r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6365
Expires: Sun, 04 Dec 2022 14:10:12 GMT
Date: Sun, 04 Dec 2022 12:24:07 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4924
Cache-Control: max-age=170954
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:07 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:53:21 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 12:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 343
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7456
Expires: Sun, 04 Dec 2022 14:28:23 GMT
Date: Sun, 04 Dec 2022 12:24:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IL8dw5HYoFhYWI+zFJPiA+wXakAKedq64AdYa5xJLMLxdTFX9oiGgeiIwOT+8MjzN+qXZOdfu2w=
x-amz-request-id: N7BVJ80S0SY64FBM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 11:46:58 GMT
age: 2229
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
arbimuk.gov.wy5532.com/
200 OK 483 B IP
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (483), with no line terminators
Hash 1f9a494a7ff061cedd9c62e3ede3c7da
bc5ebf44d67dc56d2d8e5d2c584f2d770e30eb93
0fc16c6e01b883945529d01392f5d0bba4559295a92751b659c74bee7d04a3ba
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: arbimuk.gov.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 483
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 12:24:06 GMT
server: nginx
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
arbimuk.gov.wy5532.com/favicon.ico
404 Not Found 9 B URL HTTP/1.1 arbimuk.gov.wy5532.com/favicon.ico
IP
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: arbimuk.gov.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arbimuk.gov.wy5532.com/
Cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 04 Dec 2022 12:24:07 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 910
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4916
Cache-Control: max-age=165879
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:08 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:28:47 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VBwj8GXV48boXYT0hG+NvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vLydqRC+foIDorvTYU+DlBipqQA=
arbimuk.gov.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE2Mzg0NywiaWF0IjoxNjcwMTU2NjQ3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wZDdxNmN2azh1dDZtbDQwYWpxMGEiLCJuYmYiOjE2NzAxNTY2NDcsInRzIjoxNjcwMTU2NjQ3NjQ5NDUzfQ.oJZDatD21Gany7g_fLEXZ35VZ2ewxODjORoybJJovK8&sid=8a19e914-7202-11ed-b1f3-fea64ba8d294
302 Found 11 B URL HTTP/1.1 arbimuk.gov.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE2Mzg0NywiaWF0IjoxNjcwMTU2NjQ3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wZDdxNmN2azh1dDZtbDQwYWpxMGEiLCJuYmYiOjE2NzAxNTY2NDcsInRzIjoxNjcwMTU2NjQ3NjQ5NDUzfQ.oJZDatD21Gany7g_fLEXZ35VZ2ewxODjORoybJJovK8&sid=8a19e914-7202-11ed-b1f3-fea64ba8d294
IP
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE2Mzg0NywiaWF0IjoxNjcwMTU2NjQ3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wZDdxNmN2azh1dDZtbDQwYWpxMGEiLCJuYmYiOjE2NzAxNTY2NDcsInRzIjoxNjcwMTU2NjQ3NjQ5NDUzfQ.oJZDatD21Gany7g_fLEXZ35VZ2ewxODjORoybJJovK8&sid=8a19e914-7202-11ed-b1f3-fea64ba8d294 HTTP/1.1
Host: arbimuk.gov.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arbimuk.gov.wy5532.com/
Cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 04 Dec 2022 12:24:08 GMT
location: http://dipaka-ead.com/zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=8a19e914-7202-11ed-b1f3-fea64ba8d294; path=/; domain=.wy5532.com; expires=Fri, 22 Dec 2090 15:38:15 GMT; max-age=2147483647; HttpOnly
dipaka-ead.com/zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
200 1.1 kB URL HTTP/1.1 dipaka-ead.com/zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fb9d6e63be806a5337208254aacf6dd6
33bac39984dd96d4acafb2aafbde77142a711f11
999596a909bb73e8d375f26c1ac3d848cadfdbb1da606c243c96d51d17d40681
GET /zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://arbimuk.gov.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 04 Dec 2022 12:24:08 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: mucnnlCk
dipaka-ead.com/zcredirect?visitid=8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
200 356 B URL HTTP/1.1 dipaka-ead.com/zcredirect?visitid=8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9d114559ed5dc381324cb32d47063d90
4b16f733768b87ec64f017f9e576275330c9dbde
dbe17731b5f728e5aed60c87ffcb6473d0c9df855bbe13f29d6f5f0dd1cb61b6
GET /zcredirect?visitid=8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 04 Dec 2022 12:24:09 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: BvvRxpog
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fd3734a7e3fb5b355300880e87358a8d
094de452f6902ada77214386b2ae977ed055e16b
10e0eff317372ffa44bcee29d23c4e65ca7a6dc77ae58b67409606404e9740ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10E0EFF317372FFA44BCEE29D23C4E65CA7A6DC77AE58B67409606404E9740EA"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15000
Expires: Sun, 04 Dec 2022 16:34:09 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive
dipaka-ead.com/favicon.ico
404 653 B URL HTTP/1.1 dipaka-ead.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=8cb25cb6-73ce-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sun, 04 Dec 2022 12:24:09 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: BvvRxpog
clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3
200 OK 357 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (357), with no line terminators
Hash d95a91008b4cc4f8cbfa7b79426d32df
b68e278b784b4748b0e0afb1fed4dc2b5c1a728e
065d8a1ce36217c878df5de8c20a2b04bbc3b5bb84ee792c56f2d07b41400690
GET /s/r6?s=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: d8c12e41cd457e9b4f39d0b82f2f0a5d=ca381fcff0691f8ac4a9288ef19172365b526a8f25057976544e614796eedca7a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22d8c12e41cd457e9b4f39d0b82f2f0a5d%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 05-Dec-2022 12:24:09 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 357
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 12:24:09 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 52291
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 52623
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 52282
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 52448
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 52808
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 17848
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3593b5b70a2eb78f89ea0691317d9c5d
a4a6bbead73743725cad87f8b2ab486de8298f30
48dd695e066b8602411762b2985b2d73faf7052d30ab18ed2970c3d74b5106cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48DD695E066B8602411762B2985B2D73FAF7052D30AB18ED2970C3D74B5106CD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Sun, 04 Dec 2022 18:23:25 GMT
Date: Sun, 04 Dec 2022 12:24:09 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=evenstadmusikk.no&s1=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3&s5=cf
200 OK 616 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=evenstadmusikk.no&s1=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3&s5=cf
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Hash 6aeb592d4f84f4eda19c204d5910c75d
0ab4af651f8bc1e642ba63180ba246a49fb45bea
51f302cdddab0e10027b8eb354c030629a44bf0b8fce4e269a524ab9fab50276
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=evenstadmusikk.no&s1=623619497&s2=badious-buzzard&s3=romeo-sic-vqpeyj59e3&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:24:09 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Set-Cookie: ae6e4e26ac8e1eec5114fda81f7689d2=358ec4b3ffcfeb8fcc8e896f355f9de0d8d1c79da66761698af22b54bf1a5786a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22ae6e4e26ac8e1eec5114fda81f7689d2%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Mon, 05-Dec-2022 12:24:09 GMT; Max-Age=86399; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DY3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0%3D%26i%3Dhx7aKG7dap4YT00X%26placementId%3Dac53875f382fe40e15dcd6cfd7d2b2a2&h=b63f84899e02adf9815352838cc33ef2
200 OK 544 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DY3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0%3D%26i%3Dhx7aKG7dap4YT00X%26placementId%3Dac53875f382fe40e15dcd6cfd7d2b2a2&h=b63f84899e02adf9815352838cc33ef2
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash 86501b63f7b6bf7e432a3fd948171cc3
70703d850f557d679932c99dbe97134f9bf047c0
fe44a09879dcc5cb17fd5ce71b37a54c2c6092b5286873ed679f1dd82adc09f0
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DY3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0%3D%26i%3Dhx7aKG7dap4YT00X%26placementId%3Dac53875f382fe40e15dcd6cfd7d2b2a2&h=b63f84899e02adf9815352838cc33ef2 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ae6e4e26ac8e1eec5114fda81f7689d2=358ec4b3ffcfeb8fcc8e896f355f9de0d8d1c79da66761698af22b54bf1a5786a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22ae6e4e26ac8e1eec5114fda81f7689d2%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:24:10 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.10
