Overview

URLarbimuk.gov.wy5532.com/
IP 81.171.22.5 (Belgium)
ASN#60781 LeaseWeb Netherlands B.V.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 12:24:19 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 arbimuk.gov.wy5532.com/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 81.171.22.5
Date UQ / IDS / BL URL IP
2023-02-07 22:53:57 +0000 0 - 2 - 7 yty.8dfcf.ci.wy5532.com/ 81.171.22.5
2023-02-07 22:23:22 +0000 0 - 0 - 1 iuyuy.15841.ib.wy5532.com/ 81.171.22.5
2023-02-07 12:53:20 +0000 0 - 2 - 9 worldwardmobi.com/pawcheck/clieuw/USAA/USAA/U (...) 81.171.22.5
2023-02-07 03:55:17 +0000 0 - 2 - 7 bqjdyhr.cn.wy5532.com/ 81.171.22.5
2023-02-03 07:42:58 +0000 0 - 0 - 1 vtx.azerbrtyacon.com/azeaze.html/b2Q9MXN5ZDYx (...) 81.171.22.5


Last 5 reports on ASN: LeaseWeb Netherlands B.V.
Date UQ / IDS / BL URL IP
2023-02-08 08:49:55 +0000 0 - 0 - 1 diahnnems.us/clif/admin.php 212.32.237.92
2023-02-08 08:25:48 +0000 0 - 0 - 1 civbooks.com/wp-includes/fonts/Ntflx.zip 81.171.28.43
2023-02-08 05:50:40 +0000 0 - 0 - 1 quantitivegoodsshop.com/usuivi/dhl/a1b2c3/d4a (...) 212.32.237.92
2023-02-08 05:50:29 +0000 0 - 0 - 1 lavewash.co/auth 212.32.237.92
2023-02-08 05:50:02 +0000 0 - 0 - 1 sunnybunk.com/0/2/3437/9c0f02b65c664055a83a34 (...) 212.32.237.90


Last 5 reports on domain: wy5532.com
Date UQ / IDS / BL URL IP
2023-02-08 09:24:48 +0000 0 - 0 - 4 ooburdv.wy5532.com/ 172.93.103.102
2023-02-08 08:43:17 +0000 0 - 2 - 7 lkljk.8c061.vo.wy5532.com/ 172.93.103.102
2023-02-08 07:09:52 +0000 0 - 2 - 7 ehsudfr.gov.wy5532.com/ 199.115.115.102
2023-02-08 06:33:13 +0000 0 - 0 - 1 8b23f.ymgjhj.wy5532.com/ 185.107.56.197
2023-02-08 04:47:59 +0000 0 - 0 - 3 437b7.ye.wy5532.com/ 185.107.56.197


No other reports with similar screenshot

JavaScript

Executed Scripts (70)

