/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://applicationgrabb.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 19 Sep 2022 19:51:57 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: wvnCNKeV
applicationgrabb.com/favicon.ico
173.239.5.6404 Not Found 114 B URL HTTP/1.1 applicationgrabb.com/favicon.ico
IP 173.239.5.6:0
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4dda89292ffda632595d8e4040ef07c8
55c26cf87340555b3c09ba932bbabfc066a8d0ea
2615795f2aaccceaee3a5a92bcb488c122aed8a152f042633e41657fff9f7278
GET /favicon.ico HTTP/1.1
Host: applicationgrabb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://applicationgrabb.com/
Connection: keep-alive
Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6NjQsInRzIjoxNjYzNjE3MTE3LCJoYXNoIjoiYWY0YjE2YjIifQ==
HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Mon, 19 Sep 2022 19:51:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
balor-ghn.com/zcredirect?visitid=84130245-3854-11ed-8de3-0a46f6c5025b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
34.194.66.161200 362 B URL HTTP/1.1 balor-ghn.com/zcredirect?visitid=84130245-3854-11ed-8de3-0a46f6c5025b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dd4fbea87127d627705239dbd81b985e
e749c535e326cabaaf979887a26b7da1301cae3a
1c5672e8b7c05b6c5face7189806c87c4fbcf0436534a053d3faf2fc5fbafa96
GET /zcredirect?visitid=84130245-3854-11ed-8de3-0a46f6c5025b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcvisitor/84130245-3854-11ed-8de3-0a46f6c5025b/13946a70-a5da-11ec-9226-0a76dcc61f13?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 19 Sep 2022 19:51:57 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: MFAzHrjx
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1d17a83353e2d341aad9c8da5f59304
68fc257dcd96867a237da687b5324eeb59d32f84
ef0244bba7da8b160a94526880934ce9023b12dfae082218cff0b5e59f16d140
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0244BBA7DA8B160A94526880934CE9023B12DFAE082218CFF0B5E59F16D140"
Last-Modified: Mon, 19 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2578
Expires: Mon, 19 Sep 2022 20:34:55 GMT
Date: Mon, 19 Sep 2022 19:51:57 GMT
Connection: keep-alive
balor-ghn.com/favicon.ico
34.194.66.161404 653 B URL HTTP/1.1 balor-ghn.com/favicon.ico
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcredirect?visitid=84130245-3854-11ed-8de3-0a46f6c5025b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Mon, 19 Sep 2022 19:51:57 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: IKEFVACr
clever-redirect.com/s/r6?s=623619497&s2=cramoisy-sardine&s3=uniform-daw-1dx9w462zx
78.46.197.88200 OK 356 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=cramoisy-sardine&s3=uniform-daw-1dx9w462zx
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (356), with no line terminators
Hash 5711b7d5e08f7a5502791540cc2f735c
0581b724c4a926bffb81013c393710b7985ff4d9
37069e3d92b9797057f50d17c20b39bb7f802bacfc60236914583c3bc5b80a13
GET /s/r6?s=623619497&s2=cramoisy-sardine&s3=uniform-daw-1dx9w462zx HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balor-ghn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: e8063af5120f4a860e0137ca880d74aa=0187de8a5dee990bd4cec840a4226b8652fa64b899554e4f5a2b90183db8c940a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22e8063af5120f4a860e0137ca880d74aa%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Tue, 20-Sep-2022 19:51:57 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 356
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 19:51:57 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8449
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 19:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8449
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 19:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8449
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 19:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 250b8bcdf457a1d1e73bed6648da6de7
8739691588a08a885c849b0adb61f0510b758d71
5e9a20fc16f777a8ac0e22fde47b463db1d551ab2257733e64b921980f15e1f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E9A20FC16F777A8AC0E22FDE47B463DB1D551AB2257733E64B921980F15E1F8"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=91
Expires: Mon, 19 Sep 2022 19:53:28 GMT
Date: Mon, 19 Sep 2022 19:51:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:43 GMT
age: 79214
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 01:08:23 GMT
age: 67414
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RWcHVQkq3COqcWuVRgOdpVDi7VFrdjpu4q-NU0D3iod1B58xF4K_Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:55 GMT
age: 79202
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ae5a7fc19cf9601753b147621cb9f8c
04063797f76518668fdd9a5d5a86c7637eac43b8
b1c659363aa69139a03aab9a6d76800b3568ccf5201f02e1ea864e2bff70d3a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 29c7788f-27e9-4823-8cba-ebf4ef9ea7ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tjEvsoAMFrtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbc-37b8d7930503d507592bf728;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -hhkLqfURsIBwgNHxoMM002WynFjq5WJ62bNRbXhFxH6dbmZD7zm2g==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 22:10:51 GMT
age: 78066
etag: "04063797f76518668fdd9a5d5a86c7637eac43b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: b04884f3-149d-4750-876b-8e8762f0f2a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfzrHKMoAMFlfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6321467d-5852e5ef280580b8569b548f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:11:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vaJ_7zKaGiXZh4VtTlLZCOFpi7bz9tpKRbsvRDJ4En-E93sREYnz5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 05:49:41 GMT
age: 50536
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb78000d2-f83e-44e6-b5dd-092b2c37f6b8.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb78000d2-f83e-44e6-b5dd-092b2c37f6b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a533c29caf29ac5348a4443278d5c52c
915155faf27fad10373d5e282621af5c2eba0c17
eaa82b2d158d5f8c8a91a13cbce276aa8e2a9adabaa5a7d81e1155e3334ca27d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb78000d2-f83e-44e6-b5dd-092b2c37f6b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4807
x-amzn-requestid: 9fdca623-dc65-4b51-9b40-15049a21b986
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlFNeIAMFblg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-285bbc7b1d5cf53a0e4aee0c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CY-m1MIG3c7tAi5RB6Oh_Fm_k2eLSRD7rFefVfaFlV6iYPvZfVzEvQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:48:04 GMT
age: 79433
etag: "915155faf27fad10373d5e282621af5c2eba0c17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=dressmykid.no&s1=623619497&s2=cramoisy-sardine&s3=uniform-daw-1dx9w462zx&s5=cf
157.90.169.168200 OK 616 B URL HTTP/2 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=dressmykid.no&s1=623619497&s2=cramoisy-sardine&s3=uniform-daw-1dx9w462zx&s5=cf
IP 157.90.169.168:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Hash 870db3e2f304adf2b328721ee146787e
b14c24dea463e63495cdc43175d652591d7a4b33
e0c274c586a134a5b05c50750b4ba1b58f959c12351b68f2d3ae40f54a8e58cc
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=dressmykid.no&s1=623619497&s2=cramoisy-sardine&s3=uniform-daw-1dx9w462zx&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.30
set-cookie: 0a8e48e2f8f6472ae39b2530bfb3cc5f=d81cd82c167af7bd506f432795458c61621462ca5c23a7c4ef6dc302112b881da%3A2%3A%7Bi%3A0%3Bs%3A32%3A%220a8e48e2f8f6472ae39b2530bfb3cc5f%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Tue, 20-Sep-2022 19:51:57 GMT; Max-Age=86399; path=/; HttpOnly
content-length: 616
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 19:51:57 GMT
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
X-Firefox-Spdy: h2
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DckMvelhTczdSS040T0JIaEQrSHcvdFFNSXNZTFNqbERqaHRaNzU1RE9PWXg0VE95NUtXVVNSOGtOKzF4ZVZBMnhBcDRDZzluVlZLa2lRRHhhUXNIWWhtRVdhQ3E4bm10YkEzT1MwbUJjSjc5S3hlQkdVWCthZTVXWlpsMGg5Q2YrK2RTTTdyNk1QanRIV29Gb3J5cExVVTZ0dkxOZ2V2RU1pMTF1QzhSZ0E3TUNuND0%3D%26i%3DPamgcPPHfvAAhp4N%26placementId%3D385da78dcf38d4eab8cb82bb71d4f053&h=e88c62cf9f9e4cbe45c97d8bd20d5f80
157.90.169.168200 OK 544 B URL HTTP/2 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DckMvelhTczdSS040T0JIaEQrSHcvdFFNSXNZTFNqbERqaHRaNzU1RE9PWXg0VE95NUtXVVNSOGtOKzF4ZVZBMnhBcDRDZzluVlZLa2lRRHhhUXNIWWhtRVdhQ3E4bm10YkEzT1MwbUJjSjc5S3hlQkdVWCthZTVXWlpsMGg5Q2YrK2RTTTdyNk1QanRIV29Gb3J5cExVVTZ0dkxOZ2V2RU1pMTF1QzhSZ0E3TUNuND0%3D%26i%3DPamgcPPHfvAAhp4N%26placementId%3D385da78dcf38d4eab8cb82bb71d4f053&h=e88c62cf9f9e4cbe45c97d8bd20d5f80
IP 157.90.169.168:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash 68828384dceaaba2f7490b4b7b496c54
eaab15559fc017d2cb7920086fd8409c8c4630e2
1a60be3be4fd5bd9b3798a6a698dfbe079bd46e5bed6f561a217d4671ac860c9
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DckMvelhTczdSS040T0JIaEQrSHcvdFFNSXNZTFNqbERqaHRaNzU1RE9PWXg0VE95NUtXVVNSOGtOKzF4ZVZBMnhBcDRDZzluVlZLa2lRRHhhUXNIWWhtRVdhQ3E4bm10YkEzT1MwbUJjSjc5S3hlQkdVWCthZTVXWlpsMGg5Q2YrK2RTTTdyNk1QanRIV29Gb3J5cExVVTZ0dkxOZ2V2RU1pMTF1QzhSZ0E3TUNuND0%3D%26i%3DPamgcPPHfvAAhp4N%26placementId%3D385da78dcf38d4eab8cb82bb71d4f053&h=e88c62cf9f9e4cbe45c97d8bd20d5f80 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 0a8e48e2f8f6472ae39b2530bfb3cc5f=d81cd82c167af7bd506f432795458c61621462ca5c23a7c4ef6dc302112b881da%3A2%3A%7Bi%3A0%3Bs%3A32%3A%220a8e48e2f8f6472ae39b2530bfb3cc5f%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.30
content-length: 544
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 19:51:58 GMT
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f64a8585ebe7ea2d7216868a159d30e0
3398111ad4c42f71bd65800976e1aad7afc1a59a
285e3c7e02599d3b578ba1bd004eb1e851118f27c418a066814741c12b6bf7a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "285E3C7E02599D3B578BA1BD004EB1E851118F27C418A066814741C12B6BF7A2"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6236
Expires: Mon, 19 Sep 2022 21:35:54 GMT
Date: Mon, 19 Sep 2022 19:51:58 GMT
Connection: keep-alive
api.yadore.com/v2/r/deeplink?e=ckMvelhTczdSS040T0JIaEQrSHcvdFFNSXNZTFNqbERqaHRaNzU1RE9PWXg0VE95NUtXVVNSOGtOKzF4ZVZBMnhBcDRDZzluVlZLa2lRRHhhUXNIWWhtRVdhQ3E4bm10YkEzT1MwbUJjSjc5S3hlQkdVWCthZTVXWlpsMGg5Q2YrK2RTTTdyNk1QanRIV29Gb3J5cExVVTZ0dkxOZ2V2RU1pMTF1QzhSZ0E3TUNuND0=&i=PamgcPPHfvAAhp4N&placementId=385da78dcf38d4eab8cb82bb71d4f053
88.99.112.6302 Found 0 B URL HTTP/2 api.yadore.com/v2/r/deeplink?e=ckMvelhTczdSS040T0JIaEQrSHcvdFFNSXNZTFNqbERqaHRaNzU1RE9PWXg0VE95NUtXVVNSOGtOKzF4ZVZBMnhBcDRDZzluVlZLa2lRRHhhUXNIWWhtRVdhQ3E4bm10YkEzT1MwbUJjSjc5S3hlQkdVWCthZTVXWlpsMGg5Q2YrK2RTTTdyNk1QanRIV29Gb3J5cExVVTZ0dkxOZ2V2RU1pMTF1QzhSZ0E3TUNuND0=&i=PamgcPPHfvAAhp4N&placementId=385da78dcf38d4eab8cb82bb71d4f053