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b820de7943a1c9a56253dd1af476dd94
c5adc4242ac452aeac015eff52575ca9e820281d
475635b6695de9727ed59e748f096863a5861568e0bcaa2e4211eff80fbbbe45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "475635B6695DE9727ED59E748F096863A5861568E0BCAA2E4211EFF80FBBBE45"
Last-Modified: Sun, 04 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11447
Expires: Sun, 04 Dec 2022 15:34:57 GMT
Date: Sun, 04 Dec 2022 12:24:10 GMT
Connection: keep-alive
api.yadore.com/v2/r/deeplink?e=Y3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0=&i=hx7aKG7dap4YT00X&placementId=ac53875f382fe40e15dcd6cfd7d2b2a2
302 Found 0 B URL HTTP/2 api.yadore.com/v2/r/deeplink?e=Y3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0=&i=hx7aKG7dap4YT00X&placementId=ac53875f382fe40e15dcd6cfd7d2b2a2
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/r/deeplink?e=Y3BXbDlxVkF5dlAxTzhMS1R2MThKVUxxUWkyTm5CYjVudlJGUnduRWdQWE5ucWU2Tk0rampKMHhDREZWYm1VcFFIT3RVQ2ZuYzVYTnFhZXpUMXpJSUFrbTJnRmlQSVZNT01GbEUzWFVSMkZtOGVWcnhqcURHSzRvNytjL2U4RDF4Z29vakJOYkZubDdqZjdKVGdQeUh1RFN0bW5PYXEwQ1VjOVhmYXd3UEVPODNLND0=&i=hx7aKG7dap4YT00X&placementId=ac53875f382fe40e15dcd6cfd7d2b2a2 HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 12:24:10 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fevenstadmusikk.no%2F&custom1=0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 22e11f8af192e92366f173eb23041b67
f2b1fecaf6df9c16cd591147cf39007225438b45
4dede6867686ba1ab80337d45ce055c28ae12e7fad97d02be38e15fb2819e08a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140597
Date: Sun, 04 Dec 2022 12:24:10 GMT
Etag: "638c1317-1d7"
Expires: Tue, 06 Dec 2022 03:27:27 GMT
Last-Modified: Sun, 04 Dec 2022 03:25:11 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3t2_eo7-mAMYUCb8myraX3bFMJ8d45dpL1_MJEWwvinZXDu7VrP76Q==
Age: 136
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fevenstadmusikk.no%2F&custom1=0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132&custom2=SRdytlITOR16&custom3=false
200 OK 32 kB URL HTTP/2 api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fevenstadmusikk.no%2F&custom1=0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132&custom2=SRdytlITOR16&custom3=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 1de8e80762a000a40a47ef73173a335b
d0fc7c5e3937822c4f915a99e1a6ed4f947dcdac
58edd55091a4f5ae6099314ead9d494d0e1da674d74380e8aa3943580687cb3c
GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fevenstadmusikk.no%2F&custom1=0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Cookie: datadome=3UGkLMueA-i4m3bEVTqrXss~_xeQ64I7lqwHjtYzQjhSswDDsjQH~tc3UkRMfDaVvGQMI283cLQB2w-ZvHoTSMBF9~ZzJMl508UF6zMVcwLYman5DxahyYOq_nbEdGlx; kelkooID=a4c6294-184dc5cef64-3923c7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 31985
x-gravitee-transaction-id: f18bc4d8-fade-4661-8bc4-d8fade46615f
x-gravitee-request-id: f18bc4d8-fade-4661-8bc4-d8fade46615f
leadid: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666
clickid: 107698147_1670156650880_12059791
country: no
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
set-cookie: datadome=OCImDP9~d6FpNc-coN62FhudM3OICaUTlZvNz1Y~YRLXiv66B4bSY8r2TIk-7LmBIROU-WNJNoLoAxeFaiYYYvZbqeAM7ijci2SIjmysi~~2BGq8DrjtM~aztCRxD_c; Max-Age=31536000; Expires=Mon, 04 Dec 2023 12:24:11 GMT; SameSite=Lax; Path=/; Domain=.kelkoo.net; Secure
kelkooID=a4c6294-184dc5cef64-3923c7; Max-Age=31536000; Expires=Mon, 04 Dec 2023 12:24:11 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
x-datadome: protected
request-time: PT0.667911S
x-robots-tag: noindex,nofollow
referrer-policy: origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Sun, 04 Dec 2022 12:24:11 GMT
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AOs2p4-cH-elgp6eWPMVZSsGgeW6eAIsT6WADHtBtKreZ4fw13jcAw==
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 3f53e9f2fa63321a82e70198fd59f6fb
04cf9b32445c42b76b580a37e262796d64889b87
ca67fdd771e34f277a8916d23a0815dbed3e1a0ef400e7f18b53397fa1d78665
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6426
Cache-Control: max-age=111220
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:11 GMT
Etag: "638b87c5-1d7"
Expires: Mon, 05 Dec 2022 19:17:51 GMT
Last-Modified: Sat, 03 Dec 2022 17:30:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 3f53e9f2fa63321a82e70198fd59f6fb
04cf9b32445c42b76b580a37e262796d64889b87
ca67fdd771e34f277a8916d23a0815dbed3e1a0ef400e7f18b53397fa1d78665
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5050
Cache-Control: max-age=109844
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:11 GMT
Etag: "638b87c5-1d7"
Expires: Mon, 05 Dec 2022 18:54:55 GMT
Last-Modified: Sat, 03 Dec 2022 17:30:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 3f53e9f2fa63321a82e70198fd59f6fb
04cf9b32445c42b76b580a37e262796d64889b87
ca67fdd771e34f277a8916d23a0815dbed3e1a0ef400e7f18b53397fa1d78665
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:11 GMT
Last-Modified: Sun, 04 Dec 2022 11:35:43 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791
200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=3UGkLMueA-i4m3bEVTqrXss~_xeQ64I7lqwHjtYzQjhSswDDsjQH~tc3UkRMfDaVvGQMI283cLQB2w-ZvHoTSMBF9~ZzJMl508UF6zMVcwLYman5DxahyYOq_nbEdGlx; kelkooID=a4c6294-184dc5cef64-3923c7; _ga=GA1.2.16646053.1670144386; _gid=GA1.2.125778064.1670144386
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:24:11 GMT
Request-Time: PT0.002905S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=88
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef2462604213ef024be1b56e0e8d86f81e6dec509dff07c6ce69ffbcb9025f14958a5bd7b69eb52eb48fb749250a6ced5ac92c2cded9003496422fbe2b1ffb926dbec6b9a157674eee4fa8b423b85a5f69cdffc0af1992de9f8c70cfedc6579e2e87b63c24bb6fc0d02140ebeb59d20b6fbba29c66721121858a7852a56cc4f8e3818278f970cb3dd17ef497e63a514a92eaa3a20d93cb6ad0dc3d737140b4170f194292f5be69c7530305507275f728fed8064d6096f08cd4483c50319a9945fe495491029bcf65870787f10ecb1b713abaa5361fa7fa8dcfb4496bf44f5fcd816d8ce4375f596e5737c40c101fdef1ecf402ef03f2ec03591a1a883a82a09a0480f740c5ef840d87d10a06af6e628623ef1933175&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&clickId=107698147_1670156650880_12059791&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=3UGkLMueA-i4m3bEVTqrXss~_xeQ64I7lqwHjtYzQjhSswDDsjQH~tc3UkRMfDaVvGQMI283cLQB2w-ZvHoTSMBF9~ZzJMl508UF6zMVcwLYman5DxahyYOq_nbEdGlx; kelkooID=a4c6294-184dc5cef64-3923c7; _ga=GA1.2.16646053.1670144386; _gid=GA1.2.125778064.1670144386
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
Date: Sun, 04 Dec 2022 12:24:11 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666
clickId: 107698147_1670156650880_12059791
country: no
Location: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.015996S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=5UXu7UOawZR68VjHZuMg52C2JfHY9pUi89AMBcizlzkd0q6RnwStz8ARLCOLnAZN9IZX6~5aUI6GLjC2t34mDckAsKKVLZPJL0slYfHkB9r8on4q0v7VZSVVN7k0EMmt; Max-Age=31536000; Expires=Mon, 04 Dec 2023 12:24:11 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=85
Connection: Keep-Alive
Content-Type: text/plain
evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
200 OK 22 kB URL HTTP/2 evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
IP
ASN #21119 Braathe Gruppen AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3340), with CRLF, LF line terminators
Hash 97e646dc2c0a2ce13e3bd53bbdfb0ab2
4f9d9a72e726f7e86a7744809465ae5d0313475b
e76a17ead015b84d03ee3484777cc72d2489e31e38e770dc6004a33052db00aa
GET /?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: DENY, DENY
x-aspnet-version: 4.0.30319
set-cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; expires=Sat, 11-Feb-2023 23:04:11 GMT; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; path=/; HttpOnly; SameSite=Lax
McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; expires=Mon, 04-Dec-2023 12:24:11 GMT; path=/; SameSite=Lax
McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; expires=Mon, 04-Dec-2023 12:24:11 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 21542
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
200 OK 36 kB URL HTTP/2 evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash ddb7f27fac893c0f86fdd7287c9e7bcc
28d8915e41266a9dabd9c321e1e4fefcf539d2e4
90dd0b885e1d701a2c2b4f98056fb551e06d297acc3be4b990f5dd062dd88089
GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 35817
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css
200 OK 5.3 kB URL HTTP/2 evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css
IP
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (29049)
Hash fcf3559ffa9e565dab01c36d30a68ac6
bc14a55cf31dcb18672d43d53911189c7a3e0fac
8c747cd13d87d80bd397fd6f33684195100deb27520aec8b343938d5936bcfdf
GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 5256
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
200 OK 59 kB URL HTTP/2 evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css
IP
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Hash 4659df9f7cc6bb95890aa4489f5a1bb1
b6be689693a32e035b8907faa8e1c8efbcad930e
cd7c9ed05995d68c454adbdece28668912e4f008bc92cc6b680c0d7a4bf9f239
GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.css HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 58637
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1
200 OK 1.0 kB URL HTTP/2 evenstadmusikk.no/scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (1823), with no line terminators
Hash d5cbf6e684d066ada657228d15c6a262
19b0fdbf000387738f4d461353ef690967a7c5a4
9d06e957d4ae1913a2be1fc77c90fa5caef509a1d3f985f5d59c6e642160c8c0
GET /scripts/specialoffers.js?v=pkgGl6kFu7beKoc6j6iZhA3Knu5xyVJxTFSnxLoSxcs1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1032
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1
200 OK 1.3 kB URL HTTP/2 evenstadmusikk.no/scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (3914), with no line terminators
Hash 711c5d58494443d5fd28b0209f25837c
0cd7fe531010a72cb4f52bc1aeeaa1a1f5e7e8ce
2d5668b1ebf7be16d0c436bf0c4b624d8863cda63354c710cd7b49b4aad07981
GET /scripts/autocampaigns.js?v=n3tBbxhGbfbVv-EpRYrzDrTG2U8bHxXVzDvv_lu6DHQ1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1260
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/runtime.df29bc903bd9297c5e1d.js
200 OK 998 B URL HTTP/2 evenstadmusikk.no/dist/js/runtime.df29bc903bd9297c5e1d.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (1501)
Hash cab9eab5b4d4eb8fcbd645b6e0bfc52b
1a7d98b4bf9a4db3aaf56c47ad726eebd89389ee
eabe0a9859ebe569ab5116574a9ac136ea385985e3883f7633c8f499eb5223c7
GET /dist/js/runtime.df29bc903bd9297c5e1d.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 998
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/2.0da3ac3e030567eb42ed.bundle.js
200 OK 17 kB URL HTTP/2 evenstadmusikk.no/dist/js/2.0da3ac3e030567eb42ed.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (65074)
Hash 99b90c3783ee788dccde1fe0db90ee8b
7a86c50d42c453f10f0dfb7c9606bdcb751221e7
f8ee55cf8ea6de787a60e07dd5368927ee56b7bc4ed00e78c8dddcb3081e08c3
GET /dist/js/2.0da3ac3e030567eb42ed.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 16763
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main.ce4c6c793c2ece21ca7a.bundle.js
200 OK 11 kB URL HTTP/2 evenstadmusikk.no/dist/js/main.ce4c6c793c2ece21ca7a.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (43050)
Hash fcfe4a392d71570f374119d43f520470
7e53800c88831fbf22b7237c90f239e5a74fedcb
8d214b0d4a15c310485724db332b76bcd8dca354e78fa95d36f7cdef662d82b5
GET /dist/js/main.ce4c6c793c2ece21ca7a.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 10880
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js
200 OK 324 B URL HTTP/2 evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (482)
Hash 179532837400772dd29cd25dd70e12ee
dc3f5c2a19d9883798fc9e1196cd3cf65f7fd468
d42ab38beae6428f2859a7b3a8384b6ea5cb87d273a647b1d34afccac3c518bb
GET /dist/js/5.c97c0cb1fc3aef23e7cb.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 324
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js
200 OK 414 B URL HTTP/2 evenstadmusikk.no/dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (464)
Hash 209b3f0e68089d359864c983d4cb4ea5
56e758ec7b661173fa269a4759a4f4d73e26782e
21445b65e71e5206ba10634da783b06c778d805568bd966e5e85ba535379dc1b
GET /dist/js/main-styles.983569736b6ec5f6a2f6.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 414
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js
200 OK 307 B URL HTTP/2 evenstadmusikk.no/dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js
IP
ASN #21119 Braathe Gruppen AS
Hash ed75b580c347abdaaf2f8e21463a19ec
a29de8f0ba99ca6c7423016f351f2d82515885d9
94ecc976175501ed960a9abf60be6bd189b6007908b48b56784e4b80ba99eac6
GET /dist/js/master-theme-styles-d4.ba0ee3a4a4bf2b25d65c.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 307
X-Firefox-Spdy: h2
evenstadmusikk.no/dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js
200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with very long lines (2901)
Hash a2eb359233bcc9e7f65d149e21ecc20a
2e661c297a24a175fc7bc6316a6c2b4b9b304fc6
f1b03dc42dc988b0bafed04d8e0578ff4909ea98f7b4277828527e128293e50a
GET /dist/js/bid-banner.9963cc1778d143d9e89d.bundle.js HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 07:54:18 GMT
accept-ranges: bytes
etag: "0b117a422f0d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1073
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif
200 OK 37 B URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif
IP
ASN #21119 Braathe Gruppen AS
File type GIF image data, version 87a, 2 x 11\012- data
Hash 6f73aa84eb3170630d812433a7f859ae
5d6f769d44b1a26dc7659047d006310b40dc1666
18052af927c25016d55b3f4dcdf96f767536b94fb29e2713adc5080bdb220fa1
GET /App_Themes/Demonstrare4Dummy/Images/SeperatorArrow.gif HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/gif
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 37
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/MASTER/images/1px_transparent.png
200 OK 141 B URL HTTP/2 evenstadmusikk.no/App_Themes/MASTER/images/1px_transparent.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 273352ef860dea665ed24eed59488efe
14fbeaca4303ceff0662c23a0d13365766db1654
38631a426e372dbe90a52ab1b1f0312d254c3d2559472ced786530f89363295f
GET /App_Themes/MASTER/images/1px_transparent.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 141
X-Firefox-Spdy: h2
evenstadmusikk.no/css/images/flags/no.svg
200 OK 291 B URL HTTP/2 evenstadmusikk.no/css/images/flags/no.svg
IP
ASN #21119 Braathe Gruppen AS
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash b055a104cef55232e01a5ee94d3f72c9
6e43e96b74036e142b0a7270ba7a814671aa885b
2c0800132cf9e6c1a9f64d047984cd9083ccab7770f52db10899369b9f6fb9d3
GET /css/images/flags/no.svg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 291
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41
200 OK 2.5 kB URL HTTP/2 evenstadmusikk.no/scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41
IP
ASN #21119 Braathe Gruppen AS
File type Unicode text, UTF-8 text, with very long lines (5780), with no line terminators
Hash fa66d28df0716c956dc20fb9bc63a36e
819f161f4672dfd51e882a6cd8133d979ce95dd8
e6c59b3f4612e5bcc575a1e1ccc93c66817baca50629aad5d2e1340d29d65130
GET /scripts/askforpriceview.js?v=rlZ5vyozOM1UtB9AJ4mR2v7PO3u6q1uvQh7D8zOIeH41 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 2484
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fevenstadmusikk.no%252F%26custom1%3D0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=16646053.1670144386&tid=UA-168544891-6&_gid=125778064.1670144386&_r=1&cd1=&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&cd3=10846323&cd4=a4c6294-184dc5cef64-3923c7&cd5=&cd6=%7C10846323%7C&z=311407361
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fevenstadmusikk.no%252F%26custom1%3D0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=16646053.1670144386&tid=UA-168544891-6&_gid=125778064.1670144386&_r=1&cd1=&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&cd3=10846323&cd4=a4c6294-184dc5cef64-3923c7&cd5=&cd6=%7C10846323%7C&z=311407361
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Fevenstadmusikk.no%252F%26custom1%3D0c7543ae5341d02b9a266e5624d07d899c4dd1697e78babec10762c2db58a132%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C10846323%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Evenstad%20Musikk&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=16646053.1670144386&tid=UA-168544891-6&_gid=125778064.1670144386&_r=1&cd1=&cd2=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670156651543_1797666&cd3=10846323&cd4=a4c6294-184dc5cef64-3923c7&cd5=&cd6=%7C10846323%7C&z=311407361 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://api.kelkoogroup.net
date: Sun, 04 Dec 2022 12:24:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/United-Kingdom.png
200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/United-Kingdom.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e58fcd8722c906510f344d0b7223d93
31a534aca1b0094344c8d87450e7066e3139b614
8a387d8558f49244c17766a18c27cacebdf97e8135ae386fa8e6aacca8aaa636
GET /App_Themes/Demonstrare2MASTER/Images/Flags/United-Kingdom.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 1132
X-Firefox-Spdy: h2
evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png
200 OK 626 B URL HTTP/2 evenstadmusikk.no/App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 0114e6aac48ec2f163429219fe36a42e
6908b2a4a82c1ac33d40a906ff65780c9b5c60ea
2ff81c8bf1be911f9f376f64b8f7f97e230b96adf6e95892a6a43e1de6a32265