Executed Evals (93)
#1 JavaScript::Eval (size: 111) - SHA256: c0c4326f5a93d6c83f1aca5b7ee98092b9289c98173b8d996d381afade9f7c2c
Element.prototype.sg_deleteTHead = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "deleteTHead", s);
}
#2 JavaScript::Eval (size: 102) - SHA256: 5ae385940da29bb9d0118d019dc1cc6a7af7ceac84ece4b285e2988c3b8394a4
obj[i] = {
    sg_select: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "select", e, s, h);
    }
}
#3 JavaScript::Eval (size: 102) - SHA256: 1722dc136c8d0bb90fdf8465485f75bb6932b4cb97109f4eeed3b1f099a299e7
obj[i] = {
    sg_resize: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "resize", e, s, h);
    }
}
#4 JavaScript::Eval (size: 100) - SHA256: 4f93b0e221398f240843e6f6dd48d95c2a92342ab389bd4ac2d255046bb4f126
obj[i] = {
    sg_click: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "click", e, s, h);
    }
}
#5 JavaScript::Eval (size: 113) - SHA256: c0ec6e9d55d3b7597474980055d6fc1d55d4cf937eb2d096e653a093979b60e7
Element.prototype.sg_setAttribute = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "setAttribute", s);
}
#6 JavaScript::Eval (size: 107) - SHA256: 58ab03a33325b67a4f0d6086699c5210b374f3ae3b8b6e927cd250a92e554695
Element.prototype.sg_splitText = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "splitText", s);
}
#7 JavaScript::Eval (size: 107) - SHA256: a0bc8da3a6b8ba880f98e239cae98472c1e64b8c8f60196537ba8d54e1c3e93b
Element.prototype.sg_scrollTop = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "scrollTop", s);
}
#8 JavaScript::Eval (size: 88) - SHA256: ab772dd33f1f71cf8052cd0cbe9b9f365afb2e53f5f48730d9eb9a91b0a27738
obj[i] = {
    sg_remove: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "remove", s);
    }
}
#9 JavaScript::Eval (size: 86) - SHA256: 2f5980fc4104b4f7547456bef9c802e2ce159aa9d613fd4df9b9434eed116bdf
obj[i] = {
    sg_after: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "after", s);
    }
}
#10 JavaScript::Eval (size: 111) - SHA256: 4e28e83b1d2c79ad41d6d03c7a9604da05c9407b8b2d40e1da09b167b271222e
Element.prototype.sg_textContent = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "textContent", s);
}
#11 JavaScript::Eval (size: 104) - SHA256: 24688c4b968f330b2cc0b731b7d4af6416f59ef368374cada5d70bcc9876c23d
obj[i] = {
    sg_mouseup: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "mouseup", e, s, h);
    }
}
#12 JavaScript::Eval (size: 98) - SHA256: 5077fe060b0f739bfaf91e0cbe6f18160bf200d0cb94aaab51fc653eac0db3fc
obj[i] = {
    sg_live: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "live", e, s, h);
    }
}
#13 JavaScript::Eval (size: 100) - SHA256: 63977cdceb3de4044f84fa8725794886de8e684423d9e6c874bd627ab41e9fb6
obj[i] = {
    sg_keyup: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "keyup", e, s, h);
    }
}
#14 JavaScript::Eval (size: 109) - SHA256: fa391c06445cde61242d7e00e15d96db46d3e5ab801c9104d524f9f7980dc89a
Element.prototype.sg_scrollLeft = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "scrollLeft", s);
}
#15 JavaScript::Eval (size: 109) - SHA256: 00fe8a5b10788db3136c7441764f6c9cc3ce58c2584e759f40eb8a54740c14a6
Element.prototype.sg_deleteCell = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "deleteCell", s);
}
#16 JavaScript::Eval (size: 88) - SHA256: ee02b19f36d1068dfe7c81a2a32ad02f2c306d5d9c796b9414d545467b0eeb79
obj[i] = {
    sg_append: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "append", s);
    }
}
#17 JavaScript::Eval (size: 90) - SHA256: e96226bd378ebcd11155aa387fddcd29bd1e1f3404704a6da49db19ac0f3303d
obj[i] = {
    sg_fadeOut: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "fadeOut", s);
    }
}
#18 JavaScript::Eval (size: 119) - SHA256: 89ae0d0c1c82e31572ee5decd51eead0a03a5bed5a71bbf62b07e8f9c0ec643e
Element.prototype.sg_removeAttribute = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "removeAttribute", s);
}
#19 JavaScript::Eval (size: 118) - SHA256: ce76a1e471277045abf878de8fd6a14c1b3d3f0dd6d6ade2f4eb9832a9dc0ade
obj[i] = {
    sg_triggerHandler: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "triggerHandler", e, s, h);
    }
}
#20 JavaScript::Eval (size: 102) - SHA256: 3af83d1eb228ce43eade1ce800578525a74e8a4a56ce59f002f6870ff8f717c1
obj[i] = {
    sg_toggle: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "toggle", e, s, h);
    }
}
#21 JavaScript::Eval (size: 88) - SHA256: 9d40346a59cc71e57b5ef1f8d9499d9a338e18dba6c864f655cb2027cd371c80
obj[i] = {
    sg_height: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "height", s);
    }
}
#22 JavaScript::Eval (size: 111) - SHA256: a93d24bb3ada4a9f7ee2441caa8ef5d8d18e11dd715c6da8ad5fd1786383864b
Element.prototype.sg_appendChild = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "appendChild", s);
}
#23 JavaScript::Eval (size: 109) - SHA256: ac30a5463eb5cb7f5ecd928b80052cc05bdad2f7c0f5c128e6218e01f75ba036
Element.prototype.sg_insertCell = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "insertCell", s);
}
#24 JavaScript::Eval (size: 100) - SHA256: e8b218880525890a0b0006d4ab06a55bc6cee6d2f1385371fa1e1caa566477f6
obj[i] = {
    sg_hover: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "hover", e, s, h);
    }
}
#25 JavaScript::Eval (size: 96) - SHA256: eec2e042ea2712dda24de12f1751f1a0e83a3340ccba535503bc3a6c075e1c19
obj[i] = {
    sg_die: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "die", e, s, h);
    }
}
#26 JavaScript::Eval (size: 82) - SHA256: 365bf44597d841b33fc972ffab31a0419d3dc9fad854f1d7a201e141a1aaaa6a
obj[i] = {
    sg_val: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "val", s);
    }
}
#27 JavaScript::Eval (size: 84) - SHA256: 26002f5a613a7ab9dd2710ef5fb6c604cd48515c40fedcd6d1b96eacbb38d6d6
obj[i] = {
    sg_hide: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "hide", s);
    }
}
#28 JavaScript::Eval (size: 99) - SHA256: 1d8f59a39a053fa79febeade9bf09562563ca8101ee9d6cded7aad30542ba5ec
Element.prototype.sg_title = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "title", s);
}
#29 JavaScript::Eval (size: 107) - SHA256: fac799067890b19ace6607d1edcdaf44b3edc1b6bfb47aed7e2ed00ce991cca3
Element.prototype.sg_insertRow = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "insertRow", s);
}
#30 JavaScript::Eval (size: 98) - SHA256: 109166917716d559d392707f2d6a98b72386c59a9a6bbfe2f12672317372c30b
obj[i] = {
    sg_load: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "load", e, s, h);
    }
}
#31 JavaScript::Eval (size: 81) - SHA256: b70994170114b541dddd4684b8d0e6f2c55593b997793528bf60bcd5a045cdea
(function() {
    return 767 >= window.innerWidth ? "m" : 980 <= window.innerWidth ? "d" : "t"
})();
#32 JavaScript::Eval (size: 100) - SHA256: cc8153d11111834afd0333eefac872422ab248fc4630a032f12a66e7bf0f212b
obj[i] = {
    sg_insertBefore: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "insertBefore", s);
    }
}
#33 JavaScript::Eval (size: 88) - SHA256: aefa5cdaa9d3a37c90867f3d443b55f89fd2a2cf570658dcecedc2b23916b902
obj[i] = {
    sg_detach: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "detach", s);
    }
}
#34 JavaScript::Eval (size: 111) - SHA256: 53fb2f8dea27c3ec9a568ebcd5de218b989b1c54b0ccb863658877024584e568
Element.prototype.sg_removeChild = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "removeChild", s);
}
#35 JavaScript::Eval (size: 105) - SHA256: 7fe835336f9ffade8510ef676f5b13ede361aacb46c7b203e20af1d9e5fc5f82
Element.prototype.sg_nodeType = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "nodeType", s);
}
#36 JavaScript::Eval (size: 110) - SHA256: b88e8861974ce91f7d74bad937e641cf7bf90efad0429c6d3d6c088e5760af0b
obj[i] = {
    sg_mouseleave: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "mouseleave", e, s, h);
    }
}
#37 JavaScript::Eval (size: 104) - SHA256: 68c8c9a96a7470b08ba746f172dc0304ef52bf2d27078baec627cb0c8d6a5bfe
obj[i] = {
    sg_focusin: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "focusin", e, s, h);
    }
}
#38 JavaScript::Eval (size: 98) - SHA256: 395e314c2175efbaba3709de62c08c09beeacdfc0802be406d6b21f341b9b216
obj[i] = {
    sg_blur: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "blur", e, s, h);
    }
}
#39 JavaScript::Eval (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#40 JavaScript::Eval (size: 88) - SHA256: 165784410e9cc5994ec8338fb85a532674e913357acb01552edad2cf7b595672
obj[i] = {
    sg_before: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "before", s);
    }
}
#41 JavaScript::Eval (size: 93) - SHA256: c54462a0560e720a6f66c2dddd150fc7014135649fce50252e2cd2d0b7b3bcc0
Element.prototype.sg_id = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "id", s);
}
#42 JavaScript::Eval (size: 105) - SHA256: 5a6a8f82332b5e72df6f08b16090b2ff1009e6eb296eb988b5afe81fd60b60d2
Element.prototype.sg_disabled = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "disabled", s);
}
#43 JavaScript::Eval (size: 110) - SHA256: fb9c02912153b0cd83d62c951b77dce3a9fdad4849d52ff6edaf56311544b61e
obj[i] = {
    sg_undelegate: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "undelegate", e, s, h);
    }
}
#44 JavaScript::Eval (size: 94) - SHA256: d600732c32027a74dc099cdd99e55444f0152ccb980c3c8eff5e6ceed60af7bf
obj[i] = {
    sg_on: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "on", e, s, h);
    }
}
#45 JavaScript::Eval (size: 96) - SHA256: ea38006f64a94a35e1089839266283544a0ba2cb06cc4ad0b496c55ac5d09444
obj[i] = {
    sg_one: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "one", e, s, h);
    }
}
#46 JavaScript::Eval (size: 100) - SHA256: b8f4722e49121066d8eb47cd50ef5402bf8fd67a458adea8e6b22c21e89ea7eb
obj[i] = {
    sg_focus: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "focus", e, s, h);
    }
}
#47 JavaScript::Eval (size: 112) - SHA256: 2dc24bcf2313ed613470d2e0f9fb38a7fc5eddf3077228e465fb5d020358bce5
obj[i] = {
    sg_contextmenu: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "contextmenu", e, s, h);
    }
}
#48 JavaScript::Eval (size: 82) - SHA256: d24356a81c29d6fedbfd4b9d377c0f13888f6143b62bfec010472dc907480dd9
obj[i] = {
    sg_css: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "css", s);
    }
}
#49 JavaScript::Eval (size: 88) - SHA256: 55717955187e7145644f8d727ff76593284ad7311d6926b653a09c84ca853918
obj[i] = {
    sg_fadeIn: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "fadeIn", s);
    }
}
#50 JavaScript::Eval (size: 107) - SHA256: d992b909f4cb96b0ec42b0024627c7132796aa3fcd2cc4aa5fe3e7d8d0fa2f88
Element.prototype.sg_innerHTML = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "innerHTML", s);
}
#51 JavaScript::Eval (size: 113) - SHA256: 0499b6579bf78fe16cd151ad465b6849239507a6f15cff2018507ba1e43c08b2
Element.prototype.sg_replaceChild = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "replaceChild", s);
}
#52 JavaScript::Eval (size: 105) - SHA256: 55b99ac4d12bb0698a00067cf90890d9360cd3f9c0fc8f74aa6cb35913059714
Element.prototype.sg_nodeName = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "nodeName", s);
}
#53 JavaScript::Eval (size: 92) - SHA256: 1b60d45877f7b6c1036105ad97b895c17130b7c3484973b0ba06d6a8f48e1cd3
obj[i] = {
    sg_addClass: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "addClass", s);
    }
}
#54 JavaScript::Eval (size: 107) - SHA256: aca13ca2fd38ce1e0eddab53d17eb7c68ea1ebc8ba69cfb689beeac3fc5bdad1
Element.prototype.sg_outerHTML = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "outerHTML", s);
}
#55 JavaScript::Eval (size: 113) - SHA256: cf0a2686c7fb035db02ed13d63d1da156bfe29e1cad05a708c011b4bc7457eb6
Element.prototype.sg_insertBefore = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "insertBefore", s);
}
#56 JavaScript::Eval (size: 102) - SHA256: deaae9561ce3c10ac535f690cc4c761a391dcb689608745783164aefddacb6e1
obj[i] = {
    sg_unbind: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "unbind", e, s, h);
    }
}
#57 JavaScript::Eval (size: 110) - SHA256: 6d5c7a4bf7c214a2c7ef51a93475ad7cae58a87066894dbedeede3a167e1da13
obj[i] = {
    sg_mouseenter: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "mouseenter", e, s, h);
    }
}
#58 JavaScript::Eval (size: 98) - SHA256: 12044660848343536feaf0154b6eb5f267528c94864b8d4e26a2515fd4973f25
obj[i] = {
    sg_bind: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "bind", e, s, h);
    }
}
#59 JavaScript::Eval (size: 84) - SHA256: 49e2eef6526051c8716affeca009c363c58efb917e221823eeb01e5623f3b2c5
obj[i] = {
    sg_html: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "html", s);
    }
}
#60 JavaScript::Eval (size: 84) - SHA256: ead19f564343b429a192e14439f312da7da6170335a96b8bfd9c221627a81d61
obj[i] = {
    sg_attr: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "attr", s);
    }
}
#61 JavaScript::Eval (size: 96) - SHA256: 2a0677a8d612488cbf85d8fa6f988b6d24cf426f8ad3ec98e2f685359a9027e4
obj[i] = {
    sg_off: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "off", e, s, h);
    }
}
#62 JavaScript::Eval (size: 106) - SHA256: 71a61dba4f5863aa4c1cfbce472177bb33478b86f20075abfc65f27e146a7042
obj[i] = {
    sg_dblclick: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "dblclick", e, s, h);
    }
}
#63 JavaScript::Eval (size: 86) - SHA256: c0a71e434de628275316c1a2f476342ee78924dd49d7bafcb192431ee0165ab3
obj[i] = {
    sg_width: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "width", s);
    }
}
#64 JavaScript::Eval (size: 84) - SHA256: 5883552b94c507f8d158db7294b101e09c0944dfbe5cb1c6bcbe316b98213563
obj[i] = {
    sg_show: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "show", s);
    }
}
#65 JavaScript::Eval (size: 115) - SHA256: 2207d0cc25528e8edfd50c2eeb5354a896a72aa98bf37bc09ec493c8c66fe477
Element.prototype.sg_deleteCaption = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "deleteCaption", s);
}
#66 JavaScript::Eval (size: 100) - SHA256: 1c070e04386027411d366d82a4e6aa48e519c4cf5231e9012fc8563cf6b3b698
obj[i] = {
    sg_error: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "error", e, s, h);
    }
}
#67 JavaScript::Eval (size: 112) - SHA256: 6995126ff8132ebcb607e2cabed8fa4a32a401eaeec3330c1c2652aab9c5da8b
(((pathname.indexOf('evenstadmusikk.no') > -1)) && (!(pathname.indexOf('bekreftelse') > -1)) && ((devicetype == 1)))
#68 JavaScript::Eval (size: 99) - SHA256: 4477004db9fe1cea18b0b9a4b8edd62ec2997e9ca4b97db0e5c48bc6d8ad345e
Element.prototype.sg_style = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "style", s);
}
#69 JavaScript::Eval (size: 107) - SHA256: 251f60fbfed585ea47c3a64db666843a3fc832cee5359336596136c41f16a0ff
Element.prototype.sg_className = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "className", s);
}
#70 JavaScript::Eval (size: 102) - SHA256: 04d745880d4a529fe4952ecd0de4256f222d58d792d2383e36a194027524e932
obj[i] = {
    sg_unload: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "unload", e, s, h);
    }
}
#71 JavaScript::Eval (size: 102) - SHA256: afc949cfae60fe97530d00bc43e81cdb3d57d17801048d795cb3bc5987aa2e99
obj[i] = {
    sg_scroll: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "scroll", e, s, h);
    }
}
#72 JavaScript::Eval (size: 106) - SHA256: 32899bf83a4ee9c73f1fc038f7b575c49a93145671037e5c445992c466cf80d2
obj[i] = {
    sg_delegate: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "delegate", e, s, h);
    }
}
#73 JavaScript::Eval (size: 94) - SHA256: e53fe4ea8feabb73eba0528cd0c806eff79c91bf92e3417c26fb39eab6e828d2
obj[i] = {
    sg_scrollTop: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "scrollTop", s);
    }
}
#74 JavaScript::Eval (size: 84) - SHA256: 76e791d9b4514035935bedd06a6b7ede1f09e48659e827bdc33b93a3788e27ac
obj[i] = {
    sg_text: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "text", s);
    }
}
#75 JavaScript::Eval (size: 98) - SHA256: 849b5c949bf8377d986b71ba82901d5d1f91644b79e9e50f9fe068400210ddbb
obj[i] = {
    sg_replaceWith: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "replaceWith", s);
    }
}
#76 JavaScript::Eval (size: 108) - SHA256: e27e5448eb2825de6e707920a48b4fdbc453ff63baa6f120397a27a81b2300ba
obj[i] = {
    sg_mousedown: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "mousedown", e, s, h);
    }
}
#77 JavaScript::Eval (size: 115) - SHA256: e7afd66b1c7817c53dd356f61f2028535864639f8b0fd3cc93d1a27944b943c0
Element.prototype.sg_createCaption = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "createCaption", s);
}
#78 JavaScript::Eval (size: 111) - SHA256: dee5dde7c1f282c3acd303eac3de6715429a58c3447bdcd05e868fc456910c0f
Element.prototype.sg_createTHead = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "createTHead", s);
}
#79 JavaScript::Eval (size: 111) - SHA256: 674c9df94b2bff8a2ed45815d7b8125185cf5d31c9cca5f59e73b3637f952bd9
Element.prototype.sg_deleteTFoot = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "deleteTFoot", s);
}
#80 JavaScript::Eval (size: 106) - SHA256: 2b2538f3b0ae9127b52b34742ad06dcebe3bdbac8666575600205f46bc98c022
obj[i] = {
    sg_mouseout: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "mouseout", e, s, h);
    }
}
#81 JavaScript::Eval (size: 104) - SHA256: 27a95c89e22e52f37fa3f8d094746ef8391f8d12a19ee7ef079e8c6794dbe659
obj[i] = {
    sg_keydown: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "keydown", e, s, h);
    }
}
#82 JavaScript::Eval (size: 106) - SHA256: 19de5aeda8979cb48d7382b7863855e4cf150401b5eac15e13efbc81905ae0d6
obj[i] = {
    sg_keypress: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "keypress", e, s, h);
    }
}
#83 JavaScript::Eval (size: 106) - SHA256: f673e5d804afd42b1a337c6e5ce5ea39bcb465480edf69863f92f84e98e57e26
obj[i] = {
    sg_focusout: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "focusout", e, s, h);
    }
}
#84 JavaScript::Eval (size: 102) - SHA256: 85a81841d4e5361490fa9c6e9dabaafa83df0ef34d8307bcdfd6a3988bd5877d
obj[i] = {
    sg_change: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "change", e, s, h);
    }
}
#85 JavaScript::Eval (size: 98) - SHA256: 95a7386970e1febcab0ceeacbfaa54b3c1b75023e42b829b9f72ba22ee2a5de9
obj[i] = {
    sg_removeClass: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "removeClass", s);
    }
}
#86 JavaScript::Eval (size: 111) - SHA256: 7f88105535f43dd979e5d48f7b60cc69f9b45a31e86ab17dfe710dead61217b0
Element.prototype.sg_createTFoot = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "createTFoot", s);
}
#87 JavaScript::Eval (size: 104) - SHA256: b3f8b91ae36c343227c86199c280eafa3ed378708ef128bd56d553f187c016ec
obj[i] = {
    sg_trigger: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "trigger", e, s, h);
    }
}
#88 JavaScript::Eval (size: 108) - SHA256: e2ec471961a5a0c00000c9e4fecf9776c50f8a11297614554cbb50a77cbdb9f2
obj[i] = {
    sg_mouseover: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "mouseover", e, s, h);
    }
}
#89 JavaScript::Eval (size: 108) - SHA256: 934ef6aec818715a9935187735e4ce82dd90a9a63777264d0d604b038bdea9c5
obj[i] = {
    sg_mousemove: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "mousemove", e, s, h);
    }
}
#90 JavaScript::Eval (size: 90) - SHA256: 9e88135a7daac18eee642dd127409f2984147f8378505e2dc2160b8c3262dc97
obj[i] = {
    sg_prepend: function(e, s) {
        return ob.lib.sg_proxy_jquery(this, e, "prepend", s);
    }
}
#91 JavaScript::Eval (size: 103) - SHA256: 49625cde41919055b3aee537e295eb7c749b29bc00820aed212012ecc3e896ce
Element.prototype.sg_tagName = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "tagName", s);
}
#92 JavaScript::Eval (size: 107) - SHA256: 2e84e9333a3b6484bfa2cb366b01b0dca93018c4364ecf440726722d56de4646
Element.prototype.sg_deleteRow = function(e, s) {;
    return ob.lib.sg_proxy_javascript(this, e, "deleteRow", s);
}
#93 JavaScript::Eval (size: 102) - SHA256: 370bb0f017b692ca82898674516b12404579977a3a8d358f38368f16ceeed28b
obj[i] = {
    sg_submit: function(e, s, h) {
        return ob.lib.sg_proxy_jquery_events(this, "submit", e, s, h);
    }
}