IP 88.99.112.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r/deeplink?e=ckMvelhTczdSS040T0JIaEQrSHcvdFFNSXNZTFNqbERqaHRaNzU1RE9PWXg0VE95NUtXVVNSOGtOKzF4ZVZBMnhBcDRDZzluVlZLa2lRRHhhUXNIWWhtRVdhQ3E4bm10YkEzT1MwbUJjSjc5S3hlQkdVWCthZTVXWlpsMGg5Q2YrK2RTTTdyNk1QanRIV29Gb3J5cExVVTZ0dkxOZ2V2RU1pMTF1QzhSZ0E3TUNuND0=&i=PamgcPPHfvAAhp4N&placementId=385da78dcf38d4eab8cb82bb71d4f053 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 19:51:58 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fdressmykid.no%2F&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.20
content-length: 0
X-Firefox-Spdy: h2
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fdressmykid.no%2F&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b&custom2=SRdytlITOR16&custom3=false
143.204.55.95302 Found 0 B URL HTTP/2 api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fdressmykid.no%2F&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b&custom2=SRdytlITOR16&custom3=false
IP 143.204.55.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fdressmykid.no%2F&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b
x-gravitee-transaction-id: 94eda328-d9b9-4fe4-ada3-28d9b90fe436
x-gravitee-request-id: 94eda328-d9b9-4fe4-ada3-28d9b90fe436
vary: Origin
request-time: 740
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Mon, 19 Sep 2022 19:51:59 GMT
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cqzPWberdsoY0u01XIJy5J7Vwi16jCqTOs5RVL4vh2UgpyblLHlXaw==
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10734b7d5832d2bcc97175e094bd7151
94bc94f0aa4242de3f6678e75535249d64e117b7
f00294810adee070df4eb361526016228fdec74ba964007d56c2c1cf4e0256fd
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4334
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:51:59 GMT
Last-Modified: Mon, 19 Sep 2022 18:39:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b
95.211.116.27200 OK 31 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12978)
Hash 6091b4a306e11096399270c0f676d2b7
00072cf595716cd5f5d4eca053f0b7fbee9acd98
fbc079fa014366ded5f14220e49d438fbf31a273d260471d501b6ac5aad4a898
GET /ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 19:51:59 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267
clickId: 107698149_1663617119491_490655
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.01297S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 31438
Set-Cookie: datadome=rT6Ibjh1Xg3uddNlDh~7EJ~V3w9OGbayLjM-ZChQMcYYm0Ocg0Z.bVfMT3aETnaAhbwB6xUdElbhACv7v5ui.Ccjd1OW2PF_0VhB.oZhi9FoDl.rySepzJPWnDx65WT; Max-Age=31536000; Expires=Tue, 19 Sep 2023 19:51:59 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6295-183574eb503-2140e; Max-Age=31536000; Expires=Tue, 19 Sep 2023 19:51:59 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=82
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b
Connection: keep-alive
Cookie: datadome=rT6Ibjh1Xg3uddNlDh~7EJ~V3w9OGbayLjM-ZChQMcYYm0Ocg0Z.bVfMT3aETnaAhbwB6xUdElbhACv7v5ui.Ccjd1OW2PF_0VhB.oZhi9FoDl.rySepzJPWnDx65WT; kelkooID=a4c6295-183574eb503-2140e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 19:51:59 GMT
Request-Time: PT0.001596S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=99
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b
Content-Type: text/plain;charset=utf-8
Content-Length: 520
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=rT6Ibjh1Xg3uddNlDh~7EJ~V3w9OGbayLjM-ZChQMcYYm0Ocg0Z.bVfMT3aETnaAhbwB6xUdElbhACv7v5ui.Ccjd1OW2PF_0VhB.oZhi9FoDl.rySepzJPWnDx65WT; kelkooID=a4c6295-183574eb503-2140e; _ga=GA1.2.1884155965.1663617099; _gid=GA1.2.1849823945.1663617099
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 19:51:59 GMT
Request-Time: PT0.002637S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=75
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.104200 OK 42 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.104:0
File type ASCII text, with very long lines (65432)
Hash 7150acd408b7e8d6c917ecfcfbe47050
cb61fa84f12b95b9be19e8fb351231e393d72dfa
f2e8c6d5e71cff0727daf02501140f20ed2980b52a4b9f7db037efbd674a0854
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=rT6Ibjh1Xg3uddNlDh~7EJ~V3w9OGbayLjM-ZChQMcYYm0Ocg0Z.bVfMT3aETnaAhbwB6xUdElbhACv7v5ui.Ccjd1OW2PF_0VhB.oZhi9FoDl.rySepzJPWnDx65WT; kelkooID=a4c6295-183574eb503-2140e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 42506
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 08 Sep 2022 07:49:28 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront), 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
date: Mon, 19 Sep 2022 19:50:00 GMT
cache-control: max-age=3600, public
expires: Mon, 19 Sep 2022 20:49:58 GMT
etag: "32ef7-5e825ab48f67d-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: vgGFUHs3cqmHXWukFsVlWghrBmocn2OBJirCdGOknuPWI4ub6DNLIw==
age: 121
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.27403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b
Connection: keep-alive
Cookie: datadome=rT6Ibjh1Xg3uddNlDh~7EJ~V3w9OGbayLjM-ZChQMcYYm0Ocg0Z.bVfMT3aETnaAhbwB6xUdElbhACv7v5ui.Ccjd1OW2PF_0VhB.oZhi9FoDl.rySepzJPWnDx65WT; kelkooID=a4c6295-183574eb503-2140e; _ga=GA1.2.1884155965.1663617099; _gid=GA1.2.1849823945.1663617099
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655&url=https%3A%2F%2Fdressmykid.no%2F%3Fkk%3Da4c6295-183574eb503-2140e%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655&url=https%3A%2F%2Fdressmykid.no%2F%3Fkk%3Da4c6295-183574eb503-2140e%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604217b87f2c7c7f987a4a92228878dd99620335e1095c741d539784fd5ed86e1a3970a663761faab7eaec9c108795e5eb29929d830b0877a18b5e8c4bfe7aec6a58150e8b4d3b737849e24ffc90d6c53819cafde3445f1959fc6da61a1351491482c1915eea7ba3d034c03e1264d2a143c6b73ac6c1acce561d07b9320b2ff1b00905dfb421b60226bd052f6ac6463847e304048aae5d436361a91f89a4a6ff9ed69967c44c492b3fc81fb893e1d73e4a1cdb68a0458662029d15454d0f72c5612a9d1f8db99451b43b3cd5b425d12a4bfc314a1a25f40292287addc8146a603d80bf78ccf832bd2c531cb6225b6ff6dc3e1e197d11a7eecb245e224f3dded4bdd3896e685434c6ee4dda0c6f41e29e67800&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&clickId=107698149_1663617119491_490655&url=https%3A%2F%2Fdressmykid.no%2F%3Fkk%3Da4c6295-183574eb503-2140e%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/merchantGo?.ts=1663617119322&.sig=WkJkmY3iWUGgW0U_z_r7lFTMupo-&affiliationId=96965886&comId=16238513&country=no&cpcId=461373&merchantName=DressMyKid.no&searchId=1076100361024_1663617118585_1783979&service=30&url=https%3A%2F%2Fdressmykid.no%2F&custom2=SRdytlITOR16&custom3=false&custom1=f5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b
Connection: keep-alive
Cookie: datadome=rT6Ibjh1Xg3uddNlDh~7EJ~V3w9OGbayLjM-ZChQMcYYm0Ocg0Z.bVfMT3aETnaAhbwB6xUdElbhACv7v5ui.Ccjd1OW2PF_0VhB.oZhi9FoDl.rySepzJPWnDx65WT; kelkooID=a4c6295-183574eb503-2140e; _ga=GA1.2.1884155965.1663617099; _gid=GA1.2.1849823945.1663617099
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Mon, 19 Sep 2022 19:51:59 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267
clickId: 107698149_1663617119491_490655
country: no
Location: https://dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.011963S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=tikX6khWkiyezK22t6myqsIRh.tHPELnQ5s9UyRihlYv6Rgft4Yx.C2.RZr2roh4XLoxpcS0DoN83sIcg63nYH_hIeZ~yQKm7vtxzxT.~ztdEXO_5F4HmZtiSN~9KWy; Max-Age=31536000; Expires=Tue, 19 Sep 2023 19:51:59 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive
Content-Type: text/plain
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c1017635310cb6b50f5b009d04b5a936
911fef79fa2a83cddbe3e77212331c2fe371ed0b
04c8049a69f14b15e45d9780a87067e17c04a35f374ffa7c8210608a49070336
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 19:51:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 08:56:58 GMT
Expires: Fri, 23 Sep 2022 08:56:57 GMT
Etag: "911fef79fa2a83cddbe3e77212331c2fe371ed0b"
Cache-Control: max-age=603132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 490
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d4dbf6fb1c0b49-OSL
api-js.datadome.co/js/
13.51.3.189200 OK 236 B IP 13.51.3.189:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ed83b29abc4fee42f195e6530003cfb7
d77ab254a8327a56fec2247edde008c352919d50
58ef45cc1732ad3d5977d0cfbb2dffae416a8310b3bc71aa6b9865698712516d
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4157
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:51:59 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d58544f9f6228ce5ae28ac95d0862e2
e0f866a3957551ae9ac8994097a4c0524878c3bd
3c3abf3f6a42511a5dfbf3dfe1ec880634764c0abb77269114d8835c2d82b97c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C3ABF3F6A42511A5DFBF3DFE1EC880634764C0ABB77269114D8835C2D82B97C"
Last-Modified: Sun, 18 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21501
Expires: Tue, 20 Sep 2022 01:50:21 GMT
Date: Mon, 19 Sep 2022 19:52:00 GMT
Connection: keep-alive
dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
46.30.215.191302 Found 257 B URL HTTP/2 dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP 46.30.215.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ef357663b7ec010bf9d88f8936c2686
01261d6d01d8b93be28debb426be29853e151162
7c7e84baa3114f87f416d3da11be20c7603c9523b20249b6e53deea7b3600eda
GET /?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: max-age:600, public
content-length: 257
expires: Mon, 19 Sep 2022 20:02:00 GMT
last-modified: Mon, 19 Sep 2022 19:52:00 GMT
location: http://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
date: Mon, 19 Sep 2022 19:52:00 GMT
content-type: text/html; charset=utf-8
x-varnish: 86348368
age: 0
via: 1.1 webcache2 (Varnish/trunk)
X-Firefox-Spdy: h2
www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
52.17.124.116301 Moved Permanently 162 B URL HTTP/1.1 www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP 52.17.124.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Sep 2022 19:52:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1663617119322%26.sig%3DWkJkmY3iWUGgW0U_z_r7lFTMupo-%26affiliationId%3D96965886%26comId%3D16238513%26country%3Dno%26cpcId%3D461373%26merchantName%3DDressMyKid.no%26searchId%3D1076100361024_1663617118585_1783979%26service%3D30%26url%3Dhttps%253A%252F%252Fdressmykid.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3Df5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C16238513%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20DressMyKid.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1884155965.1663617099&tid=UA-168544891-6&_gid=1849823945.1663617099&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&cd3=16238513&cd4=a4c6295-183574eb503-2140e&cd5=&cd6=96965886%7C16238513%7C&z=1602471527