GET /App_Themes/Demonstrare2MASTER/Images/Flags/Norway.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 04 Nov 2022 07:49:36 GMT
accept-ranges: bytes
etag: "0e81fc21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 626
X-Firefox-Spdy: h2
evenstadmusikk.no/userfiles/image/theme/EvenstadD4/logo-ny.png
200 OK 10 kB URL HTTP/2 evenstadmusikk.no/userfiles/image/theme/EvenstadD4/logo-ny.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 295 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e4465aedb678084dec217680cffcc6a
03be16aa6f66a059090ef5aa5445633e4f55d2bc
5744489b7ff9864d5d64834d7efbd373712e29acabdd75fff06abf32d255fe91
GET /userfiles/image/theme/EvenstadD4/logo-ny.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 17 Jan 2022 11:42:53 GMT
accept-ranges: bytes
etag: "21ddab5c97bd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 10352
X-Firefox-Spdy: h2
evenstadmusikk.no/fonts/multicase-icons.woff2?19959973
200 OK 9.0 kB URL HTTP/2 evenstadmusikk.no/fonts/multicase-icons.woff2?19959973
IP
ASN #21119 Braathe Gruppen AS
File type Web Open Font Format (Version 2), TrueType, length 9000, version 1.0\012- data
Hash ae9297c781988524286f15cc0d4523ad
a0cb1b8403f21e6d52ecf39b0f6405932bb69b71
dc06cd9132370d5fe97173d66d4eef4ae4419353ba2eb0f2cd75a530e0441c3b
GET /fonts/multicase-icons.woff2?19959973 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://evenstadmusikk.no/dist/js/5.c97c0cb1fc3aef23e7cb.bundle.css
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/font-woff2
last-modified: Fri, 04 Nov 2022 07:49:38 GMT
accept-ranges: bytes
etag: "01533fd21f0d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 9000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/Campaign/LoadSpecialOffers?_=1670156649915
200 OK 41 B URL HTTP/2 evenstadmusikk.no/api/Campaign/LoadSpecialOffers?_=1670156649915
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with no line terminators
Hash 869a8c7b1da5af6130726896dc38da10
393c31667a6b2a37462994d42e01c7db1efd653b
a823eabc48c16d9fa3176bcda6e8788956b4c7eff3b709f11f63458cab894dbb
GET /api/Campaign/LoadSpecialOffers?_=1670156649915 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 41
X-Firefox-Spdy: h2
evenstadmusikk.no/css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80
200 OK 6.5 kB URL HTTP/2 evenstadmusikk.no/css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash f799e68bcb69dabe8939d2556f0c9bd6
88b49665766539945d9220965a8c0a4889099571
3bf946e26f8b8e155021f2d0ffbc0423a8ec667f084a69526c3b8f92157199c9
GET /css/cust/favicon/apple-touch-icon.png?v=dLmbbyaK80 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Thu, 01 Mar 2018 12:37:56 GMT
accept-ranges: bytes
etag: "0aaa51f5ab1d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 6483
X-Firefox-Spdy: h2
evenstadmusikk.no/favicon.ico?dev=abcdefgh
200 OK 326 B URL HTTP/2 evenstadmusikk.no/favicon.ico?dev=abcdefgh
IP
ASN #21119 Braathe Gruppen AS
File type MS Windows icon resource - 1 icon, 32x32, 2 colors\012- data
Hash 5a4d24568f6a92a0cacfe2f05ba3ae82
aaa07e287c68effb8a81615a19948203609cc54b
e734a7e810d7d2b2e915e621f2e3611fce849940db563fa44829b3aac3df6cdb
GET /favicon.ico?dev=abcdefgh HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/x-icon
last-modified: Thu, 21 Aug 2014 08:17:10 GMT
accept-ranges: bytes
etag: "8d42234e18bdcf1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
content-length: 326
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:26:36 GMT
expires: Wed, 29 Nov 2023 07:26:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 449856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/AreaRenderer/RenderFields
200 OK 22 kB URL HTTP/2 evenstadmusikk.no/api/AreaRenderer/RenderFields
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (22329), with no line terminators
Hash e848eeb5b054ecdad89bb1091c7d8808
d729717def5f75a981a6f3c9cf611559c1d4ea7a
69444b8eb07b882c39337b97a816a0279f7837c5690070607e0b50121f229902
POST /api/AreaRenderer/RenderFields HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 4057
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; expires=Mon, 04-Dec-2023 12:24:11 GMT; path=/; SameSite=Lax
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 22424
X-Firefox-Spdy: h2
evenstadmusikk.no/api/TinyPopup/RenderTinyPopup
200 OK 977 B URL HTTP/2 evenstadmusikk.no/api/TinyPopup/RenderTinyPopup
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, ASCII text, with very long lines (977), with no line terminators
Hash 5a91e9a5dd231efcda1b0e443d374db2
1b0a78777e3352edb6e54c52607573d12c85abbe
82902e2c642af193113b73b451bdfe31c7cda5b3d7192e3b10a0ce9e932b4cbf
POST /api/TinyPopup/RenderTinyPopup HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 977
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
200 OK 920 kB URL HTTP/2 evenstadmusikk.no/api/stylesheet/combined/EvenstadD4.css?version=60
IP
ASN #21119 Braathe Gruppen AS
Size 920 kB (919774 bytes)
Hash ee72bb20a70463e94ffd478741b9d1da
51395fe72f75c40c4ff07c82c9b666a19945653e
7f982dcc166b16f089ed8ee152cf8f939c4e8fa6536c10c706e38f9f90bdefd2
GET /api/stylesheet/combined/EvenstadD4.css?version=60 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/trommer1644415965_scaled_320.Png
200 OK 33 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/trommer1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 59600d0a826009667df5c921e3edaafd
257951c8003daec54dade9abd0b662d7be374ff0
cbee6c8032fc716253c7b4501eada11c8f71aa4904757cadc5158db734afba62
GET /Media/Publisher/ArticleImages/trommer1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 01 Apr 2022 13:26:48 GMT
accept-ranges: bytes
etag: "eb70d24cc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 33417
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 495091
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/tangenter1644415965_scaled_320.Png
200 OK 27 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/tangenter1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 18a8166914dd6d1f9c7884c517083687
9d29bd2090f980ba413a1a9532dda923e22a1f08
bbe528b6b3cd6a18076b8eae3deeb362354c5e878d93eb9c3b508fc5734ffb3d
GET /Media/Publisher/ArticleImages/tangenter1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 01 Apr 2022 13:27:54 GMT
accept-ranges: bytes
etag: "5a7734bcc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 26710
X-Firefox-Spdy: h2
evenstadmusikk.no/userfiles/image/gitarbass.png
200 OK 13 kB URL HTTP/2 evenstadmusikk.no/userfiles/image/gitarbass.png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 4f88540a53bf8bce8475a567babd1802
62c5d8ebc0378bfdf59ff74223668eb792312e55
bc165c6a1deaebc75e4e2e0f0363850f71aec30204bfaa346fde96ba07591130
GET /userfiles/image/gitarbass.png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 01 Apr 2022 13:24:57 GMT
accept-ranges: bytes
etag: "2de076e1cb45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 12880
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/PA%20utstyr1644415965_scaled_320.Png
200 OK 23 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/PA%20utstyr1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash e3fb2a8f3cb3808ce98961cf2dbd1d63
3732e8bc65a0bfd9512a1daaa0cfb56dddad22ea
d8bc3244e063a0e38551672253cc35306e2d8224dd8099dcddca75811a67dc40
GET /Media/Publisher/ArticleImages/PA%20utstyr1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 01 Apr 2022 13:28:40 GMT
accept-ranges: bytes
etag: "f1abb866cc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 23090
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 70 kB IP
Hash 11dc9bdc13f66bfab09bd1a3b937812e
f7248c2da3f8e5611268fe3efdfc50bd81623f5d
c943045f8af16c5b53bd7cfd2ab5edbd1f47f45b1b21b7cb3632f66fb62f437c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/Media/Publisher/ArticleImages/studio%20data%20mikrofoner1644415965_scaled_320.Png
200 OK 25 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/studio%20data%20mikrofoner1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 53e8f8f7b9a778b5200cf9f4743517a1
4e728aa85069f6ebcc027970c8e85db333e4c708
7c0eac9960c2cac77f5942d71100694d2107e13cd670d0f04e659c70892fc302
GET /Media/Publisher/ArticleImages/studio%20data%20mikrofoner1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 01 Apr 2022 13:29:53 GMT
accept-ranges: bytes
etag: "4098fd91cc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 25203
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/DJ%20utstyr1644415965_scaled_320.Png
200 OK 30 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/DJ%20utstyr1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 1644ebf4c77e8cf7230225d806b34d48
29e71b3d5e8d531e6772a009bbc556dd9a753803
c11d075ccf1750d19540d34b94f63e3527dac50b8e1cbbeda70e308179cacd48
GET /Media/Publisher/ArticleImages/DJ%20utstyr1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 01 Apr 2022 13:30:34 GMT
accept-ranges: bytes
etag: "f3969eaacc45d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 29976