Executed Writes (1)
#1 JavaScript::Write (size: 5566) - SHA256: 073be8115bf7a7f101e18b00f5915c652e6b7c054957aba7a1d480146e163761
< html > < head > < title > Dising < /title><script type="text/javascript
">rD = false;function edcTimeout() {rD = true; }function cto_AI(u,n) { if (rD) {return;} var cto_ifr=document.getElementById('cto_sub_ifr_px');var cto_ifr_doc=null;if(typeof(cto_ifr)==='undefined'||cto_ifr==null)cto_ifr_doc=document;else if(cto_ifr.contentDocument)cto_ifr_doc=cto_ifr.contentDocument;else if(cto_ifr.contentWindow)cto_ifr_doc=cto_ifr.contentWindow.document;else if(cto_ifr.document)cto_ifr_doc=cto_ifr.document;else cto_ifr_doc=document;if(cto_ifr_doc.createElement){var im=cto_ifr_doc.createElement('IMG');if(im){var d=document.getElementById('cto_pc');if(d!==null && d.appendChild){d.appendChild(im)}if(n){im.onload=n;im.onerror=n;im.onabort=n}im.src=u}} }function cto_l(){if(typeof(cto_loaded)==='undefined')cto_loaded=1;else cto_loaded++;}function cto_run() {function l_i1_1(){cto_AI('https://x.bidswitch.net/sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30', cto_l);}function l_i2_1(){cto_AI('https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ', cto_l);}function l_i3_1(){cto_AI('https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID', cto_l);}function l_i4_1(){cto_AI('https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog', cto_l);}function l_i5_1(){cto_AI('https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw', cto_l);}function l_i6_1(){cto_AI('https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-wz2uDIafKcz0rMrIaEO3Gc972MprKO0N_TmjHA', cto_l);}function l_i7_1(){cto_AI('https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-F3YKe4afKcz0rMrIaEO3Gc972MoZW3HsntdZOQ', cto_l);}function l_i8_1(){cto_AI('https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-kCvWz4afKcz0rMrIaEO3Gc972Mo90dUsk7Mf3w&expires=30', cto_l);}function l_i9_1(){cto_AI('https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oYrJe4afKcz0rMrIaEO3Gc972Mq3DgxyoOLZ9g', cto_l);}function l_i10_1(){cto_AI('https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-5SFOK4afKcz0rMrIaEO3Gc972MrjfAGenOewkQ', cto_l);}function l_i11_1(){cto_AI('https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-iFQwTIafKcz0rMrIaEO3Gc972MoH7d9qY7Qu1Q', cto_l);}function l_i12_1(){cto_AI('https://criteo-sync.teads.tv/um?eid=80&uid=k-li-3Q4afKcz0rMrIaEO3Gc972MrWCUTamLSgeg', cto_l);}function l_i13_1(){cto_AI('https://eb2.3lift.com/xuid?mid=2711&xuid=k-j4UxpIafKcz0rMrIaEO3Gc972MpqkeonxL71Ow&dongle=013b', cto_l);}function l_i14_1(){cto_AI('https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ', cto_l);}function l_i15_1(){cto_AI('https://e1.emxdgt.com/put?d=d53&uid=k-LpgpioafKcz0rMrIaEO3Gc972Mo-uWdYrUrRdcHiDehP6XL6', cto_l);}function l_i16_1(){cto_AI('https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-UveORoafKcz0rMrIaEO3Gc972MrQQdEojxzaCg', cto_l);}function l_i17_1(){cto_AI('https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UAGdQoafKcz0rMrIaEO3Gc972MpWxZTK8xyABQ', cto_l);}function l_i18_1(){cto_AI('https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40', l_i18_2);}function l_i18_2(){cto_AI('https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40', l_i18_3);}function l_i18_3(){cto_AI('https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40', cto_l);}function l_i19_1(){cto_AI('https://id5-sync.com/s/966/9.gif?puid=k-_2XiBoafKcz0rMrIaEO3Gc972MqO2mGelwxt7w', cto_l);}function l_i20_1(){cto_AI('https://matching.ivitrack.com/sync?realm=criteo&uid=k-XaeR44afKcz0rMrIaEO3Gc972MrOq8pCBGGSvA', cto_l);}function l_i21_1(){cto_AI('https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-gXocj4afKcz0rMrIaEO3Gc972MqahqnrjbkLszxc3H3Myz4i', cto_l);}function l_i22_1(){cto_AI('https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ', cto_l);}function l_i23_1(){cto_AI('https://criteo-partners.tremorhub.com/sync?UICR=k-57mwbIafKcz0rMrIaEO3Gc972MrtxlTiqgEKrg', cto_l);}function l_i24_1(){cto_AI('https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-SdO4gIafKcz0rMrIaEO3Gc972MqM_2_ap3DllA', cto_l);}function l_i25_1(){cto_AI('https://sync-criteo.ads.yieldmo.com/sync?id=k-asiC74afKcz0rMrIaEO3Gc972Mq5rcT71jCe_g&pn_id=criteo&ext=1', cto_l);}cto_tot = 25;l_i1_1();l_i2_1();l_i3_1();l_i4_1();l_i5_1();l_i6_1();l_i7_1();l_i8_1();l_i9_1();l_i10_1();l_i11_1();l_i12_1();l_i13_1();l_i14_1();l_i15_1();l_i16_1();l_i17_1();l_i18_1();l_i19_1();l_i20_1();l_i21_1();l_i22_1();l_i23_1();l_i24_1();l_i25_1();}</script></head><body><iframe id="
cto_sub_ifr_px " src="
javascript: false " style="
width: 1 px;
height: 1 px;
display: none;
"><div id='cto_pc' style='display:none'></div></iframe><script type="
text / javascript ">document.body.onload = function(){ if(window.cto_run) cto_run(); };window.setTimeout(function(){ if(typeof(cto_loaded)==='undefined' || cto_loaded<cto_tot) {edcTimeout();var redirectLocation=location.protocol+'//static.criteo.net/empty.html'; location.replace(redirectLocation);}}, 5000);</script></body></html>