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1663617119322%26.sig%3DWkJkmY3iWUGgW0U_z_r7lFTMupo-%26affiliationId%3D96965886%26comId%3D16238513%26country%3Dno%26cpcId%3D461373%26merchantName%3DDressMyKid.no%26searchId%3D1076100361024_1663617118585_1783979%26service%3D30%26url%3Dhttps%253A%252F%252Fdressmykid.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3Df5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C16238513%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20DressMyKid.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1884155965.1663617099&tid=UA-168544891-6&_gid=1849823945.1663617099&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&cd3=16238513&cd4=a4c6295-183574eb503-2140e&cd5=&cd6=96965886%7C16238513%7C&z=1602471527
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FmerchantGo%3F.ts%3D1663617119322%26.sig%3DWkJkmY3iWUGgW0U_z_r7lFTMupo-%26affiliationId%3D96965886%26comId%3D16238513%26country%3Dno%26cpcId%3D461373%26merchantName%3DDressMyKid.no%26searchId%3D1076100361024_1663617118585_1783979%26service%3D30%26url%3Dhttps%253A%252F%252Fdressmykid.no%252F%26custom2%3DSRdytlITOR16%26custom3%3Dfalse%26custom1%3Df5bfa0f9fd3eb49352026011291fc46ca27dd63d96bc0da44835e3b39756cc4b&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C16238513%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20DressMyKid.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1884155965.1663617099&tid=UA-168544891-6&_gid=1849823945.1663617099&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1663617119493_217267&cd3=16238513&cd4=a4c6295-183574eb503-2140e&cd5=&cd6=96965886%7C16238513%7C&z=1602471527 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Mon, 19 Sep 2022 19:52:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dressmykid.no/js/modules/consent.js
52.17.124.116200 OK 118 B URL HTTP/2 www.dressmykid.no/js/modules/consent.js
IP 52.17.124.116:0
Hash 171b8d59519749a8516bbcba8848ecfe
b8579c351da813cfcc7a1d62361da1ec84c7accb
d7d034adaa578b9a749cc7b61eca30c1b64f20a8fdeb11c6d176bed640229538
GET /js/modules/consent.js HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/javascript
content-length: 118
last-modified: Mon, 19 Sep 2022 08:40:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_jquery.js?version=1662367267&v2&host=dressmykidno_mystore_no
52.17.124.116200 OK 30 kB URL HTTP/2 www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_jquery.js?version=1662367267&v2&host=dressmykidno_mystore_no
IP 52.17.124.116:0
File type ASCII text, with very long lines (32058), with CRLF line terminators
Hash fa4c766f3f87efacfd97f602b1cdb5ba
d9fe6809b6633b1382732dbfa33cb6f32a512525
5661fb7492c8431443dcbec3c3e61d532186f9ebc87b07287edaee48571a9ba9
GET /users/themeamerica_mystore_no/templates/america/local/local_jquery.js?version=1662367267&v2&host=dressmykidno_mystore_no HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/javascript
content-length: 30196
last-modified: Tue, 27 Oct 2020 12:15:30 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/css/modules/consent.css
52.17.124.116200 OK 2.7 kB URL HTTP/2 www.dressmykid.no/css/modules/consent.css
IP 52.17.124.116:0
Hash 69a4a27623a803708cc608444a94fc03
ed098e532cd26ef60bee4879f771b6b29675a6a3
8118ec59500378053b26ff124f7813c063f8da267ea6a1f8427af963a020216d
GET /css/modules/consent.css HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/css
content-length: 2670
last-modified: Mon, 19 Sep 2022 08:40:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.kk-resources.com/leadtag.js
143.204.55.7200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 143.204.55.7:0
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: 3b4219e0-c412-420c-8219-e0c412320c20
X-Gravitee-Request-Id: 3b4219e0-c412-420c-8219-e0c412320c20
ETag: "05e089e0c08fd98ee6b4f6497ec87752b123fc2f"
Request-Time: 5
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 12 Jul 2022 13:51:05 GMT
Content-Encoding: gzip
Date: Mon, 19 Sep 2022 19:32:12 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZTkM4S-b8rZvpwG_aF8taEze4wBLmNBtrWwaZhDIsmeemsLyrMGmPA==
Age: 1189
www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_css.css?version=a1662367267&host=dressmykidno_mystore_no
52.17.124.116200 OK 42 kB URL HTTP/2 www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_css.css?version=a1662367267&host=dressmykidno_mystore_no
IP 52.17.124.116:0
File type ASCII text, with CRLF line terminators
Hash 59787ac5f7ebcc68e8639a09baee82f2
57e142385b3927b031f2b1b4bf61a7d28d2f0ade
a7cd7d0459efa2b6b59bd0612a97a2463976b883ad1936a13bff4a742ee6cabb
GET /users/themeamerica_mystore_no/templates/america/local/local_css.css?version=a1662367267&host=dressmykidno_mystore_no HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/css
content-length: 41460
last-modified: Tue, 18 Jan 2022 06:51:33 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/users/dressmykidno_mystore_no/templates/custom_javascript.js?v=1663617120
52.17.124.116200 OK 4.1 kB URL HTTP/2 www.dressmykid.no/users/dressmykidno_mystore_no/templates/custom_javascript.js?v=1663617120
IP 52.17.124.116:0
File type ISO-8859 text, with very long lines (933), with CRLF line terminators
Hash 3f79401b9c195cf12e5d0c27aa755215
e1935712aa2dc8d6f15c64d4c991c63e6ba20bb0
110dbc8013b55879d9fc2593b7160b118fb75fd831c7fc38a32a2ba1173b71a5
GET /users/dressmykidno_mystore_no/templates/custom_javascript.js?v=1663617120 HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/javascript
content-length: 4116
last-modified: Mon, 11 Apr 2022 18:15:39 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/users/dressmykidno_mystore_no/logo/Header07.08.183.jpg
52.17.124.116200 OK 9.9 kB URL HTTP/2 www.dressmykid.no/users/dressmykidno_mystore_no/logo/Header07.08.183.jpg
IP 52.17.124.116:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 95", baseline, precision 8, 256x100, components 3\012- data
Hash 1d4c3ab712b3c636587ca85ce419259f
125fbd45da501d496c229e22b2e5833cbba2ba5b
65f8dc1da0aa52d6c01068c3d66aa2cf0baeb1da6caee4105fb0a2027504a6c9
GET /users/dressmykidno_mystore_no/logo/Header07.08.183.jpg HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: image/jpeg
content-length: 9902
last-modified: Sun, 08 Jul 2018 12:45:23 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
52.17.124.116200 OK 67 kB URL HTTP/2 www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP 52.17.124.116:0
Hash 0c30f4cf5b6f068505ddc98a46adf9f6
27c97165e1251ee0220a51d9e06c48204d1105d8
e6541418678a2a72d89ab0acb95aa58e1d047da452147cb2855264ca1c544b96
GET /?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/html; charset=iso-8859-1
x-frame-options: SAMEORIGIN
set-cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/aK79X_Kivat_Kivat_knutepanneb_nd_til_barn__st_vros_1.webp/w600h600.webp
143.204.55.13200 OK 25 kB URL HTTP/2 dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/aK79X_Kivat_Kivat_knutepanneb_nd_til_barn__st_vros_1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec105949563cadc5284028a57fcb3603
1ec55d5cd506ad124d9f9a145045a50726f2c745
f162a54450d15ed6dc9bb29f7557fdba4bdcfc2c52d687450833b67e2a7f1162
GET /mysimgprod/dressmykidno_mystore_no/images/aK79X_Kivat_Kivat_knutepanneb_nd_til_barn__st_vros_1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i04.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 24790
last-modified: Mon, 11 Apr 2022 13:38:16 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 09:30:13 GMT
etag: "ec105949563cadc5284028a57fcb3603"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9Z5bRdvdHBqnKJqWixeJmdXZP3dcsYqQQ5y96y6ARK6ADk23TuVKGg==
age: 37309
X-Firefox-Spdy: h2
dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_16620380606310b02c8aaaa.webp/w600h600.webp
143.204.55.13200 OK 24 kB URL HTTP/2 dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_16620380606310b02c8aaaa.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d62e39472bbf26444990c14d96a4bdd2
6a9ecd9bf39f2f64a0bb1db1b700ad8cfaf7bfe9
c0a09def264a41ee4d80873b8e8c21e175b7cc6dfe7bd5fbab28f4217a0d2a97
GET /mysimgprod/dressmykidno_mystore_no/images/upload_16620380606310b02c8aaaa.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i04.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 24058
last-modified: Thu, 01 Sep 2022 13:14:23 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 10:34:48 GMT
etag: "d62e39472bbf26444990c14d96a4bdd2"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Tjyw3c1v42KNVoOKUWlM71AWihb2fQx3MRI0_5kmGWSo6UNTCwKyUA==
age: 33434
X-Firefox-Spdy: h2
www.dressmykid.no/users/themeamerica_mystore_no/Image/loading.gif
52.17.124.116200 OK 925 B URL HTTP/2 www.dressmykid.no/users/themeamerica_mystore_no/Image/loading.gif
IP 52.17.124.116:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ff7f4e281e119b09fd668c1470b4c5e
127755a00c8d748c7f3433fd3d3478d5d2360648
166dd79bd94954ba9df9b96f459f9921726925cf382ce1434736030bacc309db
GET /users/themeamerica_mystore_no/Image/loading.gif HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: image/gif
content-length: 925
last-modified: Fri, 30 Oct 2020 08:17:40 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/98164_Fila_Fila_Radia_Trackpants_til_dame__keepsak_1.webp/w600h600.webp
143.204.55.13200 OK 5.0 kB URL HTTP/2 dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/98164_Fila_Fila_Radia_Trackpants_til_dame__keepsak_1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e3cf9a106669f5a8306fa21273b74ab
3fb1591b0042c2f8b248cccbf869e53418c45455
a67cfb207ca9420afc87a6fc8833be76c266ca7cb8f9bb522f36c9f5ef4d522d
GET /mysimgprod/dressmykidno_mystore_no/images/98164_Fila_Fila_Radia_Trackpants_til_dame__keepsak_1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i04.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 5010
date: Mon, 19 Sep 2022 12:05:02 GMT
last-modified: Mon, 11 Apr 2022 15:48:58 GMT
etag: "5e3cf9a106669f5a8306fa21273b74ab"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -YV-eZY1WqKlK2HB6mXe0LpD-UllipXxPJBMKw_T0feanVe6nmL7Rg==
age: 28020
X-Firefox-Spdy: h2
www.dressmykid.no/css/instagram/owl.carousel.min.css
52.17.124.116200 OK 1.1 kB URL HTTP/2 www.dressmykid.no/css/instagram/owl.carousel.min.css
IP 52.17.124.116:0
File type ASCII text, with very long lines (3184)
Hash d4aee9ab003194f1613781284ff38ccf
8c2c8a616aebf21aca3ccf2fb28b906205570815
ac1266d52dde4e5a3d122e2196a3230e3db7684e01420b1973b82f5065ee5551
GET /css/instagram/owl.carousel.min.css HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/css
content-length: 1069
last-modified: Mon, 19 Sep 2022 08:40:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/35168_Gullkorn_Design_Gullkorn_Design_Moss_bukse___1.webp/w600h600.webp