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/U_87_Promotion_landscape1644415965_scaled_640.Png
200 OK 213 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/U_87_Promotion_landscape1644415965_scaled_640.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 640 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size 213 kB (212875 bytes)
Hash cb4c2acfc1e5510b51ba33edc8f73021
bc4bc9b8215c1e03d717ef91f9398eeac50868af
2267c6171f9ab13936061c82f34a3b7216024bb98e8e0f3b50537abeb55c5e15
GET /Media/Publisher/ArticleImages/U_87_Promotion_landscape1644415965_scaled_640.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Wed, 30 Nov 2022 12:46:09 GMT
accept-ranges: bytes
etag: "fe1b98b8b94d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 212875
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/WoodrockBanner_38401644415965_scaled_640.Png
200 OK 285 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/WoodrockBanner_38401644415965_scaled_640.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 640 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size 285 kB (285004 bytes)
Hash d17f4958295d0b99aa16364c4602b2a5
a07f7232d8fcd61db25c02311232152bb8cc6e4f
fcf8f0ac10d601afc9e35c7562eed4ddcc27e02086149551a42533f2b6fbb914
GET /Media/Publisher/ArticleImages/WoodrockBanner_38401644415965_scaled_640.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Tue, 29 Nov 2022 08:04:54 GMT
accept-ranges: bytes
etag: "41b5f843c93d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 285004
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/SSDB-Webbanners38_1940x5451644415965_scaled_640.Jpeg
200 OK 21 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/SSDB-Webbanners38_1940x5451644415965_scaled_640.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x180, components 3\012- data
Hash 640ad8bf18b9530191a0340cd194cd0e
436c59539650fd6d8cbc8b4aa720cfb8a6b7cd37
b3ba40f4f1c631f443c1f545f9b64191b6b2e800c015e0da1b4514e0ccb0aa5b
GET /Media/Publisher/ArticleImages/SSDB-Webbanners38_1940x5451644415965_scaled_640.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Thu, 01 Dec 2022 14:02:43 GMT
accept-ranges: bytes
etag: "bfb24958d5d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 21017
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/LagersalgBanner221644415965_scaled_640.Png
200 OK 109 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/LagersalgBanner221644415965_scaled_640.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 640 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size 109 kB (109250 bytes)
Hash db4439a8023eac2c4f5b789c673c497c
2986648fff9a3da68d171182eed02b370fd7a587
a75479e21505d5b1743427d2b1e8ab3ef93960a9a4b8d9418205bb99d0803edd
GET /Media/Publisher/ArticleImages/LagersalgBanner221644415965_scaled_640.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Thu, 27 May 2021 12:31:17 GMT
accept-ranges: bytes
etag: "e32d730f452d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 109250
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Responsive/SetScreenSizeMatched?matched=true&_=1670156649916
200 OK 6 B URL HTTP/2 evenstadmusikk.no/api/Responsive/SetScreenSizeMatched?matched=true&_=1670156649916
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash ebc576222020c2a2ae2fc769169f1d2a
0e1cdc4ff179fdf17f6cc1de1f04f79e3ba63503
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
GET /api/Responsive/SetScreenSizeMatched?matched=true&_=1670156649916 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 6
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/GavekortBanner%20XS1644415965_scaled_1280.Png
200 OK 603 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/GavekortBanner%20XS1644415965_scaled_1280.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 1280 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size 603 kB (603015 bytes)
Hash eadbd757b6281fcded59eb3146cb774b
af7b65ac4f3a1cce5d524300f8250785fed7521a
917f6875d194cac996e0953cf3a0591ff873660f41135f815e6d291cf9f00f41
GET /Media/Publisher/ArticleImages/GavekortBanner%20XS1644415965_scaled_1280.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Fri, 01 Apr 2022 14:05:03 GMT
accept-ranges: bytes
etag: "77cdbf7bd145d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 603015
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25540, version 1.0\012- data
Hash 3dc72cae1a32e87b38144a702ba627e0
bfbc729a34b987cd06d20842c5049ac275ea4139
1c57101bb57275c8c8cafc5d6216131a378c4388a52656ed3770068cd0ab10b9
GET /s/yanonekaffeesatz/v24/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:44:48 GMT
expires: Wed, 29 Nov 2023 23:44:48 GMT
cache-control: public, max-age=31536000
age: 391164
last-modified: Tue, 23 Aug 2022 18:11:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
evenstadmusikk.no/api/SlideOverBox/RenderSlideOverBox
200 OK 920 B URL HTTP/2 evenstadmusikk.no/api/SlideOverBox/RenderSlideOverBox
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, ASCII text, with very long lines (920), with no line terminators
Hash aa4319af842e781d8ef78c6fac1194c4
923cbcb23020323bc4909e6ab91c1f5a82da7882
ea2d8a500bc9d8ee170aae8af5986203069291079869fe9e8b3cb005a84ccf9e
POST /api/SlideOverBox/RenderSlideOverBox HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 920
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
evenstadmusikk.no/api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670156649917
200 OK 1.9 kB URL HTTP/2 evenstadmusikk.no/api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670156649917
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with very long lines (1889), with no line terminators
Hash 5d0f07b192a7b41a55b7f17bd81829ab
a079308a424323a269ebe0b66f69975a07a923ca
c23993b6582e1540dde2801808c2a6698dcc14bff9432be692cb901cdc66de2a
GET /api/Cart/LoadCart?cartName=&hasCarrier=false&guid=&favGuid=&_=1670156649917 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 1889
X-Firefox-Spdy: h2
evenstadmusikk.no/api/OrderbookManagement/GetFavouriteSettings?_=1670156649919
200 OK 29 B URL HTTP/2 evenstadmusikk.no/api/OrderbookManagement/GetFavouriteSettings?_=1670156649919
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- , ASCII text, with no line terminators
Hash efa5e4ce7d2d30bd853f5e49f3390727
e79e5f66d448ebd9a4177b5cbdae7266486b7590
95b096eaa4a28e8d1bd5d14eb376a69087c17d8eb4f85bd2843f194fd2da9b6f
GET /api/OrderbookManagement/GetFavouriteSettings?_=1670156649919 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 29
X-Firefox-Spdy: h2
evenstadmusikk.no/api/AreaRenderer/RenderFields
200 OK 4.6 kB URL HTTP/2 evenstadmusikk.no/api/AreaRenderer/RenderFields
IP
ASN #21119 Braathe Gruppen AS
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (4626), with no line terminators
Hash a6f2dbc1fadad8c30bcc3a998907a31f
4696d4ed42f0185444ab88adddffb9f35a063ec4
9a2f590726de9ed80e0a04d1dc17e135cee6ff981ac3ae144f3506763e8811a8
POST /api/AreaRenderer/RenderFields HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 981
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 4645
X-Firefox-Spdy: h2
evenstadmusikk.no/api/ProductInfo/HasMultipleFavouriteCarts?_=1670156649920
200 OK 5 B URL HTTP/2 evenstadmusikk.no/api/ProductInfo/HasMultipleFavouriteCarts?_=1670156649920
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /api/ProductInfo/HasMultipleFavouriteCarts?_=1670156649920 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 5
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg
200 OK 2.0 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg
IP
ASN #21119 Braathe Gruppen AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 68x67, components 3\012- data
Hash a1465910a001ee5c10bdbb468a945d03
8372b7a8073459dd598478586e50b4f00aed85e6
3b77d4ec27723324fe864c362001b5263f6a5e6c3c9b9b194148a4bd91fe0191
GET /Media/Publisher/ArticleImages/evenstadlogo%20bw1318232963_scaled_3201644415965_scaled_320.Jpeg HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/jpeg
last-modified: Mon, 04 Apr 2022 09:38:27 GMT
accept-ranges: bytes
etag: "858f91bc748d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 2027
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png
200 OK 851 B URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b3bab07d4e9d123055aaaf2df5a212e
0bc878c327e7b5f6fcf2f652cc93b5583ce3641d
418af470f0be5746d7391db907c658d9c4b74bc7b10bdd27fe245807043f338d
GET /Media/Publisher/ArticleImages/facebook1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "eed36467bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 851
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png
200 OK 1.1 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 673f78118abb9a568a6fe579b8349149
a068caa12bbdbc88fec8b39bd7e82ce34c0ea94b
d67d8e824be7bc112f7c094f103eac4179848fbb584d217b7324f2ea6bd27a27
GET /Media/Publisher/ArticleImages/instagram1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 1102
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png