HTTP Transactions (223)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Sun, 04 Dec 2022 14:10:12 GMT
Date: Sun, 04 Dec 2022 12:24:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4924
Cache-Control: max-age=170954
Date: Sun, 04 Dec 2022 12:24:07 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:53:21 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 12:18:24 GMT
cache-control: public,max-age=3600
age: 343
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7456
Expires: Sun, 04 Dec 2022 14:28:23 GMT
Date: Sun, 04 Dec 2022 12:24:07 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: IL8dw5HYoFhYWI+zFJPiA+wXakAKedq64AdYa5xJLMLxdTFX9oiGgeiIwOT+8MjzN+qXZOdfu2w=
x-amz-request-id: N7BVJ80S0SY64FBM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 11:46:58 GMT
age: 2229
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: arbimuk.gov.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294
Upgrade-Insecure-Requests: 1

search
                                         199.115.115.119
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 483
date: Sun, 04 Dec 2022 12:24:06 GMT
server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (483), with no line terminators
Size:   483
Md5:    1f9a494a7ff061cedd9c62e3ede3c7da
Sha1:   bc5ebf44d67dc56d2d8e5d2c584f2d770e30eb93
Sha256: 0fc16c6e01b883945529d01392f5d0bba4559295a92751b659c74bee7d04a3ba

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 12:24:07 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: arbimuk.gov.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arbimuk.gov.wy5532.com/
Cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294

search
                                         199.115.115.119
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 04 Dec 2022 12:24:07 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 910
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4916
Cache-Control: max-age=165879
Date: Sun, 04 Dec 2022 12:24:08 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:28:47 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VBwj8GXV48boXYT0hG+NvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.13.69.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vLydqRC+foIDorvTYU+DlBipqQA=

                                        
                                            GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE2Mzg0NywiaWF0IjoxNjcwMTU2NjQ3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wZDdxNmN2azh1dDZtbDQwYWpxMGEiLCJuYmYiOjE2NzAxNTY2NDcsInRzIjoxNjcwMTU2NjQ3NjQ5NDUzfQ.oJZDatD21Gany7g_fLEXZ35VZ2ewxODjORoybJJovK8&sid=8a19e914-7202-11ed-b1f3-fea64ba8d294 HTTP/1.1 
Host: arbimuk.gov.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arbimuk.gov.wy5532.com/
Cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294
Upgrade-Insecure-Requests: 1

search
                                         199.115.115.119
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 04 Dec 2022 12:24:08 GMT
location: http://dipaka-ead.com/zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294; path=/; domain=.wy5532.com; expires=Fri, 22 Dec 2090 15:38:15 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://arbimuk.gov.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 12:24:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: mucnnlCk


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1100
Md5:    fb9d6e63be806a5337208254aacf6dd6
Sha1:   33bac39984dd96d4acafb2aafbde77142a711f11
Sha256: 999596a909bb73e8d375f26c1ac3d848cadfdbb1da606c243c96d51d17d40681
                                        
                                            GET /zcredirect?visitid=8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 12:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: BvvRxpog


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   356
Md5:    9d114559ed5dc381324cb32d47063d90
Sha1:   4b16f733768b87ec64f017f9e576275330c9dbde
Sha256: dbe17731b5f728e5aed60c87ffcb6473d0c9df855bbe13f29d6f5f0dd1cb61b6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "10E0EFF317372FFA44BCEE29D23C4E65CA7A6DC77AE58B67409606404E9740EA"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15000
Expires: Sun, 04 Dec 2022 16:34:09 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.208.247.235
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Sun, 04 Dec 2022 12:24:09 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: BvvRxpog


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            GET /s/r6?s=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3 HTTP/1.1 
Host: clever-redirect.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         78.46.197.88
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: d8c12e41cd457e9b4f39d0b82f2f0a5d=ca381fcff0691f8ac4a9288ef19172365b526a8f25057976544e614796eedca7a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22d8c12e41cd457e9b4f39d0b82f2f0a5d%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 05-Dec-2022 12:24:09 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 357
date: Sun, 04 Dec 2022 12:24:09 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (357), with no line terminators
Size:   357
Md5:    d95a91008b4cc4f8cbfa7b79426d32df
Sha1:   b68e278b784b4748b0e0afb1fed4dc2b5c1a728e
Sha256: 065d8a1ce36217c878df5de8c20a2b04bbc3b5bb84ee792c56f2d07b41400690
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 52291
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 52623
etag: "8637105f41058bc0d2b259d462b560881928adb6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10431
Md5:    2636f91bb8fa4d9bb7bef114c248a9ae
Sha1:   8637105f41058bc0d2b259d462b560881928adb6
Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 52282
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 52448
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    a6e7b32ac999cf3c899a234c621fa91a
Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be
Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 52808
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 17848
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "48DD695E066B8602411762B2985B2D73FAF7052D30AB18ED2970C3D74B5106CD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Sun, 04 Dec 2022 18:23:25 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive

                                        
                                            GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=evenstadmusikk.no&s1=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3&s5=cf HTTP/1.1 
Host: lookandfind.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         5.9.110.29
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 12:24:09 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: ae6e4e26ac8e1eec5114fda81f7689d2=358ec4b3ffcfeb8fcc8e896f355f9de0d8d1c79da66761698af22b54bf1a5786a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22ae6e4e26ac8e1eec5114fda81f7689d2%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 05-Dec-2022 12:24:09 GMT; Max-Age=86399; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Size:   616
Md5:    6aeb592d4f84f4eda19c204d5910c75d
Sha1:   0ab4af651f8bc1e642ba63180ba246a49fb45bea
Sha256: 51f302cdddab0e10027b8eb354c030629a44bf0b8fce4e269a524ab9fab50276
                                        
                                            GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DY3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0%3D%26i%3Dhx7aKG7dap4YT00X%26placementId%3Dac53875f382fe40e15dcd6cfd7d2b2a2&h=b63f84899e02adf9815352838cc33ef2 HTTP/1.1 
Host: lookandfind.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ae6e4e26ac8e1eec5114fda81f7689d2=358ec4b3ffcfeb8fcc8e896f355f9de0d8d1c79da66761698af22b54bf1a5786a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22ae6e4e26ac8e1eec5114fda81f7689d2%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         5.9.110.29
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 12:24:10 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Size:   544
Md5:    86501b63f7b6bf7e432a3fd948171cc3
Sha1:   70703d850f557d679932c99dbe97134f9bf047c0
Sha256: fe44a09879dcc5cb17fd5ce71b37a54c2c6092b5286873ed679f1dd82adc09f0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "475635B6695DE9727ED59E748F096863A5861568E0BCAA2E4211EFF80FBBBE45"
Last-Modified: Sun, 04 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11447
Expires: Sun, 04 Dec 2022 15:34:57 GMT
Date: Sun, 04 Dec 2022 12:24:10 GMT
Connection: keep-alive

                                        
                                            GET /v2/r/deeplink?e=Y3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0=&i=hx7aKG7dap4YT00X&placementId=ac53875f382fe40e15dcd6cfd7d2b2a2 HTTP/1.1 
Host: api.yadore.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         88.99.112.2
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Sun, 04 Dec 2022 12:24:10 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fevenstadmusikk.no%2F&custom1=0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140597
Date: Sun, 04 Dec 2022 12:24:10 GMT
Etag: "638c1317-1d7"
Expires: Tue, 06 Dec 2022 03:27:27 GMT
Last-Modified: Sun, 04 Dec 2022 03:25:11 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3t2_eo7-mAMYUCb8myraX3bFMJ8d45dpL1_MJEWwvinZXDu7VrP76Q==
Age: 136

                                        
                                            GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fevenstadmusikk.no%2F&custom1=0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132&custom2=SRdytlITOR16&custom3=false HTTP/1.1 
Host: api.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Cookie: datadome=3UGkLMueA-i4m3bEVTqrXss~_xeQ64I7lqwHjtYzQjhSswDDsjQH~tc3UkRMfDaVvGQMI283cLQB2w-ZvHoTSMBF9~ZzJMl508UF6zMVcwLYman5DxahyYOq_nbEdGlx; kelkooID=a4c6294-184dc5cef64-3923c7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.55.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
content-length: 31985
x-gravitee-transaction-id: f18bc4d8-fade-4661-8bc4-d8fade46615f
x-gravitee-request-id: f18bc4d8-fade-4661-8bc4-d8fade46615f
leadid: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666
clickid: 107698147_1670156650880_12059791
country: no
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
set-cookie: datadome=OCImDP9~d6FpNc-coN62FhudM3OICaUTlZvNz1Y~YRLXiv66B4bSY8r2TIk-7LmBIROU-WNJNoLoAxeFaiYYYvZbqeAM7ijci2SIjmysi~~2BGq8DrjtM~aztCRxD_c; Max-Age=31536000; Expires=Mon, 04 Dec 2023 12:24:11 GMT; SameSite=Lax; Path=/; Domain=.kelkoo.net; Secure kelkooID=a4c6294-184dc5cef64-3923c7; Max-Age=31536000; Expires=Mon, 04 Dec 2023 12:24:11 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
x-datadome: protected
request-time: PT0.667911S
x-robots-tag: noindex,nofollow
referrer-policy: origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Sun, 04 Dec 2022 12:24:11 GMT
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AOs2p4-cH-elgp6eWPMVZSsGgeW6eAIsT6WADHtBtKreZ4fw13jcAw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Size:   31985
Md5:    1de8e80762a000a40a47ef73173a335b
Sha1:   d0fc7c5e3937822c4f915a99e1a6ed4f947dcdac
Sha256: 58edd55091a4f5ae6099314ead9d494d0e1da674d74380e8aa3943580687cb3c
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6426
Cache-Control: max-age=111220
Date: Sun, 04 Dec 2022 12:24:11 GMT
Etag: "638b87c5-1d7"
Expires: Mon, 05 Dec 2022 19:17:51 GMT
Last-Modified: Sat, 03 Dec 2022 17:30:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5050
Cache-Control: max-age=109844
Date: Sun, 04 Dec 2022 12:24:11 GMT
Etag: "638b87c5-1d7"
Expires: Mon, 05 Dec 2022 18:54:55 GMT
Last-Modified: Sat, 03 Dec 2022 17:30:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2909
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 12:24:11 GMT
Last-Modified: Sun, 04 Dec 2022 11:35:43 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791 HTTP/1.1 
Host: no-go.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=3UGkLMueA-i4m3bEVTqrXss~_xeQ64I7lqwHjtYzQjhSswDDsjQH~tc3UkRMfDaVvGQMI283cLQB2w-ZvHoTSMBF9~ZzJMl508UF6zMVcwLYman5DxahyYOq_nbEdGlx; kelkooID=a4c6294-184dc5cef64-3923c7; _ga=GA1.2.16646053.1670144386; _gid=GA1.2.125778064.1670144386
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         95.211.116.27
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 12:24:11 GMT
Request-Time: PT0.002905S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=88
Connection: Keep-Alive

                                        
                                            GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1 
Host: no-go.kelkoogroup.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=3UGkLMueA-i4m3bEVTqrXss~_xeQ64I7lqwHjtYzQjhSswDDsjQH~tc3UkRMfDaVvGQMI283cLQB2w-ZvHoTSMBF9~ZzJMl508UF6zMVcwLYman5DxahyYOq_nbEdGlx; kelkooID=a4c6294-184dc5cef64-3923c7; _ga=GA1.2.16646053.1670144386; _gid=GA1.2.125778064.1670144386
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

search
                                         95.211.116.27
HTTP/1.1 303 See Other
Content-Type: text/plain
                                        
Date: Sun, 04 Dec 2022 12:24:11 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666
clickId: 107698147_1670156650880_12059791
country: no
Location: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.015996S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=5UXu7UOawZR68VjHZuMg52C2JfHY9pUi89AMBcizlzkd0q6RnwStz8ARLCOLnAZN9IZX6~5aUI6GLjC2t34mDckAsKKVLZPJL0slYfHkB9r8on4q0v7VZSVVN7k0EMmt; Max-Age=31536000; Expires=Mon, 04 Dec 2023 12:24:11 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=85
Connection: Keep-Alive

                                        
                                            GET /?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY, DENY
x-aspnet-version: 4.0.30319
set-cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; expires=Sat, 11-Feb-2023 23:04:11 GMT; path=/; HttpOnly; SameSite=Lax ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; path=/; HttpOnly; SameSite=Lax McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; expires=Mon, 04-Dec-2023 12:24:11 GMT; path=/; SameSite=Lax McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; expires=Mon, 04-Dec-2023 12:24:11 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 21542
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3340), with CRLF, LF line terminators
Size:   21542
Md5:    97e646dc2c0a2ce13e3bd53bbdfb0ab2
Sha1:   4f9d9a72e726f7e86a7744809465ae5d0313475b
Sha256: e76a17ead015b84d03ee3484777cc72d2489e31e38e770dc6004a33052db00aa
                                        
                                            GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 35817
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   35817
Md5:    ddb7f27fac893c0f86fdd7287c9e7bcc
Sha1:   28d8915e41266a9dabd9c321e1e4fefcf539d2e4
Sha256: 90dd0b885e1d701a2c2b4f98056fb551e06d297acc3be4b990f5dd062dd88089
                                        
                                            GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 5256
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (29049)
Size:   5256
Md5:    fcf3559ffa9e565dab01c36d30a68ac6
Sha1:   bc14a55cf31dcb18672d43d53911189c7a3e0fac
Sha256: 8c747cd13d87d80bd397fd6f33684195100deb27520aec8b343938d5936bcfdf
                                        
                                            GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 58637
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Size:   58637
Md5:    4659df9f7cc6bb95890aa4489f5a1bb1
Sha1:   b6be689693a32e035b8907faa8e1c8efbcad930e
Sha256: cd7c9ed05995d68c454adbdece28668912e4f008bc92cc6b680c0d7a4bf9f239
                                        