143.204.55.13200 OK 7.9 kB URL HTTP/2 dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/35168_Gullkorn_Design_Gullkorn_Design_Moss_bukse___1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85e70839f5157df9837691a3d10db491
79a6d3c3f571509e171ace37ff2e8ccb733a7a4d
494b37d389455a0bc9518b5dd8937b95ff823ba5192904b2b17ae155ca007640
GET /mysimgprod/dressmykidno_mystore_no/images/35168_Gullkorn_Design_Gullkorn_Design_Moss_bukse___1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i04.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 7914
last-modified: Mon, 11 Apr 2022 13:55:01 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 17:44:00 GMT
etag: "85e70839f5157df9837691a3d10db491"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lhPFdkTQi3J-WJEEN_Tf_N0YpJJ05odyCLSzDnpUWJPmPDImTRUl_w==
age: 7682
X-Firefox-Spdy: h2
dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/21450_Hummel_Hummel_Frankie_joggebukse_til_barn__C_1.webp/w600h600.webp
143.204.55.13200 OK 8.3 kB URL HTTP/2 dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/21450_Hummel_Hummel_Frankie_joggebukse_til_barn__C_1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f4a5999959b3249633a861a06e6c0fd
9061f077907ee396e1d8c63919d5c7af875bd02e
48b7d9de669a26006134a93f681c4b6899fbc7773e7e61cc85632d5e3a5b7ba3
GET /mysimgprod/dressmykidno_mystore_no/images/21450_Hummel_Hummel_Frankie_joggebukse_til_barn__C_1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i04.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 8280
date: Mon, 19 Sep 2022 02:53:31 GMT
last-modified: Mon, 11 Apr 2022 13:20:50 GMT
etag: "5f4a5999959b3249633a861a06e6c0fd"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vyX6Me09FFlMtnuCw9e6U75G215hyPW5cLIwTTe-CkQHqy6wsvxIPw==
age: 61111
X-Firefox-Spdy: h2
www.dressmykid.no/js/instagram/owl.carousel.min.js
52.17.124.116200 OK 11 kB URL HTTP/2 www.dressmykid.no/js/instagram/owl.carousel.min.js
IP 52.17.124.116:0
File type ASCII text, with very long lines (32035)
Hash e011b6d01955569b6eb148c0f941b6cc
79b9758ce82a47359b0f9ffd03a5bd5c84f58523
a5de155e479ae1bfb924f0b90d62a3f36ebce666e2ebece633247e3f9d9dd604
GET /js/instagram/owl.carousel.min.js HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/javascript
content-length: 11091
last-modified: Mon, 19 Sep 2022 08:40:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-31278684-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-31278684-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 2dfc5e0b46769208e8e47e01662cf863
fcbd97128cc4684056f7c8d1a5d2c89cae152aa5
18f8781064d6cd7870bb3e308bf684594bf0cb9049b94012d2ae39664245af3b
GET /gtag/js?id=UA-31278684-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 19:52:01 GMT
expires: Mon, 19 Sep 2022 19:52:01 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_16620380866310b0467f2ff.webp/w600h600.webp
143.204.55.13200 OK 39 kB URL HTTP/2 dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_16620380866310b0467f2ff.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 355de45d4225d8aac4af617a4581bf4c
1da32cfb0f766d53c1e867efa0c95544b6c03c81
93ae423ae8d661c07563476125939c4834d2cd23d8b37a2bcc209e697912d7eb
GET /mysimgprod/dressmykidno_mystore_no/images/upload_16620380866310b0467f2ff.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i05.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 39228
last-modified: Thu, 01 Sep 2022 13:14:50 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 04:22:34 GMT
etag: "355de45d4225d8aac4af617a4581bf4c"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SanGzP5C3C8O78AituJw7A3LX9ckYMnNCXIeVjTQbpWZe3sCKCVgnA==
age: 55768
X-Firefox-Spdy: h2
www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_css_footer.css?version=a1662367267&host=dressmykidno_mystore_no
52.17.124.116200 OK 14 kB URL HTTP/2 www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_css_footer.css?version=a1662367267&host=dressmykidno_mystore_no
IP 52.17.124.116:0
File type ASCII text, with CRLF line terminators
Hash 6fc22fd2f79a286f970b69512272f174
bee19b6a2af4e686eef7a85e670c58712e190a35
6eec6f1313211a4cae29cfc95407646676f57d26fbb592e3b94fb705e5119c2a
GET /users/themeamerica_mystore_no/templates/america/local/local_css_footer.css?version=a1662367267&host=dressmykidno_mystore_no HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/css
content-length: 13631
last-modified: Thu, 11 Mar 2021 08:55:16 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/mTo9W_Gant_Gant_Archive_shield_hettegenser__Dry_sa_1.webp/w600h600.webp
143.204.55.13200 OK 13 kB URL HTTP/2 dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/mTo9W_Gant_Gant_Archive_shield_hettegenser__Dry_sa_1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 49b438dd966c3bd4f7bcd23a1993db0a
a3fe27d89858dfc670a6c665eedc6e75998364f8
2fb162c6885c5ebc329903ff87a903a984031852644e8ee03a78633bacae61f6
GET /mysimgprod/dressmykidno_mystore_no/images/mTo9W_Gant_Gant_Archive_shield_hettegenser__Dry_sa_1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i05.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 13338
date: Mon, 19 Sep 2022 11:42:05 GMT
last-modified: Mon, 11 Apr 2022 13:19:04 GMT
etag: "49b438dd966c3bd4f7bcd23a1993db0a"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fNrraoel1G3o30N5siQfsnFUxemzWyi5iyDBjrpoofBZrsTlUJGSqg==
age: 29397
X-Firefox-Spdy: h2
www.dressmykid.no/includes/languages/norwegian/images/icon.gif
52.17.124.116200 OK 878 B URL HTTP/2 www.dressmykid.no/includes/languages/norwegian/images/icon.gif
IP 52.17.124.116:0
File type GIF image data, version 87a, 24 x 15\012- data
Hash b76acef15318ccd859064c7393ac2732
71b308fd48d6cb704e7ff6c57fffa6fc193cc6d1
53cac29f92a900eaa9c9d687b01e9358562906b6a086aab60c60b482faf4d085
GET /includes/languages/norwegian/images/icon.gif HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: image/gif
content-length: 878
last-modified: Mon, 19 Sep 2022 08:40:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dressmykidno-i01.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/87803_Hummel_Hummel_Due_hettegenser_til_barn__Airy_1.webp/w600h600.webp
143.204.55.13200 OK 13 kB URL HTTP/2 dressmykidno-i01.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/87803_Hummel_Hummel_Due_hettegenser_til_barn__Airy_1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 49ea3101943835af1b2d8928872786fb
d56744431771dd389f904dfa350d39c1a80af0af
5b14907f642c1280eacd1d8ac8b98ebccaf75c01c467de4e01a4cae0f2a3f5c0
GET /mysimgprod/dressmykidno_mystore_no/images/87803_Hummel_Hummel_Due_hettegenser_til_barn__Airy_1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i01.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 12740
date: Sun, 18 Sep 2022 20:48:30 GMT
last-modified: Mon, 11 Apr 2022 15:27:07 GMT
etag: "49ea3101943835af1b2d8928872786fb"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _6VfVv9s6SNxzg3jUu9jOqkBwnALHltNR2vkTiz3tvC02ItyQFLohQ==
age: 83012
X-Firefox-Spdy: h2
www.dressmykid.no/js/customer_club.js?v=4
52.17.124.116200 OK 2.8 kB URL HTTP/2 www.dressmykid.no/js/customer_club.js?v=4
IP 52.17.124.116:0
Hash d9c34b0161b32211331ee5dc619121da
0b9f450e3769e3e833ffc8118245292f7a2f4bb1
3dd3271b8b23f423fb9b2676d90a3b13bed48058e10830f2c0b6422bb52c5033
GET /js/customer_club.js?v=4 HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/javascript
content-length: 2762
last-modified: Mon, 19 Sep 2022 08:40:27 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dressmykidno-i01.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/VGUuc_Hust_Claire_bambus_Hust___Claire_Bonita_body_1.webp/w600h600.webp
143.204.55.13200 OK 77 kB URL HTTP/2 dressmykidno-i01.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/VGUuc_Hust_Claire_bambus_Hust___Claire_Bonita_body_1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 311e53874b7d7fa5f9d39b9cc8831aee
592775ae35acbd1f4afdd85f3b9bf98d239d22ce
c35b5f695bf7d6c26acff347b1b836530af19aef58dab76a8c16a3df53422f13
GET /mysimgprod/dressmykidno_mystore_no/images/VGUuc_Hust_Claire_bambus_Hust___Claire_Bonita_body_1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i01.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 77020
last-modified: Mon, 11 Apr 2022 14:01:31 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 02:50:46 GMT
etag: "311e53874b7d7fa5f9d39b9cc8831aee"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bQAsfxcYwrYE9tJfXTAKne055Ewjmh01K-_RHU9LX3dAxpljKrZTMw==
age: 61276
X-Firefox-Spdy: h2
dressmykidno-i02.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/04867_Hust_Claire_Hust___Claire_Faust_sl_yfe_til_b_1.webp/w600h600.webp
143.204.55.13200 OK 8.3 kB URL HTTP/2 dressmykidno-i02.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/04867_Hust_Claire_Hust___Claire_Faust_sl_yfe_til_b_1.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e124f57f1f085c75d1b88c24e4965c5c
9d94d31c04e80f7e559746a9e5990a41f8f661e5
5de33fa9323ebd1f7249abd54018f10d07b54779f5708d0f56e14edca380b732
GET /mysimgprod/dressmykidno_mystore_no/images/04867_Hust_Claire_Hust___Claire_Faust_sl_yfe_til_b_1.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i02.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 8294
last-modified: Mon, 11 Apr 2022 13:29:33 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 16:21:20 GMT
etag: "e124f57f1f085c75d1b88c24e4965c5c"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vwkr-3PSlZLaplwHtkC_yYi4FgmL4PguhbsnQSuEjqDAUqCw1Z2DHg==
age: 12642
X-Firefox-Spdy: h2
dressmykidno-i01.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_16620381636310b0933af45.webp/w600h600.webp
143.204.55.13200 OK 34 kB URL HTTP/2 dressmykidno-i01.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_16620381636310b0933af45.webp/w600h600.webp
IP 143.204.55.13:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 877e77000239d250ee9e94041e63be25
c14b4138e77eec852797da4a498b74252cc45b97
f0e6056a6c85d61ef82a53efbdaf77d1bbe4aaa0b5a346b6d1115e916a51606a
GET /mysimgprod/dressmykidno_mystore_no/images/upload_16620381636310b0933af45.webp/w600h600.webp HTTP/1.1
Host: dressmykidno-i01.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 34084
last-modified: Thu, 01 Sep 2022 13:16:08 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 02:45:11 GMT
etag: "877e77000239d250ee9e94041e63be25"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qJnUXJjfEdf8WokBbDcmFU_anIGXl9TIyCEbdSlN5RXNSjZpKhR25g==
age: 63675
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b6ecb5b2cd1de4edd5c9648c0f08802
f25bf108e702ae7e4ae071e8ce99af7f8658a7b1
3dac2893955968b5f4244502c667c32d5170ad2a6ee00bac3b817d742c8bc483
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Last-Modified: Mon, 19 Sep 2022 18:54:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtm.js?id=GTM-MC2CVRK
142.250.74.72200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MC2CVRK