200 OK 891 B URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 8736afd5ed0a28ed6175615d0ec9abf3
d9f28966fa4e2af8a85197f59792da857b109dd9
b2050927a90edc5a9b9fe86fbdaf28e9483d34df614e266aca9d653516cc4ef3
GET /Media/Publisher/ArticleImages/twitter1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 891
X-Firefox-Spdy: h2
evenstadmusikk.no/Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png
200 OK 2.4 kB URL HTTP/2 evenstadmusikk.no/Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png
IP
ASN #21119 Braathe Gruppen AS
File type PNG image data, 96 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fc0a4417800592af0662b12e57cbfe3
e3a00dafcf326d847a360b4d2c3453fad461436b
04dbb85c3e4fce945cefc48d4700a8b7f9290caef7771f8b93396298bf908930
GET /Media/Publisher/ArticleImages/youtube1644415965_scaled_320.Png HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/png
last-modified: Mon, 27 Sep 2021 16:26:20 GMT
accept-ranges: bytes
etag: "45366767bcb3d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 2420
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Stats/CheckForPopupAfterProductVisit
200 OK 5 B URL HTTP/2 evenstadmusikk.no/api/Stats/CheckForPopupAfterProductVisit
IP
ASN #21119 Braathe Gruppen AS
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
POST /api/Stats/CheckForPopupAfterProductVisit HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 32
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
content-length: 5
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M4PR24
200 OK 88 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M4PR24
IP
File type ASCII text, with very long lines (11328)
Hash 25e204a101803f10c8a499ce0e096b20
c03df0e9c26a54a60fd4ecbeb06543f715a9d220
ee51648aad70ff00767b02242acbe50d893d6a564e0aa7166000b5da960a139f
GET /gtm.js?id=GTM-M4PR24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 12:24:12 GMT
expires: Sun, 04 Dec 2022 12:24:12 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670156650732&cv=11&fst=1670156650732&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&rfmt=3&fmt=4
200 OK 976 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1025019056/?random=1670156650732&cv=11&fst=1670156650732&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2181), with no line terminators
Hash 26dff7d7144e5535c9d68087089765b4
6c8cf3390b9facdf1a072b67c96ae3c991e443c5
e3aa63484821d0cfbb2b8286ec26971a3a82b63505e6eb4caf424e966b841721
GET /pagead/viewthroughconversion/1025019056/?random=1670156650732&cv=11&fst=1670156650732&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 976
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 12:39:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.kk-resources.com/leadtag.js
200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP
File type C source, ASCII text, with very long lines (6910)
Hash b9c7aa9898d0e7b5d8dfa27c81eda1ac
3e22a4f4ac1fd469128de60e1a80433513242071
980531f0a81016e3a7a4c3fa56f75e7b791f1f4c09296992221bd766b91a53a0
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2595
Connection: keep-alive
X-Gravitee-Transaction-Id: b7db6459-aedf-48bb-9b64-59aedf48bba7
X-Gravitee-Request-Id: b7db6459-aedf-48bb-9b64-59aedf48bba7
ETag: "05e089e0c08fd98ee6b4f6497ec87752b123fc2f"
Request-Time: 4
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 12 Jul 2022 13:51:05 GMT
Content-Encoding: gzip
Date: Sun, 04 Dec 2022 12:01:36 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HswtDR--TSdvf4-tSZ5aUxVLJ0LKPB4y3OecnlwN16_JrNaBMoqKlw==
Age: 1357
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c81ed25794ec8bb433ce22bfc4d0d4b3
3722daf40ed61492786e0050814f2623e4f7b87f
b85a723509f5a620445fd3f9a9cdc443f1bca31bcaabef42f7108a481576b41a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B85A723509F5A620445FD3F9A9CDC443F1BCA31BCAABEF42F7108A481576B41A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13463
Expires: Sun, 04 Dec 2022 16:08:36 GMT
Date: Sun, 04 Dec 2022 12:24:13 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 312 B IP
Hash 1c5a280d130588f4098f759d4606e5b7
6ee703f50768d46afbe70cc014963ff56b8a04a3
0e44cc312aad8320de54cb8c8438ea503090c3b61b7240d2b466b8ef9ac704a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4797
Cache-Control: max-age=124741
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638bc2f5-138"
Expires: Mon, 05 Dec 2022 23:03:14 GMT
Last-Modified: Sat, 03 Dec 2022 21:43:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312
instore.prisjakt.no/in.js
200 OK 1.0 kB URL HTTP/2 instore.prisjakt.no/in.js
IP
File type ASCII text, with CRLF line terminators
Hash fb418ac27bb48675b4803917790b3982
f6c7dcf10618bd0c2d40efe053397999ca9f6c98
7893b875a76fd8e460ebe49c174610b89b1fac032b399e39c6a2520bbee70257
GET /in.js HTTP/1.1
Host: instore.prisjakt.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/javascript
content-length: 1031
last-modified: Fri, 06 Feb 2015 07:12:58 GMT
etag: "a9f-50e662671d280-gzip"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 894
accept-ranges: bytes
set-cookie: __cf_bm=VMHh9fhh9d8nxx8Om3tJ6MDAi1mt9wTpApIlRQle3eU-1670156653-0-AWqH70mEvymlPTISpa7+rw/qlikQDJsjWKCIoJfjYhq/ykzrXYNETTpkA2KljY/iKsexgHHkx7vYeCnNHjV0uCY=; path=/; expires=Sun, 04-Dec-22 12:54:13 GMT; domain=.prisjakt.no; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7744848a8df10b51-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 10:46:55 GMT
expires: Sun, 04 Dec 2022 12:46:55 GMT
cache-control: public, max-age=7200
age: 5838
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash c174a8460fc91e0fa77ad52a7e8ae593
6ba0d1078d0c938a50210fa1c0f34f07b64f2e75
b525786005fcac6a7db51cb0e792c8d56e76f41c8094240e8cfed32f14fb1b19
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:24:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:02:17 GMT
Expires: Sun, 11 Dec 2022 06:02:16 GMT
Etag: "6ba0d1078d0c938a50210fa1c0f34f07b64f2e75"
Cache-Control: max-age=581282,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7744848addca0b06-OSL
static.criteo.net/js/ld/ld.js
200 OK 26 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 7f290f16eb022eca98de47aa8fda99c8
17f3ef0847e99d650ef2429f80634d357e575a3f
e8dc28a399a6e6e8b5feef701ab959fd59d35003a041ec200659329896c05939
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Mon, 05 Dec 2022 12:24:13 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3514
Cache-Control: max-age=113392
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:54:05 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.google.no/pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
services14.itxuc.com/plugins/plugin.js?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141
200 OK 24 kB URL HTTP/1.1 services14.itxuc.com/plugins/plugin.js?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141
IP
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (24252), with no line terminators
Hash 40d2e409cfb34e8f263c27cc4893450d
b26b73f64091c22e94455ad7cfadfa7bf68dfe5b
ac547c8de0e393df2c21f50c69a07b1bca65dc27e3ccedad24998fc8bdc9fe8e
GET /plugins/plugin.js?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141 HTTP/1.1
Host: services14.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:24:13 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 24252
Connection: keep-alive
Set-Cookie: JSESSIONID=5113B65E2773E3AA454CE42A93F9312F; Path=/; Secure; HttpOnly; SameSite=None
ITXVOS: true
Cache-Control: public, max-age=300, must-revalidate
Expires: Sun, 04 Dec 2022 12:29:13 GMT
Last-Modified: Sat, 03 Dec 2022 21:06:42 GMT
ETag: W/"r1012010201670101602622"
Access-Control-Expose-Headers: ETag,Vary
Vary: Origin, Range
ITXVOS-Action: no.itx.portal.web.servletv2.plugins.PluginServlet
www.google.com/pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1025019056/?random=1670156650732&cv=11&fst=1670155200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&ref=https%3A%2F%2Fapi.kelkoogroup.net%2F&tiba=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&fmt=3&is_vtc=1&random=1611508145&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5j/LpyqIuNAPDHv1O2QFfePzDj1PAycQGeoziuIzkkygAOjwhlWFcSeyGUDCNqpSRd8OpLKhpGvZVpQfKgZNFg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 12:24:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=142000613&tm=gtm002&Ver=2&mid=b158e507-28be-45b2-afc2-57950f8ac354&sid=8e9f7b4073ce11eda667d12adfcca5e1&vid=8e9fa5e073ce11ed932a35d85cc11d4e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&kw=Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=747&evt=pageLoad&sv=1&rn=918226
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=142000613&tm=gtm002&Ver=2&mid=b158e507-28be-45b2-afc2-57950f8ac354&sid=8e9f7b4073ce11eda667d12adfcca5e1&vid=8e9fa5e073ce11ed932a35d85cc11d4e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&kw=Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=747&evt=pageLoad&sv=1&rn=918226