                                            GET /scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: public
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1032
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1823), with no line terminators
Size:   1032
Md5:    d5cbf6e684d066ada657228d15c6a262
Sha1:   19b0fdbf000387738f4d461353ef690967a7c5a4
Sha256: 9d06e957d4ae1913a2be1fc77c90fa5caef509a1d3f985f5d59c6e642160c8c0
                                        
                                            GET /scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: public
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1260
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3914), with no line terminators
Size:   1260
Md5:    711c5d58494443d5fd28b0209f25837c
Sha1:   0cd7fe531010a72cb4f52bc1aeeaa1a1f5e7e8ce
Sha256: 2d5668b1ebf7be16d0c436bf0c4b624d8863cda63354c710cd7b49b4aad07981
                                        
                                            GET /dist/js/runtime.df29bc903bd9297c5e1d.js HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 998
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1501)
Size:   998
Md5:    cab9eab5b4d4eb8fcbd645b6e0bfc52b
Sha1:   1a7d98b4bf9a4db3aaf56c47ad726eebd89389ee
Sha256: eabe0a9859ebe569ab5116574a9ac136ea385985e3883f7633c8f499eb5223c7
                                        
                                            GET /dist/js/2.0da3ac3e030567eb42ed.bundle.js HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 16763
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65074)
Size:   16763
Md5:    99b90c3783ee788dccde1fe0db90ee8b
Sha1:   7a86c50d42c453f10f0dfb7c9606bdcb751221e7
Sha256: f8ee55cf8ea6de787a60e07dd5368927ee56b7bc4ed00e78c8dddcb3081e08c3
                                        
                                            GET /dist/js/main.ce4c6c793c2ece21ca7a.bundle.js HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 10880
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43050)
Size:   10880
Md5:    fcfe4a392d71570f374119d43f520470
Sha1:   7e53800c88831fbf22b7237c90f239e5a74fedcb
Sha256: 8d214b0d4a15c310485724db332b76bcd8dca354e78fa95d36f7cdef662d82b5
                                        
                                            GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 324
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (482)
Size:   324
Md5:    179532837400772dd29cd25dd70e12ee
Sha1:   dc3f5c2a19d9883798fc9e1196cd3cf65f7fd468
Sha256: d42ab38beae6428f2859a7b3a8384b6ea5cb87d273a647b1d34afccac3c518bb
                                        
                                            GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 414
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (464)
Size:   414
Md5:    209b3f0e68089d359864c983d4cb4ea5
Sha1:   56e758ec7b661173fa269a4759a4f4d73e26782e
Sha256: 21445b65e71e5206ba10634da783b06c778d805568bd966e5e85ba535379dc1b
                                        
                                            GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 307
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   307
Md5:    ed75b580c347abdaaf2f8e21463a19ec
Sha1:   a29de8f0ba99ca6c7423016f351f2d82515885d9
Sha256: 94ecc976175501ed960a9abf60be6bd189b6007908b48b56784e4b80ba99eac6
                                        
                                            GET /dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public,max-age=31536000
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1073
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2901)
Size:   1073
Md5:    a2eb359233bcc9e7f65d149e21ecc20a
Sha1:   2e661c297a24a175fc7bc6316a6c2b4b9b304fc6
Sha256: f1b03dc42dc988b0bafed04d8e0578ff4909ea98f7b4277828527e128293e50a
                                        
                                            GET /App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 37
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 2 x 11\012- data
Size:   37
Md5:    6f73aa84eb3170630d812433a7f859ae
Sha1:   5d6f769d44b1a26dc7659047d006310b40dc1666
Sha256: 18052af927c25016d55b3f4dcdf96f767536b94fb29e2713adc5080bdb220fa1
                                        
                                            GET /App_Themes/MASTER/images/1px_transparent.png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 141
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   141
Md5:    273352ef860dea665ed24eed59488efe
Sha1:   14fbeaca4303ceff0662c23a0d13365766db1654
Sha256: 38631a426e372dbe90a52ab1b1f0312d254c3d2559472ced786530f89363295f
                                        
                                            GET /css/images/flags/no.svg HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/svg+xml
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 291
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   291
Md5:    b055a104cef55232e01a5ee94d3f72c9
Sha1:   6e43e96b74036e142b0a7270ba7a814671aa885b
Sha256: 2c0800132cf9e6c1a9f64d047984cd9083ccab7770f52db10899369b9f6fb9d3
                                        
                                            GET /scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: public
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 2484
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5780), with no line terminators
Size:   2484
Md5:    fa66d28df0716c956dc20fb9bc63a36e
Sha1:   819f161f4672dfd51e882a6cd8133d979ce95dd8
Sha256: e6c59b3f4612e5bcc575a1e1ccc93c66817baca50629aad5d2e1340d29d65130
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fevenstadmusikk.no%252F%26custom1%3D0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=16646053.1670144386&tid=UA-168544891-6&_gid=125778064.1670144386&_r=1&cd1=&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&cd3=10846323&cd4=a4c6294-184dc5cef64-3923c7&cd5=&cd6=%7C10846323%7C&z=311407361 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         142.250.74.14
HTTP/2 200 OK
content-type: image/gif
                                        
access-control-allow-origin: https://api.kelkoogroup.net
date: Sun, 04 Dec 2022 12:24:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /App_Themes/Demonstrare2MASTER/Images/Flags/United-Kingdom.png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1132
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   1132
Md5:    8e58fcd8722c906510f344d0b7223d93
Sha1:   31a534aca1b0094344c8d87450e7066e3139b614
Sha256: 8a387d8558f49244c17766a18c27cacebdf97e8135ae386fa8e6aacca8aaa636
                                        
                                            GET /App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 626
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   626
Md5:    0114e6aac48ec2f163429219fe36a42e
Sha1:   6908b2a4a82c1ac33d40a906ff65780c9b5c60ea
Sha256: 2ff81c8bf1be911f9f376f64b8f7f97e230b96adf6e95892a6a43e1de6a32265
                                        
                                            GET /userfiles/image/theme/EvenstadD4/logo-ny.png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Mon, 17 Jan 2022 11:42:53 GMT
accept-ranges: bytes
etag: "21ddab5c97bd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 10352
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 295 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size:   10352
Md5:    4e4465aedb678084dec217680cffcc6a
Sha1:   03be16aa6f66a059090ef5aa5445633e4f55d2bc
Sha256: 5744489b7ff9864d5d64834d7efbd373712e29acabdd75fff06abf32d255fe91
                                        
                                            GET /fonts/multicase-icons.woff2?19959973 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 9000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9000, version 1.0\012- data
Size:   9000
Md5:    ae9297c781988524286f15cc0d4523ad
Sha1:   a0cb1b8403f21e6d52ecf39b0f6405932bb69b71
Sha256: dc06cd9132370d5fe97173d66d4eef4ae4419353ba2eb0f2cd75a530e0441c3b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/Campaign/LoadSpecialOffers?_=1670156649915 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 41
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   41
Md5:    869a8c7b1da5af6130726896dc38da10
Sha1:   393c31667a6b2a37462994d42e01c7db1efd653b
Sha256: a823eabc48c16d9fa3176bcda6e8788956b4c7eff3b709f11f63458cab894dbb
                                        
                                            GET /css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Thu, 01 Mar 2018 12:37:56 GMT
accept-ranges: bytes
etag: "0aaa51f5ab1d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 6483
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced\012- data
Size:   6483
Md5:    f799e68bcb69dabe8939d2556f0c9bd6
Sha1:   88b49665766539945d9220965a8c0a4889099571
Sha256: 3bf946e26f8b8e155021f2d0ffbc0423a8ec667f084a69526c3b8f92157199c9
                                        
                                            GET /favicon.ico?dev=abcdefgh HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/x-icon
                                        
cache-control: public,max-age=31536000
last-modified: Thu, 21 Aug 2014 08:17:10 GMT
accept-ranges: bytes
etag: "8d42234e18bdcf1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 326
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 2 colors\012- data
Size:   326
Md5:    5a4d24568f6a92a0cacfe2f05ba3ae82
Sha1:   aaa07e287c68effb8a81615a19948203609cc54b
Sha256: e734a7e810d7d2b2e915e621f2e3611fce849940db563fa44829b3aac3df6cdb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:26:36 GMT
expires: Wed, 29 Nov 2023 07:26:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 449856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2134)
Size:   5437
Md5:    30ca3165d143baf2835023bfcf463450
Sha1:   62c662c0873b79a314c040fef28dcd29abb14480
Sha256: 4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /api/AreaRenderer/RenderFields HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 4057
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; expires=Mon, 04-Dec-2023 12:24:11 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 22424
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (22329), with no line terminators
Size:   22424
Md5:    e848eeb5b054ecdad89bb1091c7d8808
Sha1:   d729717def5f75a981a6f3c9cf611559c1d4ea7a
Sha256: 69444b8eb07b882c39337b97a816a0279f7837c5690070607e0b50121f229902
                                        