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash d67571024dd0a11a5104c386a218919b
17fa8f9bb9528a6db50f4562423bfb2af99215ae
626262bc5dd01a06fb76c7e5ce7060fc6e4e52bbb8a3d1e9b39268bd4258998c
GET /gtm.js?id=GTM-MC2CVRK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 19:52:01 GMT
expires: Mon, 19 Sep 2022 19:52:01 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-833441087
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-833441087
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash a7d45c7c1d120f42e0587a1974bf4f24
1c9ab2159c7c401d8e27e0a515b6f67fc0311512
00d315f3ab0ca305050d058b00ca1892b705baf697c3d8772c093f42a48dbe1b
GET /gtag/js?id=AW-833441087 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 19:52:01 GMT
expires: Mon, 19 Sep 2022 19:52:01 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46532
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.crall.io/t/client.js?v=4
54.230.111.87200 OK 52 kB URL HTTP/1.1 cdn.crall.io/t/client.js?v=4
IP 54.230.111.87:0
File type Unicode text, UTF-8 text, with very long lines (47171), with NEL line terminators
Hash f0e2432a714a5d4bc1471b7ba4e5c796
12b5c04a62434a840079a1795881e7ed92c5f81c
230dca09fad7cec0fe198ec283b32c529429d39dde564af054f5890623ca2783
GET /t/client.js?v=4 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 19 Sep 2022 18:49:43 GMT
Server: nginx/1.10.1
Last-Modified: Mon, 12 Sep 2022 00:05:16 GMT
ETag: W/"631e77bc-2b7d1"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KR8nRXiCcKZFJEleXf-BZVfFLRQ8YjMWp8WZBZLiqEO_SGjZiD0RYA==
Age: 3738
cdn.crall.io/w/widgets.js?v=4
54.230.111.87200 OK 31 kB URL HTTP/1.1 cdn.crall.io/w/widgets.js?v=4
IP 54.230.111.87:0
File type ASCII text, with very long lines (34286)
Hash e131b82ce8fc10362d29adcb908a2e75
c72c5c6c2597d40b5e057efdc03233df3590a020
44a90f91ec8f01d5bee9741427c912a42be281c1d3a19e99a95d44dbc15941d0
GET /w/widgets.js?v=4 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Last-Modified: Wed, 07 Sep 2022 08:23:34 GMT
Content-Encoding: gzip
Date: Mon, 19 Sep 2022 19:51:28 GMT
ETag: W/"63185506-1c401"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kPIP1Fx4wUM1nHYzoM7jNYbLJqt0kFviZb9_nVvkhgo6BKHPVCWcdA==
Age: 33
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dressmykid.no/fonts/Roboto/Roboto-Regular.ttf
52.17.124.116200 OK 168 kB URL HTTP/2 www.dressmykid.no/fonts/Roboto/Roboto-Regular.ttf
IP 52.17.124.116:0
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size 168 kB (168260 bytes)
Hash f36638c2135b71e5a623dca52b611173
84d102488738b0ebbc7a5087973effbd54c95bd5
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
GET /fonts/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/css/modules/consent.css
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/font-sfnt
content-length: 168260
last-modified: Mon, 19 Sep 2022 08:40:26 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.lipscore.com/assets/no/lipscore-v1.js
54.230.111.53200 OK 69 kB URL HTTP/1.1 static.lipscore.com/assets/no/lipscore-v1.js
IP 54.230.111.53:0
File type ASCII text, with very long lines (589)
Hash 25b5fc084af7bff4283260836e5257d2
716f65a71ce759940c323302be7b64111cc65d39
835e5e67557f8c5a184f6604d7fab2ec50b206366902bcb357c3829f6b9deb19
GET /assets/no/lipscore-v1.js HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 69041
Connection: keep-alive
Date: Mon, 19 Sep 2022 09:41:57 GMT
Last-Modified: Mon, 19 Sep 2022 09:38:25 GMT
ETag: "25b5fc084af7bff4283260836e5257d2"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VF3ndwZ7Es6jzN0J5xT7biD_hivx-_rNsKl3k6gDt6tR9_gghKAOdQ==
Age: 36605
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b6ecb5b2cd1de4edd5c9648c0f08802
f25bf108e702ae7e4ae071e8ce99af7f8658a7b1
3dac2893955968b5f4244502c667c32d5170ad2a6ee00bac3b817d742c8bc483
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Last-Modified: Mon, 19 Sep 2022 18:54:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10734b7d5832d2bcc97175e094bd7151
94bc94f0aa4242de3f6678e75535249d64e117b7
f00294810adee070df4eb361526016228fdec74ba964007d56c2c1cf4e0256fd
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4336
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Last-Modified: Mon, 19 Sep 2022 18:39:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
js.hcaptcha.com/1/api.js?hl=no
104.16.168.131200 OK 81 kB URL HTTP/2 js.hcaptcha.com/1/api.js?hl=no
IP 104.16.168.131:0
Hash 675b5d1d6ac6366f7c67fd5594386751
4a64373de7ee1a0ec6ee7d58d10c5611248646f8
fa6f3c4e01b7490824f231ed3a8433e754e0c83c9c960c931888b5ac54294149
GET /1/api.js?hl=no HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/javascript
cf-ray: 74d4dc009b97b4eb-OSL
age: 0
cache-control: max-age=120
etag: W/"84729783ded6e9166650d2e40d1556b2"
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 10g5RVqLpYkU0aa-3kxGh5TDyliupy3A-DXslF07tUxdkEnx8Zz81g==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dressmykid.no/users/dressmykidno_mystore_no/templates/custom_stylesheet.css?v=1663617120
52.17.124.116200 OK 1.7 kB URL HTTP/2 www.dressmykid.no/users/dressmykidno_mystore_no/templates/custom_stylesheet.css?v=1663617120
IP 52.17.124.116:0
File type ASCII text, with CRLF line terminators
Hash 544645cd6a9afcb9e2b350ec8676ab3c
53e9e02e52dfd744afd7f23c274c48cd987ecc71
840af66433440a7b5ede9ea9d4462c806bc3dd5174cba7da21d0c7a88296be99
GET /users/dressmykidno_mystore_no/templates/custom_stylesheet.css?v=1663617120 HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/css
content-length: 1738
last-modified: Mon, 11 Apr 2022 17:25:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/bower_components/font-awesome/css/font-awesome.min.css
52.17.124.116200 OK 6.1 kB URL HTTP/2 www.dressmykid.no/bower_components/font-awesome/css/font-awesome.min.css
IP 52.17.124.116:0
File type ASCII text, with very long lines (26548)
Hash 0438a5f21083130bac2b1004274c1657
d4139da20c143a9cbca0071e29664d0a0e0f434a
990af156e4c6c322a9123c5df748b507db0e1c7f46bd357969ccca17481be1d0
GET /bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/css
content-length: 6081
last-modified: Mon, 19 Sep 2022 08:40:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/templates/america/css/fa5/fontawesome-all.css
52.17.124.116200 OK 9.2 kB URL HTTP/2 www.dressmykid.no/templates/america/css/fa5/fontawesome-all.css
IP 52.17.124.116:0
File type ASCII text, with very long lines (427)
Hash a9321fd627517f6b13d19274252ae625
9a303b0ff581f7edbb25aad6822a2154cb416908
7768ea0f4aa1c6ce47ba29b132617746f86de5312873c715ca87937827d97c27
GET /templates/america/css/fa5/fontawesome-all.css HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/css
content-length: 9234
last-modified: Mon, 19 Sep 2022 08:40:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.crall.io/t/crallchat.css?v=3
54.230.111.87200 OK 5.8 kB URL HTTP/1.1 cdn.crall.io/t/crallchat.css?v=3
IP 54.230.111.87:0
File type ASCII text, with very long lines (25895)
Hash 329e54d7e213ca1fb9027b2f087a644d
13f9250344488829244c5decb0e30eed9345a324
d15c1a2ca5368d0f3f41257611b76dceea5b7992f7005280236d4c2257096b0b
GET /t/crallchat.css?v=3 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 19 Sep 2022 19:27:28 GMT
Server: nginx/1.10.1
Last-Modified: Wed, 07 Sep 2022 08:23:34 GMT
ETag: W/"63185506-6527"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9jTbHOr_CYRXp5UmWnaqXXXp31qKK5GI1hTPy2rP74_FBFGqPbbOng==
Age: 1473
s.kelkoogroup.net/k.gif
185.60.164.26200 OK 0 B IP 185.60.164.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://www.dressmykid.no/
Origin: https://www.dressmykid.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 3debb596-d150-4581-abb5-96d1504581b4
X-Gravitee-Request-Id: 3debb596-d150-4581-abb5-96d1504581b4
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://www.dressmykid.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Mon, 19 Sep 2022 19:52:01 GMT
content-length: 0
www.dressmykid.no/ajax.php?ajaxfunc=consent
52.17.124.116200 OK 3.0 kB URL HTTP/2 www.dressmykid.no/ajax.php?ajaxfunc=consent
IP 52.17.124.116:0
File type HTML document, ISO-8859 text, with very long lines (484)
Hash 08ae544be8f44c2bcf4234de6a9ac7dd
07f8b068682101d79b9850116ea524d0fe0fb2f6
84c9e447c956ec9aaf21732e14e3dfbe153d42caf32e6f20d6da60d25e648600
GET /ajax.php?ajaxfunc=consent HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/html; charset=iso-8859-1
content-length: 3025
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_1662705985631ae1419d753.webp/w1920h780.webp
143.204.55.13200 OK 43 B URL HTTP/2 dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/upload_1662705985631ae1419d753.webp/w1920h780.webp
IP 143.204.55.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /mysimgprod/dressmykidno_mystore_no/images/upload_1662705985631ae1419d753.webp/w1920h780.webp HTTP/1.1
Host: dressmykidno-i05.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 107806
last-modified: Fri, 09 Sep 2022 06:46:36 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:06:44 GMT
etag: "25341f158f74fdfed4313c5412229ec8"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QckuuCXc37Y5bUuo8ioI3vbu7slor0VM-34ocN1ahnd59VGAUFZT9w==
age: 24318
X-Firefox-Spdy: h2
static.lipscore.com/assets/lipscore-v1.css
54.230.111.53200 OK 12 kB URL HTTP/1.1 static.lipscore.com/assets/lipscore-v1.css
IP 54.230.111.53:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9fcf4968689064e97f6f6d3f1ae21b20
ed3d8a7c4e22e64986b0d187e62cb12ed12a3cd4
2f9130f19d83f3c3965b5e2dc2d29bcacbf59ebd237c9274889c4f5ef98f1f7b
GET /assets/lipscore-v1.css HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 11547
Connection: keep-alive
Date: Mon, 19 Sep 2022 09:41:57 GMT
Last-Modified: Mon, 19 Sep 2022 09:38:28 GMT
ETag: "9fcf4968689064e97f6f6d3f1ae21b20"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qQP3Y6w8Fi3W1O8Y6Haus54Mhv68BmRlWuSb-gD4OxHJkOwatMeIOw==
Age: 36605
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 433073
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:47:56 GMT
expires: Thu, 14 Sep 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 432245
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:21 GMT
expires: Thu, 14 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 433060
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 433073
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.crall.io/t/5-chunk.js?t=1653173656187
54.230.111.87200 OK 740 B URL HTTP/1.1 cdn.crall.io/t/5-chunk.js?t=1653173656187
IP 54.230.111.87:0
File type ASCII text, with very long lines (1639), with no line terminators
Hash 3d7d03934f96ef91d98290e383a9946f
9dc688daf6a1c0202ff091f7ca9ba6a95c686204
79c1301bf01f2f96e02277ebfa19f92d6906f1ccc531994772aa4aab81f02355
GET /t/5-chunk.js?t=1653173656187 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 19 Sep 2022 18:28:22 GMT