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=142000613&tm=gtm002&Ver=2&mid=b158e507-28be-45b2-afc2-57950f8ac354&sid=8e9f7b4073ce11eda667d12adfcca5e1&vid=8e9fa5e073ce11ed932a35d85cc11d4e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Evenstad%20Musikk%20-%20Kj%C3%B8p%20musikkutstyr%20p%C3%A5%20nett!&kw=Evenstad%20Musikk&p=https%3A%2F%2Fevenstadmusikk.no%2F%3Fkk%3Da4c6294-184dc5cef64-3923c7%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=747&evt=pageLoad&sv=1&rn=918226 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3E7F8D06B50F637725139F76B4FA6299; domain=.bing.com; expires=Fri, 29-Dec-2023 12:24:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FEF574DDC1A468381D7E1690E67CFEC Ref B: OSL30EDGE0216 Ref C: 2022-12-04T12:24:13Z
date: Sun, 04 Dec 2022 12:24:13 GMT
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.0/jsv2/lib/babel/regeneratorRuntime.js
200 OK 7.0 kB URL HTTP/2 static.itxuc.com/r10120.10.2.0/jsv2/lib/babel/regeneratorRuntime.js
IP
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (6995), with no line terminators
Hash 65afb5c3ff3838e9f91c3b8f083c41e9
82846d481a92a6738ed8496f724aaf97b9efa148
688e51c1099e0876f57f5d13a105544fcf076f2cb267462104576762457e4213
GET /r10120.10.2.0/jsv2/lib/babel/regeneratorRuntime.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/javascript
content-length: 6995
last-modified: Sat, 03 Dec 2022 20:46:26 GMT
etag: "638bb5a2-1b53"
expires: Wed, 29 Nov 2023 12:24:13 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3514
Cache-Control: max-age=113392
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 19:54:05 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.itxuc.com/r10120.10.2.0/jsv2/lib/portalPolyfill.js
200 OK 15 kB URL HTTP/2 static.itxuc.com/r10120.10.2.0/jsv2/lib/portalPolyfill.js
IP
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (14558), with no line terminators
Hash 7635320ef1aad608d965da49107b3790
15dae88b9aff31d5c1e4e6a32522ec4168bcdd21
3b31518219d8fa1d0c2fb7cbe9dea153cdd5c2bdda5a4d85a296a7951a563d2a
GET /r10120.10.2.0/jsv2/lib/portalPolyfill.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/javascript
content-length: 14558
last-modified: Sat, 03 Dec 2022 20:46:32 GMT
etag: "638bb5a8-38de"
expires: Wed, 29 Nov 2023 12:24:13 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
static.itxuc.com/r10120.10.2.0/jsv2/lib/itx.js
200 OK 30 kB URL HTTP/2 static.itxuc.com/r10120.10.2.0/jsv2/lib/itx.js
IP
ASN #2116 Globalconnect As
File type Unicode text, UTF-8 text, with very long lines (29485), with no line terminators
Hash d95df38c9816f455aba6cd7b04cf90c0
ab51c120c0402e85217c78e93b9716b474e041b3
849ddc3b541aa63b9011e907495ff56a76a9d263b0113d5c7d4d3c5c397dd880
GET /r10120.10.2.0/jsv2/lib/itx.js HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/javascript
content-length: 29486
last-modified: Sat, 03 Dec 2022 20:46:27 GMT
etag: "638bb5a3-732e"
expires: Wed, 29 Nov 2023 12:24:13 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
accept-ranges: bytes
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5481275-1&cid=512446779.1670156651&jid=1011740622&gjid=1545803258&_gid=1239343837.1670156651&_u=YGBAgAABAAAAAE~&z=660820673
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5481275-1&cid=512446779.1670156651&jid=1011740622&gjid=1545803258&_gid=1239343837.1670156651&_u=YGBAgAABAAAAAE~&z=660820673
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5481275-1&cid=512446779.1670156651&jid=1011740622&gjid=1545803258&_gid=1239343837.1670156651&_u=YGBAgAABAAAAAE~&z=660820673 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://evenstadmusikk.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 12:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 8b129125171aa50e40f0d0e26d1a6c4e
d1376718e6dd2b03aab6f632af2438b8ae3e49b2
96b4c4d6e7843adcee8a1cda47dc0d485752afc26d633c0e97892c6040e460fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4884
Cache-Control: max-age=86652
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638b2dd5-138"
Expires: Mon, 05 Dec 2022 12:28:25 GMT
Last-Modified: Sat, 03 Dec 2022 11:07:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312
bat.bing.com/p/action/142000613.js
200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/142000613.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 17c4dfe7f1fa39275cfde67ad185e9d4
c4c91762795e4b4bfdc2b8cde7d8189c799e72f4
579862499be8016be6864e722f033d48764d35213a513f5fc0f66b0ab5cb37b8
GET /p/action/142000613.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1424
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=3E8998C1D36E6C42044E8AB1D29B6DCB; domain=.bing.com; expires=Fri, 29-Dec-2023 12:24:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20508A1F7ED346DE9C19C35BD4F0F80C Ref B: OSL30EDGE0216 Ref C: 2022-12-04T12:24:13Z
date: Sun, 04 Dec 2022 12:24:13 GMT
X-Firefox-Spdy: h2
services14.itxuc.com/rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no
200 OK 5.7 kB URL HTTP/1.1 services14.itxuc.com/rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no
IP
ASN #2116 Globalconnect As
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5668)
Hash eb08b90b653ac5d3b24252f8ed8ad040
0c129f35aa555c2715b976c7f0b8c6970bb64a2b
702a1dfe78107943c7491f1f4128968c881957b1382e1819af75e724ba251d10
GET /rest/uc/chat/plugin/anonconfig?tokenv2=cac3710d0da4768b2cf7339cd3fd9d19&rcntrl=1406233&ccntrl=60000141&useCorp=60000141&hostname=evenstadmusikk.no HTTP/1.1
Host: services14.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:24:13 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
ITXVOS: true
Cache-Control: public, max-age=300, must-revalidate
Pragma: cache
Expires: Sun, 04 Dec 2022 12:29:13 GMT
Access-Control-Allow-Headers: Content-Type,ITXVOS-Frontend-Version,Content-Length,Content-Disposition,ITXVOS-Mobile-App-Version,Iwp-User-Agent,Date,Object-Map-Response,ITX-Ensure-User
Access-Control-Expose-Headers: Content-Type,ITXVOS-Frontend-Version,Content-Length,Content-Disposition,ITXVOS-Mobile-App-Version,ETag,Date,ITX-Ensure-User-Failure,Vary
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Allow-Credentials: true
ITXVOS-Action: no.itx.portal.web.uc.action.ChatPluginConfigAnonActionGet
ITXVOS-Action-ID: 41011
ITXVOS-Frontend-Version: r10120.10.2.0
ITXVOS-Mobile-App-Version: 1.4.6/1.4.6
ITXVOS-Cached-Resource: No
Last-Modified: Sat, 03 Dec 2022 21:06:52 GMT
ETag: W/"1670101612121C60000141"
Vary: Origin, Range
Set-Cookie: JSESSIONID=D84A9D756C11A7F185E8D5FBE22C87A4; Path=/; Secure; HttpOnly; SameSite=None
iwpsessioncookie=iwpsess; Expires=Mon, 05-Dec-2022 12:24:13 GMT; Path=/; Secure; SameSite=None
gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
200 OK 5.6 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
IP
Hash 08bf07a2b91e41b113c16283a8025bde
27eaa4e93fac36e0eea6cef7a3652dec015cdd1e
163d8885aed7ee9f1766337919a4f34e08e1419cb4d6679d964ea278b18a3d2a
GET /syncframe?topUrl=evenstadmusikk.no&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d41413dd-9845-4363-91c6-0e9de3016a07; expires=Fri, 29 Dec 2023 12:24:13 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 788879
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 3f53e9f2fa63321a82e70198fd59f6fb
04cf9b32445c42b76b580a37e262796d64889b87
ca67fdd771e34f277a8916d23a0815dbed3e1a0ef400e7f18b53397fa1d78665
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6428
Cache-Control: max-age=111220
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638b87c5-1d7"
Expires: Mon, 05 Dec 2022 19:17:53 GMT
Last-Modified: Sat, 03 Dec 2022 17:30:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
s.kelkoogroup.net/k.gif
200 OK 0 B IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: etag
Referer: https://evenstadmusikk.no/
Origin: https://evenstadmusikk.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: d67aa8ff-a949-4ef5-baa8-ffa9498ef5e1
X-Gravitee-Request-Id: d67aa8ff-a949-4ef5-baa8-ffa9498ef5e1
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Allow-Headers: etag
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Date: Sun, 04 Dec 2022 12:24:13 GMT
content-length: 0
s.kelkoogroup.net/k.gif
200 OK 43 B IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /k.gif HTTP/1.1
Host: s.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODRkYzVjZWY2NC0zOTIzYzc=
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Gravitee-Transaction-Id: 85a534b1-b5a5-4e43-a534-b1b5a55e4311
X-Gravitee-Request-Id: 85a534b1-b5a5-4e43-a534-b1b5a55e4311
ETag: a2Vsa29vSWQ9YTRjNjI5NC0xODRkYzVjZWY2NC0zOTIzYzc=
Vary: *,Origin
Pragma: no-cache
Expires: 0
Request-Time: 1
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Access-Control-Allow-Origin: https://evenstadmusikk.no
Access-Control-Expose-Headers: ETag
Access-Control-Allow-Credentials: true
Date: Sun, 04 Dec 2022 12:24:13 GMT
Content-Type: image/gif
content-length: 43
ocsp.digicert.com/
200 OK 313 B IP
Hash 9e9c5381eccb8d6924c2d11a30fed97f