                                            POST /api/TinyPopup/RenderTinyPopup HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 977
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, ASCII text, with very long lines (977), with no line terminators
Size:   977
Md5:    5a91e9a5dd231efcda1b0e443d374db2
Sha1:   1b0a78777e3352edb6e54c52607573d12c85abbe
Sha256: 82902e2c642af193113b73b451bdfe31c7cda5b3d7192e3b10a0ce9e932b4cbf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/stylesheet/combined/EvenstadD4.css?version=60 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
cache-control: public, max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   919774
Md5:    ee72bb20a70463e94ffd478741b9d1da
Sha1:   51395fe72f75c40c4ff07c82c9b666a19945653e
Sha256: 7f982dcc166b16f089ed8ee152cf8f939c4e8fa6536c10c706e38f9f90bdefd2
                                        
                                            GET /Media/Publisher/ArticleImages/trommer1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 01 Apr 2022 13:26:48 GMT
accept-ranges: bytes
etag: "eb70d24cc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 33417
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   33417
Md5:    59600d0a826009667df5c921e3edaafd
Sha1:   257951c8003daec54dade9abd0b662d7be374ff0
Sha256: cbee6c8032fc716253c7b4501eada11c8f71aa4904757cadc5158db734afba62
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 495091
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /Media/Publisher/ArticleImages/tangenter1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 01 Apr 2022 13:27:54 GMT
accept-ranges: bytes
etag: "5a7734bcc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 26710
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   26710
Md5:    18a8166914dd6d1f9c7884c517083687
Sha1:   9d29bd2090f980ba413a1a9532dda923e22a1f08
Sha256: bbe528b6b3cd6a18076b8eae3deeb362354c5e878d93eb9c3b508fc5734ffb3d
                                        
                                            GET /userfiles/image/gitarbass.png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 01 Apr 2022 13:24:57 GMT
accept-ranges: bytes
etag: "2de076e1cb45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 12880
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Size:   12880
Md5:    4f88540a53bf8bce8475a567babd1802
Sha1:   62c5d8ebc0378bfdf59ff74223668eb792312e55
Sha256: bc165c6a1deaebc75e4e2e0f0363850f71aec30204bfaa346fde96ba07591130
                                        
                                            GET /Media/Publisher/ArticleImages/PA%20utstyr1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 01 Apr 2022 13:28:40 GMT
accept-ranges: bytes
etag: "f1abb866cc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 23090
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   23090
Md5:    e3fb2a8f3cb3808ce98961cf2dbd1d63
Sha1:   3732e8bc65a0bfd9512a1daaa0cfb56dddad22ea
Sha256: d8bc3244e063a0e38551672253cc35306e2d8224dd8099dcddca75811a67dc40
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   69587
Md5:    11dc9bdc13f66bfab09bd1a3b937812e
Sha1:   f7248c2da3f8e5611268fe3efdfc50bd81623f5d
Sha256: c943045f8af16c5b53bd7cfd2ab5edbd1f47f45b1b21b7cb3632f66fb62f437c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /Media/Publisher/ArticleImages/studio%20data%20mikrofoner1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 01 Apr 2022 13:29:53 GMT
accept-ranges: bytes
etag: "4098fd91cc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 25203
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   25203
Md5:    53e8f8f7b9a778b5200cf9f4743517a1
Sha1:   4e728aa85069f6ebcc027970c8e85db333e4c708
Sha256: 7c0eac9960c2cac77f5942d71100694d2107e13cd670d0f04e659c70892fc302
                                        
                                            GET /Media/Publisher/ArticleImages/DJ%20utstyr1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 01 Apr 2022 13:30:34 GMT
accept-ranges: bytes
etag: "f3969eaacc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 29976
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   29976
Md5:    1644ebf4c77e8cf7230225d806b34d48
Sha1:   29e71b3d5e8d531e6772a009bbc556dd9a753803
Sha256: c11d075ccf1750d19540d34b94f63e3527dac50b8e1cbbeda70e308179cacd48
                                        
                                            GET /Media/Publisher/ArticleImages/U_87_Promotion_landscape1644415965_scaled_640.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Wed, 30 Nov 2022 12:46:09 GMT
accept-ranges: bytes
etag: "fe1b98b8b94d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 212875
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 640 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   212875
Md5:    cb4c2acfc1e5510b51ba33edc8f73021
Sha1:   bc4bc9b8215c1e03d717ef91f9398eeac50868af
Sha256: 2267c6171f9ab13936061c82f34a3b7216024bb98e8e0f3b50537abeb55c5e15
                                        
                                            GET /Media/Publisher/ArticleImages/WoodrockBanner_38401644415965_scaled_640.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Tue, 29 Nov 2022 08:04:54 GMT
accept-ranges: bytes
etag: "41b5f843c93d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 285004
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 640 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   285004
Md5:    d17f4958295d0b99aa16364c4602b2a5
Sha1:   a07f7232d8fcd61db25c02311232152bb8cc6e4f
Sha256: fcf8f0ac10d601afc9e35c7562eed4ddcc27e02086149551a42533f2b6fbb914
                                        
                                            GET /Media/Publisher/ArticleImages/SSDB-Webbanners38_1940x5451644415965_scaled_640.Jpeg HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public,max-age=31536000
last-modified: Thu, 01 Dec 2022 14:02:43 GMT
accept-ranges: bytes
etag: "bfb24958d5d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 21017
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x180, components 3\012- data
Size:   21017
Md5:    640ad8bf18b9530191a0340cd194cd0e
Sha1:   436c59539650fd6d8cbc8b4aa720cfb8a6b7cd37
Sha256: b3ba40f4f1c631f443c1f545f9b64191b6b2e800c015e0da1b4514e0ccb0aa5b
                                        
                                            GET /Media/Publisher/ArticleImages/LagersalgBanner221644415965_scaled_640.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Thu, 27 May 2021 12:31:17 GMT
accept-ranges: bytes
etag: "e32d730f452d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 109250
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 640 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   109250
Md5:    db4439a8023eac2c4f5b789c673c497c
Sha1:   2986648fff9a3da68d171182eed02b370fd7a587
Sha256: a75479e21505d5b1743427d2b1e8ab3ef93960a9a4b8d9418205bb99d0803edd
                                        
                                            GET /api/Responsive/SetScreenSizeMatched?matched=true&_=1670156649916 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 6
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   6
Md5:    ebc576222020c2a2ae2fc769169f1d2a
Sha1:   0e1cdc4ff179fdf17f6cc1de1f04f79e3ba63503
Sha256: 18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
                                        
                                            GET /Media/Publisher/ArticleImages/GavekortBanner%20XS1644415965_scaled_1280.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Fri, 01 Apr 2022 14:05:03 GMT
accept-ranges: bytes
etag: "77cdbf7bd145d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 603015
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size:   603015
Md5:    eadbd757b6281fcded59eb3146cb774b
Sha1:   af7b65ac4f3a1cce5d524300f8250785fed7521a
Sha256: 917f6875d194cac996e0953cf3a0591ff873660f41135f815e6d291cf9f00f41
                                        
                                            GET /s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:44:48 GMT
expires: Wed, 29 Nov 2023 23:44:48 GMT
cache-control: public, max-age=31536000
age: 391164
last-modified: Tue, 23 Aug 2022 18:11:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25540, version 1.0\012- data
Size:   25540
Md5:    3dc72cae1a32e87b38144a702ba627e0
Sha1:   bfbc729a34b987cd06d20842c5049ac275ea4139
Sha256: 1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
                                        
                                            POST /api/SlideOverBox/RenderSlideOverBox HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 920
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, ASCII text, with very long lines (920), with no line terminators
Size:   920
Md5:    aa4319af842e781d8ef78c6fac1194c4
Sha1:   923cbcb23020323bc4909e6ab91c1f5a82da7882
Sha256: ea2d8a500bc9d8ee170aae8af5986203069291079869fe9e8b3cb005a84ccf9e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670156649917 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 1889
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1889), with no line terminators
Size:   1889
Md5:    5d0f07b192a7b41a55b7f17bd81829ab
Sha1:   a079308a424323a269ebe0b66f69975a07a923ca
Sha256: c23993b6582e1540dde2801808c2a6698dcc14bff9432be692cb901cdc66de2a
                                        
                                            GET /api/OrderbookManagement/GetFavouriteSettings?_=1670156649919 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 29
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   29
Md5:    efa5e4ce7d2d30bd853f5e49f3390727
Sha1:   e79e5f66d448ebd9a4177b5cbdae7266486b7590
Sha256: 95b096eaa4a28e8d1bd5d14eb376a69087c17d8eb4f85bd2843f194fd2da9b6f
                                        
                                            POST /api/AreaRenderer/RenderFields HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 981
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 4645
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (4626), with no line terminators
Size:   4645
Md5:    a6f2dbc1fadad8c30bcc3a998907a31f
Sha1:   4696d4ed42f0185444ab88adddffb9f35a063ec4
Sha256: 9a2f590726de9ed80e0a04d1dc17e135cee6ff981ac3ae144f3506763e8811a8
                                        
                                            GET /api/ProductInfo/HasMultipleFavouriteCarts?_=1670156649920 HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 5
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   5
Md5:    68934a3e9455fa72420237eb05902327
Sha1:   7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
Sha256: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
                                        