Server: nginx/1.10.1
Last-Modified: Mon, 12 Sep 2022 00:05:16 GMT
ETag: W/"631e77bc-667"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CgxAAsjSzsQm3imn9L78OVHNTQpNo5FnrTANnjMNImVmERgmRkhYJA==
Age: 5019
cdn.crall.io/t/4-chunk.js?t=1653173656187
54.230.111.87200 OK 711 B URL HTTP/1.1 cdn.crall.io/t/4-chunk.js?t=1653173656187
IP 54.230.111.87:0
File type ASCII text, with very long lines (1329), with no line terminators
Hash f14cef86028dfd427083d160737b7417
717cf713d3a03ac778a382404215d064d5f67203
fc35f911b52218e2f1f823e4b95023df5d297ed6ee8eaaa41c62a3e96ba1ddce
GET /t/4-chunk.js?t=1653173656187 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 19 Sep 2022 18:32:42 GMT
Server: nginx/1.10.1
Last-Modified: Wed, 07 Sep 2022 08:23:34 GMT
ETag: W/"63185506-531"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rArsDZKGTqQhEvcjhBesaoi5s08JF8UOYYi_WLX1NYHfKEPud_ifxQ==
Age: 4759
www.dressmykid.no/templates/america/fonts/webfonts/fa-light-300.woff2
52.17.124.116200 OK 62 kB URL HTTP/2 www.dressmykid.no/templates/america/fonts/webfonts/fa-light-300.woff2
IP 52.17.124.116:0
File type Web Open Font Format (Version 2), TrueType, length 61500, version 1.0\012- data
Hash 7cc3813fd8210dc22ed2cc16891d0c6d
01d3ecbd600c003e34f6645a738a2453c09c4dda
afdb7da70cadb7f081878a3df33f1634c2542cf54ac71bc0e3da76530b6e75ca
GET /templates/america/fonts/webfonts/fa-light-300.woff2 HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_css_footer.css?version=a1662367267&host=dressmykidno_mystore_no
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e; crall_uid=1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-length: 61500
last-modified: Mon, 19 Sep 2022 08:40:28 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dressmykid.no/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
52.17.124.116200 OK 64 kB URL HTTP/2 www.dressmykid.no/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0
IP 52.17.124.116:0
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dressmykid.no/bower_components/font-awesome/css/font-awesome.min.css
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e; crall_uid=1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-length: 64464
last-modified: Mon, 19 Sep 2022 08:40:26 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.crall.io/w/1-chunk.js?t=1653175411266
54.230.111.87200 OK 48 kB URL HTTP/1.1 cdn.crall.io/w/1-chunk.js?t=1653175411266
IP 54.230.111.87:0
File type ASCII text, with very long lines (62840)
Hash f3ab4c004d002588fce2d5151b43b129
1daaafb8af2abce51015ff2c6c571033a13b2b3f
b42f3f478d5920672d618ea6540e096c98e8cf04c89624c4e53ab91f827fb47e
GET /w/1-chunk.js?t=1653175411266 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Last-Modified: Wed, 07 Sep 2022 08:23:34 GMT
Content-Encoding: gzip
Date: Mon, 19 Sep 2022 19:51:36 GMT
ETag: W/"63185506-2b5dc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q-Z03hx8d7uoe7eJb7bQHtNBlUC21gT_B4xA61QqZbLWnwTCgP1Nug==
Age: 25
cdn.crall.io/w/2-chunk.js?t=1653175411266
54.230.111.87200 OK 3.1 kB URL HTTP/1.1 cdn.crall.io/w/2-chunk.js?t=1653175411266
IP 54.230.111.87:0
File type ASCII text, with very long lines (10186), with no line terminators
Hash 6ad66e438e17324da577d63323d6edc4
85a746606806f81fd917dc4e07859a59c2b4d06f
a3167bbefa74ce13b1f4e3d13127965ccdc7558848ece6d05345379620b50d84
GET /w/2-chunk.js?t=1653175411266 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Last-Modified: Mon, 12 Sep 2022 00:05:16 GMT
Content-Encoding: gzip
Date: Mon, 19 Sep 2022 19:51:39 GMT
ETag: W/"631e77bc-27ca"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l_u8Fg2Bn3m7ZD__j8m-6Xh6IYVKTBE4PbtBAI9hhDCFWlXgujciSw==
Age: 22
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 840d80997a54dcdad56112847ea0199d
7518c230bef63d8921642c9d968115da8c2b49f1
8956715e820206c84d017d487562b8096f988a7e1c8ec146d89f991b0bae4ab4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 19:52:01 GMT
Last-Modified: Mon, 19 Sep 2022 19:00:29 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2mwOUPiyL3cZdye0FzDovup0dn5K0F2XHXVfvWIH9cVk6gZh1WSG-A==
Age: 3092
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 840d80997a54dcdad56112847ea0199d
7518c230bef63d8921642c9d968115da8c2b49f1
8956715e820206c84d017d487562b8096f988a7e1c8ec146d89f991b0bae4ab4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 19:52:01 GMT
Last-Modified: Mon, 19 Sep 2022 19:09:56 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -jA6fX20Ld5IaicZbGbuHMshWSQAWrndNQHav_aX7JPmj_fxsdAehw==
Age: 2525
www.dressmykid.no/users/dressmykidno_mystore_no/logo/favicon0.ico
52.17.124.116200 OK 100 kB URL HTTP/2 www.dressmykid.no/users/dressmykidno_mystore_no/logo/favicon0.ico
IP 52.17.124.116:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 227b8e4460f85df776871e00a4073089
9c3db9c14fcd26949177dc4288a20d9c62f6bd2e
f8038e21877c020c75a5116ac33dfda27cedb8bafdfe532f55d4e9124fa9399e
GET /users/dressmykidno_mystore_no/logo/favicon0.ico HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e; crall_uid=1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: image/vnd.microsoft.icon
content-length: 99678
last-modified: Thu, 23 Jan 2020 07:19:51 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5b7a05fad83d3476facabd4e7eb8dc42
64d6ee10d23330cd51ea38487544c595b47f2633
4ff8fbed80185bfa0a9196affa36c5f60e743c86d3cf5328a5884b8058dca635
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3177
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:02 GMT
Last-Modified: Mon, 19 Sep 2022 18:59:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2RBLL09cgaPH4rMJEU9ok1JTRzUneAiitfvY4N1QNWX5Nbakj/vJcPek+bbKLs2Dl6u1NFV3gjjgENC2l6XIvg==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Mon, 19 Sep 2022 19:52:02 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Sep 2022 19:52:02 GMT
expires: Mon, 19 Sep 2022 19:52:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/dc.js
142.251.1.154200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 142.251.1.154:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Mon, 19 Sep 2022 18:45:39 GMT
expires: Mon, 19 Sep 2022 20:45:39 GMT
cache-control: public, max-age=7200
age: 3983
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.crall.io/api/v1/visitors/1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
34.253.80.175200 OK 493 B URL HTTP/2 app.crall.io/api/v1/visitors/1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
IP 34.253.80.175:0
Hash dc730ec90495868d313747a49f5359b3
9f2fac18a416b067cb63df22b2eefe2022494ffb
455d3ce247c4b02c1098bd9a87638ee965e9a70413157370b537c89196b3097f
OPTIONS /api/v1/visitors/1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e HTTP/1.1
Host: app.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: account-id,content-type
Referer: https://www.dressmykid.no/
Origin: https://www.dressmykid.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.10.1
x-powered-by: PHP/7.2.8-1+ubuntu16.04.1+deb.sury.org+1
cache-control: no-cache, private
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-headers: Origin, X-Requested-With, user-language, Content-Type, Accept, account-id,Authorization,Authorized-account
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i
142.250.74.10200 OK 3.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i
IP 142.250.74.10:0
File type ASCII text, with very long lines (10919)
Hash ed4416d9d3b1174d94265c4cb629f3d6
438c651f5a6072a8ea93c8ba8c6226bffab22def
8947c947b038ad07749b8b5bd9915d06ad4b7ef57c3670c64f2f4c35012bec50
GET /css?family=Roboto:300,300i,400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 19:52:01 GMT
date: Mon, 19 Sep 2022 19:52:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.crall.io/t/6-chunk.js?t=1653173656187
54.230.111.87200 OK 16 kB URL HTTP/1.1 cdn.crall.io/t/6-chunk.js?t=1653173656187
IP 54.230.111.87:0
File type ASCII text, with very long lines (57800), with no line terminators
Hash 842de5c04a58de718363add5de8b0e7b
70aa03be99a9f6d3df5b8173280adf3552418077
a9b16cc46dc27282c5da0f1fc36650877afb54a601bf9204ea21e75dfc8649ae
GET /t/6-chunk.js?t=1653173656187 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 19 Sep 2022 19:15:53 GMT
Server: nginx/1.10.1
Last-Modified: Mon, 12 Sep 2022 00:05:16 GMT
ETag: W/"631e77bc-e1c8"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BI4JK-yU2StWiSFfA02f5fP4fflpbeecaCvVjM4FfoAQE3_CFMZ4IQ==
Age: 2169
api2.crall.io/v1/recommend/11223/@cart-others-also-bought?u=1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
52.16.6.39200 OK 1.4 kB URL HTTP/2 api2.crall.io/v1/recommend/11223/@cart-others-also-bought?u=1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
IP 52.16.6.39:0
File type JSON data\012- HTML document, ASCII text, with very long lines (4647), with no line terminators
Hash 5e4b734ec4327cd96a9c743d5234de31
79006aa9bee801b338ba7a0c54e4dd6ce94be46a
bf4a1eceba25ebc870c082db737a7ce9998b608664ecd9b66321f988a5b749a2
GET /v1/recommend/11223/@cart-others-also-bought?u=1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e HTTP/1.1
Host: api2.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:52:02 GMT
content-type: application/json
content-length: 1354
access-control-allow-headers: Content-Type, Authorization
cache-control: no-cache, private
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: GET
apigw-requestid: YuQ_Yi4CjoEEPMw=
X-Firefox-Spdy: h2
app.crall.io/api/v1/visitors/1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
34.253.80.175200 OK 13 kB URL HTTP/2 app.crall.io/api/v1/visitors/1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
IP 34.253.80.175:0
Hash bfac7ea7f2f5442d9fbe7370ec3d56f7
862a2d11c825fffbc20f991e6edbe3e9419a2348
6b2d3a38e1cc097bbc602baa9efae18c36729f2a326ba4d61918e9f67304bd9a
POST /api/v1/visitors/1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e HTTP/1.1
Host: app.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
account-id: 11223
Content-Length: 312
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:52:02 GMT
content-type: application/json
server: nginx/1.10.1
x-powered-by: PHP/7.2.8-1+ubuntu16.04.1+deb.sury.org+1
cache-control: no-cache, private
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: Authorization,account-id, Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
X-Firefox-Spdy: h2
www.dressmykid.no/images/arrow-right-fal-white.png
52.17.124.116200 OK 1.0 kB URL HTTP/2 www.dressmykid.no/images/arrow-right-fal-white.png
IP 52.17.124.116:0
File type gzip compressed data, from Unix\012- data
Hash 34c96a00aae7276ac5ffcaa92c464e2f
b4fc353c583f1367b5459a35cc351e5c0668750c
9bde6f903dacc193b6e110730fa7087418ba417bad84b47f1fab0af727d5d020
GET /images/arrow-right-fal-white.png HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e; crall_uid=1-e57cdeb3-7c31-4c0c-b08e-57d5c28a0c7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:02 GMT
content-type: image/png
content-length: 202
last-modified: Mon, 19 Sep 2022 08:40:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.crall.io/t/2-chunk.js?t=1653173656187
54.230.111.87200 OK 26 kB URL HTTP/1.1 cdn.crall.io/t/2-chunk.js?t=1653173656187
IP 54.230.111.87:0
File type ASCII text, with very long lines (48435)
Hash 5f46855bd77047ec6961826db2afc630
35bd5c1d251b1651cf152c1c6ca27cf8c53eaf2d
ed77ece8c2d789a5fb064b19b0a4db0508b0ebaa90188271138f258de7869663
GET /t/2-chunk.js?t=1653173656187 HTTP/1.1
Host: cdn.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 19 Sep 2022 19:10:47 GMT
Server: nginx/1.10.1
Last-Modified: Mon, 12 Sep 2022 00:05:16 GMT
ETag: W/"631e77bc-1687b"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UBB6jSMrINSbxZpsRB1OAvMYAOIYOO3VifLP36sFe3L0kFkRIz-_yA==
Age: 2475
wapi.lipscore.com/initial_data/settings/show?api_key=bd7fffa455c12bb9e8c4f865&invitation_template_id=&lang=
151.101.86.217200 OK 9.0 kB URL HTTP/2 wapi.lipscore.com/initial_data/settings/show?api_key=bd7fffa455c12bb9e8c4f865&invitation_template_id=&lang=
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with very long lines (8968), with no line terminators
Hash e7a7fcde2bb719355995f5cba1a22456
4e54570361d292dc4f29d8312c548822a37e7b53
65629f94b7ac647104bc39401e98502739c963408241536c47cfa2657dc6776d
GET /initial_data/settings/show?api_key=bd7fffa455c12bb9e8c4f865&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 2092d56a-1682-4c91-aabe-3ad6d85c7a46
x-runtime: 0.016913
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 971353
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617122.472022,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 8968
X-Firefox-Spdy: h2
dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/6feHl_Reima_Reima_Parvin_ulldress_baby_og_barn__Th_1.jpg/w500h500.jpg
143.204.55.13200 OK 14 kB URL HTTP/2 dressmykidno-i05.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/6feHl_Reima_Reima_Parvin_ulldress_baby_og_barn__Th_1.jpg/w500h500.jpg
IP 143.204.55.13:0
File type JPEG image data, baseline, precision 8, 500x500, components 3\012- data
Hash d69cac45f39cc088540d63d818cedd7f
6ced8bdadab9e53043564284a3df5b5246f49ce9
9363d67e67bc0ea1936e388b008265a6f3fae083924083cd89fad2b2f4a265f7
GET /mysimgprod/dressmykidno_mystore_no/images/6feHl_Reima_Reima_Parvin_ulldress_baby_og_barn__Th_1.jpg/w500h500.jpg HTTP/1.1
Host: dressmykidno-i05.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 14310
date: Mon, 19 Sep 2022 13:01:49 GMT
last-modified: Thu, 15 Sep 2022 14:11:56 GMT
etag: "d69cac45f39cc088540d63d818cedd7f"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GCBgz6jbEQ8aTkCx3JCfvt_-gfbQq558KGvIAfB1JCIfP8L0nw95bA==
age: 24614
X-Firefox-Spdy: h2
dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/qheUA_Reima_Reima_Parvin_ulldress_baby_og_barn__Pa_1.jpg/w500h500.jpg
143.204.55.13200 OK 12 kB URL HTTP/2 dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/qheUA_Reima_Reima_Parvin_ulldress_baby_og_barn__Pa_1.jpg/w500h500.jpg
IP 143.204.55.13:0
File type JPEG image data, baseline, precision 8, 500x500, components 3\012- data
Hash 59aba5ebc3636d69ab770f93718b2542
360b5289ec99e7f4d6bdbb945eeb0b8301317132
e154efe8b41e3e0c90cbce7dec3f50d067a1cb20afb41e316fd579770753bdc4
GET /mysimgprod/dressmykidno_mystore_no/images/qheUA_Reima_Reima_Parvin_ulldress_baby_og_barn__Pa_1.jpg/w500h500.jpg HTTP/1.1
Host: dressmykidno-i04.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12513
last-modified: Thu, 15 Sep 2022 15:11:13 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 08:36:06 GMT
etag: "59aba5ebc3636d69ab770f93718b2542"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yQhCgtRjvfSuQIGBHk3M462MIFo620TLTv7NYPLksRBn60RrjUnbxQ==
age: 40557
X-Firefox-Spdy: h2
dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/EmYXG_Reima_Reima_Parvin_ulldress_baby_og_barn__Ci_1.jpg/w500h500.jpg
143.204.55.13200 OK 15 kB URL HTTP/2 dressmykidno-i04.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/EmYXG_Reima_Reima_Parvin_ulldress_baby_og_barn__Ci_1.jpg/w500h500.jpg
IP 143.204.55.13:0
File type JPEG image data, baseline, precision 8, 500x500, components 3\012- data
Hash e11e7d90294fe1bb0079f1f83fc71942
9256a4de4eba3b2e131d2784f9dcb171a7fc1281
7e12249730806eedeaf8a3d959a81f7f3025cd68490df88c786f620a0f0cf91a
GET /mysimgprod/dressmykidno_mystore_no/images/EmYXG_Reima_Reima_Parvin_ulldress_baby_og_barn__Ci_1.jpg/w500h500.jpg HTTP/1.1
Host: dressmykidno-i04.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 15023
last-modified: Fri, 02 Sep 2022 10:06:50 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 18:24:26 GMT
etag: "e11e7d90294fe1bb0079f1f83fc71942"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4NArZm_VL8G3zVYNcMwZy9lqpW6-5oQWcjMzD48V0bjg7X3ewK5Leg==
age: 5257
X-Firefox-Spdy: h2
wapi.lipscore.com/hit?api_key=bd7fffa455c12bb9e8c4f865
151.101.86.217200 OK 0 B URL HTTP/2 wapi.lipscore.com/hit?api_key=bd7fffa455c12bb9e8c4f865
IP 151.101.86.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?api_key=bd7fffa455c12bb9e8c4f865 HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1663617122.476207,VS0,VE0
access-control-allow-origin: https://www.dressmykid.no
content-length: 0
X-Firefox-Spdy: h2
dressmykidno-i03.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/uQbMw_Reima_Reima_Parvin_ulldress_baby_og_barn__Me_1.jpg/w500h500.jpg
143.204.55.13200 OK 21 kB URL HTTP/2 dressmykidno-i03.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/uQbMw_Reima_Reima_Parvin_ulldress_baby_og_barn__Me_1.jpg/w500h500.jpg
IP 143.204.55.13:0
File type JPEG image data, baseline, precision 8, 500x500, components 3\012- data
Hash 51bc8a0f62309d73c21adcafed5bcb08
0867268c5e8abc3b091fe6bef8273a31bc62fa1d
e2bd0809407f1802b4dca2bf5da1a1c01e6702732153b548627647a22a55499e
GET /mysimgprod/dressmykidno_mystore_no/images/uQbMw_Reima_Reima_Parvin_ulldress_baby_og_barn__Me_1.jpg/w500h500.jpg HTTP/1.1
Host: dressmykidno-i03.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 21398
last-modified: Fri, 02 Sep 2022 10:06:50 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 19:21:51 GMT
etag: "51bc8a0f62309d73c21adcafed5bcb08"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dgHcrA40umSHPPNKM--uKrU8JBoqMpANMNu2WJOcDua1DiSoG-mUjg==
age: 1812
X-Firefox-Spdy: h2
dressmykidno-i03.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/AbhDJ_Reima_Reima_Parvin_ulldress_baby_og_barn__Li_1.jpg/w500h500.jpg
143.204.55.13200 OK 16 kB URL HTTP/2 dressmykidno-i03.mycdn.no/mysimgprod/dressmykidno_mystore_no/images/AbhDJ_Reima_Reima_Parvin_ulldress_baby_og_barn__Li_1.jpg/w500h500.jpg
IP 143.204.55.13:0
File type JPEG image data, baseline, precision 8, 500x500, components 3\012- data
Hash dd095153f9015ce1ba7a1a0bc9ba36f1
31e2b9eadff6913a0131c9e2115fd8d0a0645a92
4852943a24328ff765992c3a333f6718731ccdc48e70d6daf587da6d0b1ba228
GET /mysimgprod/dressmykidno_mystore_no/images/AbhDJ_Reima_Reima_Parvin_ulldress_baby_og_barn__Li_1.jpg/w500h500.jpg HTTP/1.1
Host: dressmykidno-i03.mycdn.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 16488
date: Mon, 19 Sep 2022 08:36:06 GMT
last-modified: Thu, 15 Sep 2022 14:11:56 GMT
etag: "dd095153f9015ce1ba7a1a0bc9ba36f1"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nnZlcvv4nP4v9_OLEOhPdWvP0OYM7EFRvdeDrRnKYl0AKiQVtqQ7fw==
age: 40557
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11827&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 71 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11827&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 423fcafd052f31967ebd720487e567f1
ff5e889875c1afb310c6f852ae0b093cf3069aa5
32caed3dff32db21d1758631cc193e09c057d8094ad964089562ad4a4982066b
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11827&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 0998c8b5-abd7-4d70-a485-8798661aa8ec
x-runtime: 0.018272
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 268572
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.545669,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11114&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 2.9 kB URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11114&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type gzip compressed data, from Unix\012- data
Hash 4296a46bbed43852a38081f579acdee3
ed40b102e0f4bf9c71c471b68623fa6b366a7a51
d27be085dfe0b638d4e2de7216dcb8686dcd3ca87ab218e860f2ca702870d656
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11114&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: c2dcbe12-6c3e-4c02-9855-a949c59e58fd
x-runtime: 0.043628
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 1177149
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.548074,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=10293&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 71 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=10293&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4a7654650dd3fa8de294039f8d80e547
f451a65854ff8ed567fc8b21952d088728a44b86
03dff15c200e51afff4f06a0b1357622179b6a5012e8bc200ad696c305e220b6
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=10293&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: b328ce72-c581-4eec-ad28-caee8ef3cc4b
x-runtime: 0.025255
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 546810
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.549632,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11810&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 71 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11810&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 84c80874869cd0f7875274c6ff1dbceb
71e744deed731fbd30f2f6b66a53248c46d07f02
d19bce1b09f0a57f8c1777f2709972421b6d15b2a061763c366112f80e606af7
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11810&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 8b2451ec-7ec6-4498-9074-ca682b4bc2fa
x-runtime: 0.039046
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 1178663
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.550969,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11315&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 535 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11315&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type gzip compressed data, from Unix\012- data
Hash ffc6a6853787d9310f49bd5f2eda6f18
2ea6641618c919a0ca5c3e94610bb770376b2493
be302956a48713d0e962af5c829d944557b99a2f5f494160391fa215ccaf488c
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11315&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 55374c23-a60d-4b14-8d5a-955387a89078
x-runtime: 0.028223
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 560218