                                            GET /Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public,max-age=31536000
last-modified: Mon, 04 Apr 2022 09:38:27 GMT
accept-ranges: bytes
etag: "858f91bc748d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 2027
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 68x67, components 3\012- data
Size:   2027
Md5:    a1465910a001ee5c10bdbb468a945d03
Sha1:   8372b7a8073459dd598478586e50b4f00aed85e6
Sha256: 3b77d4ec27723324fe864c362001b5263f6a5e6c3c9b9b194148a4bd91fe0191
                                        
                                            GET /Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "eed36467bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 851
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   851
Md5:    3b3bab07d4e9d123055aaaf2df5a212e
Sha1:   0bc878c327e7b5f6fcf2f652cc93b5583ce3641d
Sha256: 418af470f0be5746d7391db907c658d9c4b74bc7b10bdd27fe245807043f338d
                                        
                                            GET /Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 1102
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   1102
Md5:    673f78118abb9a568a6fe579b8349149
Sha1:   a068caa12bbdbc88fec8b39bd7e82ce34c0ea94b
Sha256: d67d8e824be7bc112f7c094f103eac4179848fbb584d217b7324f2ea6bd27a27
                                        
                                            GET /Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 891
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   891
Md5:    8736afd5ed0a28ed6175615d0ec9abf3
Sha1:   d9f28966fa4e2af8a85197f59792da857b109dd9
Sha256: b2050927a90edc5a9b9fe86fbdaf28e9483d34df614e266aca9d653516cc4ef3
                                        
                                            GET /Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public,max-age=31536000
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 2420
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 96 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   2420
Md5:    9fc0a4417800592af0662b12e57cbfe3
Sha1:   e3a00dafcf326d847a360b4d2c3453fad461436b
Sha256: 04dbb85c3e4fce945cefc48d4700a8b7f9290caef7771f8b93396298bf908930
                                        
                                            POST /api/Stats/CheckForPopupAfterProductVisit HTTP/1.1 
Host: evenstadmusikk.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 32
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         80.86.142.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 5
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   5
Md5:    68934a3e9455fa72420237eb05902327
Sha1:   7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
Sha256: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-M4PR24 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 12:24:12 GMT
expires: Sun, 04 Dec 2022 12:24:12 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11328)
Size:   88001
Md5:    25e204a101803f10c8a499ce0e096b20
Sha1:   c03df0e9c26a54a60fd4ecbeb06543f715a9d220
Sha256: ee51648aad70ff00767b02242acbe50d893d6a564e0aa7166000b5da960a139f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/1025019056/?random=1670156650732&cv=11&fst=1670156650732&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.66
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 976
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 12:39:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2181), with no line terminators
Size:   976
Md5:    26dff7d7144e5535c9d68087089765b4
Sha1:   6c8cf3390b9facdf1a072b67c96ae3c991e443c5
Sha256: e3aa63484821d0cfbb2b8286ec26971a3a82b63505e6eb4caf424e966b841721
                                        
                                            GET /leadtag.js HTTP/1.1 
Host: s.kk-resources.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.123
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: b7db6459-aedf-48bb-9b64-59aedf48bba7
X-Gravitee-Request-Id: b7db6459-aedf-48bb-9b64-59aedf48bba7
ETag: "05e089e0c08fd98ee6b4f6497ec87752b123fc2f"
Request-Time: 4
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 12 Jul 2022 13:51:05 GMT
Content-Encoding: gzip
Date: Sun, 04 Dec 2022 12:01:36 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HswtDR--TSdvf4-tSZ5aUxVLJ0LKPB4y3OecnlwN16_JrNaBMoqKlw==
Age: 1357


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (6910)
Size:   2595
Md5:    b9c7aa9898d0e7b5d8dfa27c81eda1ac
Sha1:   3e22a4f4ac1fd469128de60e1a80433513242071
Sha256: 980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B85A723509F5A620445FD3F9A9CDC443F1BCA31BCAABEF42F7108A481576B41A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13463
Expires: Sun, 04 Dec 2022 16:08:36 GMT
Date: Sun, 04 Dec 2022 12:24:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4797
Cache-Control: max-age=124741
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638bc2f5-138"
Expires: Mon, 05 Dec 2022 23:03:14 GMT
Last-Modified: Sat, 03 Dec 2022 21:43:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /in.js HTTP/1.1 
Host: instore.prisjakt.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.4.123
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 12:24:13 GMT
content-length: 1031
last-modified: Fri, 06 Feb 2015 07:12:58 GMT
etag: "a9f-50e662671d280-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 894
accept-ranges: bytes
set-cookie: __cf_bm=VMHh9fhh9d8nxx8Om3tJ6MDAi1mt9wTpApIlRQle3eU-1670156653-0-AWqH70mEvymlPTISpa7+rw/qlikQDJsjWKCIoJfjYhq/ykzrXYNETTpkA2KljY/iKsexgHHkx7vYeCnNHjV0uCY=; path=/; expires=Sun, 04-Dec-22 12:54:13 GMT; domain=.prisjakt.no; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7744848a8df10b51-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1031
Md5:    fb418ac27bb48675b4803917790b3982
Sha1:   f6c7dcf10618bd0c2d40efe053397999ca9f6c98
Sha256: 7893b875a76fd8e460ebe49c174610b89b1fac032b399e39c6a2520bbee70257
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.14
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 10:46:55 GMT
expires: Sun, 04 Dec 2022 12:46:55 GMT
cache-control: public, max-age=7200
age: 5838
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:13 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:02:17 GMT
Expires: Sun, 11 Dec 2022 06:02:16 GMT
Etag: "6ba0d1078d0c938a50210fa1c0f34f07b64f2e75"
Cache-Control: max-age=581282,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7744848addca0b06-OSL

                                        
                                            GET /js/ld/ld.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         178.250.0.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sun, 04 Dec 2022 12:24:13 GMT
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Mon, 05 Dec 2022 12:24:13 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   25548
Md5:    7f290f16eb022eca98de47aa8fda99c8
Sha1:   17f3ef0847e99d650ef2429f80634d357e575a3f
Sha256: e8dc28a399a6e6e8b5feef701ab959fd59d35003a041ec200659329896c05939
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3514
Cache-Control: max-age=113392
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:54:05 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /plugins/plugin.js?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141 HTTP/1.1 
Host: services14.itxuc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         213.52.87.171
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Server: nginx
Date: Sun, 04 Dec 2022 12:24:13 GMT
Content-Length: 24252
Connection: keep-alive
Set-Cookie: JSESSIONID=5113B65E2773E3AA454CE42A93F9312F; Path=/; Secure; HttpOnly; SameSite=None
ITXVOS: true
Cache-Control: public, max-age=300, must-revalidate
Expires: Sun, 04 Dec 2022 12:29:13 GMT
Last-Modified: Sat, 03 Dec 2022 21:06:42 GMT
ETag: W/"r1012010201670101602622"
Access-Control-Expose-Headers: ETag,Vary
Vary: Origin, Range
ITXVOS-Action: no.itx.portal.web.servletv2.plugins.PluginServlet


--- Additional Info ---
Magic:  ASCII text, with very long lines (24252), with no line terminators
Size:   24252
Md5:    40d2e409cfb34e8f263c27cc4893450d
Sha1:   b26b73f64091c22e94455ad7cfadfa7bf68dfe5b
Sha256: ac547c8de0e393df2c21f50c69a07b1bca65dc27e3ccedad24998fc8bdc9fe8e
                                        
                                            GET /pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.228
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5j/LpyqIuNAPDHv1O2QFfePzDj1PAycQGeoziuIzkkygAOjwhlWFcSeyGUDCNqpSRd8OpLKhpGvZVpQfKgZNFg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 12:24:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            GET /action/0?ti=142000613&tm=gtm002&Ver=2&mid=b158e507-28be-45b2-afc2-57950f8ac354&sid=8e9f7b4073ce11eda667d12adfcca5e1&vid=8e9fa5e073ce11ed932a35d85cc11d4e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&kw=Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&r=https%3A%2F%2Fapi.kelkoogroup.net%2F&lt=747&evt=pageLoad&sv=1&rn=918226 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3E7F8D06B50F637725139F76B4FA6299; domain=.bing.com; expires=Fri, 29-Dec-2023 12:24:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FEF574DDC1A468381D7E1690E67CFEC Ref B: OSL30EDGE0216 Ref C: 2022-12-04T12:24:13Z
date: Sun, 04 Dec 2022 12:24:13 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /r10120.10.2.0/jsv2/lib/babel/regeneratorRuntime.js HTTP/1.1 
Host: static.itxuc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.196.80.229
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 04 Dec 2022 12:24:13 GMT
content-length: 6995
last-modified: Sat, 03 Dec 2022 20:46:26 GMT
etag: "638bb5a2-1b53"
expires: Wed, 29 Nov 2023 12:24:13 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6995), with no line terminators
Size:   6995
Md5:    65afb5c3ff3838e9f91c3b8f083c41e9
Sha1:   82846d481a92a6738ed8496f724aaf97b9efa148
Sha256: 688e51c1099e0876f57f5d13a105544fcf076f2cb267462104576762457e4213
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request