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.553058,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=12185&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 71 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=12185&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6238b862257b295ad18ed48178578dd2
c730abffbb79c78be27fdb751f5543976c389a4c
b51cd2bf7c21ab1ac62f050f9386d877a4a3e7cd9f381b02cd476729dcbd1381
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=12185&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 8373c36e-9f42-42c2-919e-11d9e1d9ae34
x-runtime: 0.019234
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 462642
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.553760,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=10848&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 71 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=10848&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 484f07c6ed2a9684e5a7af5b45492c90
a71a4b141520a77cd9045994dd7c3070d1231b64
4124ec655dab9fe09a5088ecf5bc7e04b5270d80bd8e6b83ec6d8b05b3cfc7a0
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=10848&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 63c53d5c-e0db-4815-9efe-95cf63744992
x-runtime: 0.061648
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 1176841
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.554702,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11356&widgets=r_sm&translate_to_lang=no
151.101.86.217200 OK 71 B URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11356&widgets=r_sm&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9ed46b6c60aee5adff1a7348c65dd013
38ccddc505eade96da3f5d0eb7aff8b144a09230
24e7dab66755246efb9bab17b2aa6150c96447235b55565155586753500d4604
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=11356&widgets=r_sm&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: cf956c64-13fc-4464-bbfe-4b3ff6e0a696
x-runtime: 0.023806
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 293862
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.555811,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 71
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=service_review&widgets=srw_t&translate_to_lang=no
151.101.86.217200 OK 1.8 kB URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=service_review&widgets=srw_t&translate_to_lang=no
IP 151.101.86.217:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1735), with no line terminators
Hash 968cbceea1ce9e7098fab90b399421a0
eecf5c79c39fb9d022f895077fc9c8c3deed9722
91d6496885ae9aa0899cb7f3bbce15b6904ca4d2d8b136b3e2aa84de66a0a751
GET /initial_data/products/show?api_key=bd7fffa455c12bb9e8c4f865&internal_id=service_review&widgets=srw_t&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: b19d95a6-1c07-49a3-9636-d30dd91126d4
x-runtime: 0.077603
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Mon, 19 Sep 2022 19:52:02 GMT
age: 27154
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663617123.556478,VS0,VE1
vary: Origin
access-control-allow-origin: https://www.dressmykid.no
content-length: 1757
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 559261
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2
54.230.111.53200 OK 18 kB URL HTTP/1.1 static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2
IP 54.230.111.53:0
File type Web Open Font Format (Version 2), TrueType, length 17768, version 1.0\012- data
Hash b42f06e6ecc6ae551b010ba0ff4fa6a3
363c4ff155d5e82e88d9dfe31e129dcf62b4dced
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
GET /assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 17768
Connection: keep-alive
Date: Mon, 19 Sep 2022 09:43:32 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Mon, 19 Sep 2022 09:40:08 GMT
ETag: "b42f06e6ecc6ae551b010ba0ff4fa6a3"
Cache-Control: public, max-age=31557600
Expires: Tue, 19 Sep 2023 15:40:07 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fqmf3wz4vlXyWc68pudD2kKqqvFGFJKhJl8a1dBQkosTgB2jXtjmwg==
Age: 36511
static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff
54.230.111.53200 OK 1.2 kB URL HTTP/1.1 static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff
IP 54.230.111.53:0
File type Web Open Font Format, CFF, length 1192, version 1.0\012- data
Hash c6d2fba8756c3e43a3dbd5c708550121
691694201280898a21a535ff904712c0c8da4545
3db7852ef1e0fa9f2bbf21800b7a600ceece16e69f5781b0c205984c1ac460ee
GET /assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 1192
Connection: keep-alive
Date: Mon, 19 Sep 2022 09:43:32 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Mon, 19 Sep 2022 09:40:44 GMT
ETag: "c6d2fba8756c3e43a3dbd5c708550121"
Cache-Control: public, max-age=31557600
Expires: Tue, 19 Sep 2023 15:40:42 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xD1MhAb6POE9lA2A8A-3Ua-0zV-Ne5H7_X_-2vxjLUR05jf6ofPF5w==
Age: 36511
www.google-analytics.com/analytics.js
142.250.74.174200 OK 23 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1325)
Hash 0d643d6ffe1fb041ad863789968bda9e
3c130296998391141b2b1893a1ad360e9680d1a8
dea46c9a91ef32ac0dfc4e0de627cb1c9f93c82d2317c4dc19da857f6ff266f6
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 18:41:12 GMT
expires: Mon, 19 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4250
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
events.crall.io/socket.io/?EIO=3&transport=websocket
54.247.142.14101 Switching Protocols 0 B URL HTTP/1.1 events.crall.io/socket.io/?EIO=3&transport=websocket
IP 54.247.142.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: events.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.dressmykid.no
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EHNaYT1/yERDCgyb/RyiXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 19 Sep 2022 19:52:02 GMT
Connection: upgrade
Server: nginx/1.10.1
Upgrade: websocket
Sec-WebSocket-Accept: 7Z+pBrPDL9o+75i3fqyHfHUk8II=
Sec-WebSocket-Extensions: permessage-deflate
pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=452208478.1663617103&url=https%3A%2F%2Fwww.dressmykid.no%2F>m=2oa9e0
216.58.207.194200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=452208478.1663617103&url=https%3A%2F%2Fwww.dressmykid.no%2F>m=2oa9e0
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G100&gcd=G100&rnd=452208478.1663617103&url=https%3A%2F%2Fwww.dressmykid.no%2F>m=2oa9e0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 19:52:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-KJ302CZJE7>m=2oe9e0&_p=1925485688&gcs=G100&cid=596449133.1663617103&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663617102&sct=1&seg=0&dl=https%3A%2F%2Fwww.dressmykid.no%2F%3Fkk%3Da4c6295-183574eb503-2140e%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dt=DressMyKid.no%20-%20Babykl%C3%A6r%20og%20Barnekl%C3%A6r&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-KJ302CZJE7>m=2oe9e0&_p=1925485688&gcs=G100&cid=596449133.1663617103&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663617102&sct=1&seg=0&dl=https%3A%2F%2Fwww.dressmykid.no%2F%3Fkk%3Da4c6295-183574eb503-2140e%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dt=DressMyKid.no%20-%20Babykl%C3%A6r%20og%20Barnekl%C3%A6r&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-KJ302CZJE7>m=2oe9e0&_p=1925485688&gcs=G100&cid=596449133.1663617103&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663617102&sct=1&seg=0&dl=https%3A%2F%2Fwww.dressmykid.no%2F%3Fkk%3Da4c6295-183574eb503-2140e%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&dt=DressMyKid.no%20-%20Babykl%C3%A6r%20og%20Barnekl%C3%A6r&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.dressmykid.no
date: Mon, 19 Sep 2022 19:52:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xDFzV4Ktdpf3MA56N395vKkujQFAI_G5orZz85mjBE2vz3koP5Nq5Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 01:11:24 GMT
age: 67240
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
x.klarnacdn.net/payment-method/assets/badges/generic/white/klarna.svg
54.230.111.46200 OK 0 B URL HTTP/2 x.klarnacdn.net/payment-method/assets/badges/generic/white/klarna.svg
IP 54.230.111.46:0
GET /payment-method/assets/badges/generic/white/klarna.svg HTTP/1.1
Host: x.klarnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 16 Sep 2022 15:31:18 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 09:56:25 GMT
etag: W/"3758d80b7e5fb6ce4f6a2d5084139737"
cache-control: public,max-age=604800
x-amz-version-id: yEJ69aydIITnCaERw.u5nAWpuNNjgWUh
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qk1_Qr2a5jBSSouyhr1OMnsdZoga2P6mhwNqN7KnT6CSKhmyD8e8dw==
age: 274844
X-Firefox-Spdy: h2
www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_desktop_js.js?version=1662367267&v2&host=dressmykidno_mystore_no
52.17.124.116200 OK 0 B URL HTTP/2 www.dressmykid.no/users/themeamerica_mystore_no/templates/america/local/local_desktop_js.js?version=1662367267&v2&host=dressmykidno_mystore_no
IP 52.17.124.116:0
GET /users/themeamerica_mystore_no/templates/america/local/local_desktop_js.js?version=1662367267&v2&host=dressmykidno_mystore_no HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/?kk=a4c6295-183574eb503-2140e&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/javascript
last-modified: Fri, 10 Jun 2022 13:04:52 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 19:52:01 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2
app.crall.io/beacon/v1/handle?id=@search-autocomplete&a=11223
34.253.80.175200 OK 0 B URL HTTP/2 app.crall.io/beacon/v1/handle?id=@search-autocomplete&a=11223
IP 34.253.80.175:0
GET /beacon/v1/handle?id=@search-autocomplete&a=11223 HTTP/1.1
Host: app.crall.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dressmykid.no
Connection: keep-alive
Referer: https://www.dressmykid.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:52:02 GMT
content-type: application/json
server: nginx/1.10.1
x-powered-by: PHP/7.2.8-1+ubuntu16.04.1+deb.sury.org+1
cache-control: no-cache, private
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: Authorization,account-id, Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
X-Firefox-Spdy: h2
www.dressmykid.no/fonts/Roboto/Roboto-Bold.ttf
52.17.124.116200 OK 0 B URL HTTP/2 www.dressmykid.no/fonts/Roboto/Roboto-Bold.ttf
IP 52.17.124.116:0
GET /fonts/Roboto/Roboto-Bold.ttf HTTP/1.1
Host: www.dressmykid.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dressmykid.no/css/modules/consent.css
Cookie: digistore_custid=dcj5lce16747saur8c19e5cp34; kk_leadtag=true; kelkooId=a4c6295-183574eb503-2140e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:52:01 GMT
content-type: application/font-sfnt
content-length: 167336
last-modified: Mon, 19 Sep 2022 08:40:26 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
X-Firefox-Spdy: h2