666527f800c563be45bc7a2f5cfab8196f541187
cf89082d1df3adfe44fd5d909555333f4f264dd5a12bbc096ff846df9c663dc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4716
Cache-Control: max-age=110263
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638b8ab9-139"
Expires: Mon, 05 Dec 2022 19:01:56 GMT
Last-Modified: Sat, 03 Dec 2022 17:43:21 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
static.itxuc.com/r10120.10.2.0/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141
200 OK 1.2 kB URL HTTP/2 static.itxuc.com/r10120.10.2.0/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141
IP
ASN #2116 Globalconnect As
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6672761d8d7160dc336f2c08b49b5a96
71bbe70a7be9ddbcddc28275bd643c60aebd042a
2b3b5bd17314a26c6c8d91cf4a3cb590ab075dbfe5b599fd27472323827ecdc0
GET /r10120.10.2.0/plugins/uc/chat/active_chat_helper.html?hostname=evenstadmusikk.no&endpoint=https:%2F%2Fservices14.itxuc.com&token=%3Ftokenv2%3Dcac3710d0da4768b2cf7339cd3fd9d19%26rcntrl%3D1406233%26ccntrl%3D60000141%26useCorp%3D60000141 HTTP/1.1
Host: static.itxuc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: text/html
last-modified: Sat, 03 Dec 2022 20:45:41 GMT
etag: W/"638bb575-bad"
expires: Wed, 29 Nov 2023 12:24:13 GMT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-credentials: true
access-control-expose-headers: Content-Length
pragma: public
cache-control: max-age=31104000, public
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4880
Cache-Control: max-age=169103
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 11:22:36 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash ee00ac7a24f2be13f49a39c476f9f707
98a87636f9dbd123b21b0c4adf164c68603da8ba
6edf8fd4b338be0cfa4ce5fd22a6adc145f0f47576447a03c277bea70a43a5eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4880
Cache-Control: max-age=169103
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:13 GMT
Etag: "638c6fec-139"
Expires: Tue, 06 Dec 2022 11:22:36 GMT
Last-Modified: Sun, 04 Dec 2022 10:01:16 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sid/json?origin=onetag&domain=evenstadmusikk.no&sn=FirefoxSyncframe&so=0&topUrl=evenstadmusikk.no&info=ecUt8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czlscEltSWJwWEd1Rm02cUdQUjEwN3MxZ3d2eVRlNmxMckU4THJYVDlDTTI&idsd=-2144303242,657455963&cw=1&lsw=1
200 OK 319 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=evenstadmusikk.no&sn=FirefoxSyncframe&so=0&topUrl=evenstadmusikk.no&info=ecUt8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czlscEltSWJwWEd1Rm02cUdQUjEwN3MxZ3d2eVRlNmxMckU4THJYVDlDTTI&idsd=-2144303242,657455963&cw=1&lsw=1
IP
File type JSON data\012- , ASCII text, with very long lines (393), with no line terminators
Hash f74707658c62fa35e38754030d215e88
2986a601bf223c96f0bc486701ab37924ea4317f
eaf7a55f93d5207b3b7deb03a88ca7d778d89f7b9fb5d763587c782a05389ad9
GET /sid/json?origin=onetag&domain=evenstadmusikk.no&sn=FirefoxSyncframe&so=0&topUrl=evenstadmusikk.no&info=ecUt8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czlscEltSWJwWEd1Rm02cUdQUjEwN3MxZ3d2eVRlNmxMckU4THJYVDlDTTI&idsd=-2144303242,657455963&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=evenstadmusikk.no&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1327049
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&RedC=c.clarity.ms&MXFR=1521F00F07D3675B3B99E27F03D36910
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=1521F00F07D3675B3B99E27F03D36910; domain=.clarity.ms; expires=Fri, 29-Dec-2023 12:24:14 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 04 Dec 2022 12:24:13 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&RedC=c.clarity.ms&MXFR=1521F00F07D3675B3B99E27F03D36910
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&RedC=c.clarity.ms&MXFR=1521F00F07D3675B3B99E27F03D36910
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&RedC=c.clarity.ms&MXFR=1521F00F07D3675B3B99E27F03D36910 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evenstadmusikk.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&MUID=13AECE47768A6FF82810DC37777F6E57
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=13AECE47768A6FF82810DC37777F6E57; domain=c.bing.com; expires=Fri, 29-Dec-2023 12:24:14 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11CCE56E0E094BE684F4C07F5A3E665D Ref B: OSL30EDGE0216 Ref C: 2022-12-04T12:24:14Z
date: Sun, 04 Dec 2022 12:24:13 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&MUID=13AECE47768A6FF82810DC37777F6E57
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&MUID=13AECE47768A6FF82810DC37777F6E57
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=2A719D4780E642EA8643A214E8A0B099&MUID=13AECE47768A6FF82810DC37777F6E57 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evenstadmusikk.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 04-Dec-2022 12:34:14 GMT; path=/; SameSite=None; Secure;
date: Sun, 04 Dec 2022 12:24:13 GMT
content-length: 42
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 65f296627f8497a3cb09ffb568206aa6
83b00b218b07f479264e106aed4245fe57ebed66
11be55d800fd894015a6b5cf76781442e513ec13fc8671fb070f612bbb2a4f59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11BE55D800FD894015A6B5CF76781442E513EC13FC8671FB070F612BBB2A4F59"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11556
Expires: Sun, 04 Dec 2022 15:36:50 GMT
Date: Sun, 04 Dec 2022 12:24:14 GMT
Connection: keep-alive
apil1.spinnaker-js.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apil1.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 222
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-length: 0
server: nginx/1.20.0
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: content-type, accept, X-Requested-With, X-HTTP-Method-Override, data, X-UA-Compatible
access-control-allow-credentials: false
access-control-max-age: 31536000
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=criteo&uid=k-XaeR44afKcz0rMrIaEO3Gc972MrOq8pCBGGSvA
200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-XaeR44afKcz0rMrIaEO3Gc972MrOq8pCBGGSvA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-XaeR44afKcz0rMrIaEO3Gc972MrOq8pCBGGSvA HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 65f296627f8497a3cb09ffb568206aa6
83b00b218b07f479264e106aed4245fe57ebed66
11be55d800fd894015a6b5cf76781442e513ec13fc8671fb070f612bbb2a4f59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11BE55D800FD894015A6B5CF76781442E513EC13FC8671FB070F612BBB2A4F59"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11556
Expires: Sun, 04 Dec 2022 15:36:50 GMT
Date: Sun, 04 Dec 2022 12:24:14 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 29f462334ce6baf866e677fbdaad6a16
a8a6b76363177e5d3dfe61738c3838dfdc947413
b382cb82c59d72276739707adc8d85be488ee2f3c39aab137e8df621779819bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146925
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638c2c5b-117"
Expires: Tue, 06 Dec 2022 05:12:59 GMT
Last-Modified: Sun, 04 Dec 2022 05:12:59 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4a33571a71bbdaa1dc49d260452dbf14
97576c010bb1abd80daffe60bfc47ef4df6611c5
b57a93217b66e824bc0586b4ca16d9b8c70268eee170929cd92a6008c050696e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152024
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638c2da8-1d7"
Expires: Tue, 06 Dec 2022 06:37:58 GMT
Last-Modified: Sun, 04 Dec 2022 05:18:32 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tOyjM1tC3Tz0YfrZ9JcQzDVuznGoKtIr7WFYHbG5RM9_5EQWomEdHQ==
Age: 4766
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:24:14 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 1081654
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog
302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:24:14 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog&C=1
cf-ray: 774484934f0bb51d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y4yRblB4RW48EF.yuiW02AAA; Path=/; Domain=casalemedia.com; Expires=Mon, 04 Dec 2023 12:24:14 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1870; Path=/; Domain=casalemedia.com; Expires=Sat, 04 Mar 2023 12:24:14 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1870; Path=/; Domain=casalemedia.com; Expires=Sat, 04 Mar 2023 12:24:14 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrHdv3%2B1q4ll4ePdriYdzZs1dnboIImd1OT9CKlKVbcyYJKO9GRPflVNXIoYNMVVPa6%2FxQQTtPO39O5f4WpkOs0rvJitSoUHVVB5bhug5AVMRlCejn%2Buj8is0f93fh3kjmIh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-wz2uDIafKcz0rMrIaEO3Gc972MprKO0N_TmjHA
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-wz2uDIafKcz0rMrIaEO3Gc972MprKO0N_TmjHA
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-wz2uDIafKcz0rMrIaEO3Gc972MprKO0N_TmjHA HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3131582543580250000V10; Expires=Mon, 04 Dec 2023 12:24:14 GMT; domain=.media.net; Path=/;
data-c-ts=1670156654;Expires=Tue, 03 Jan 2023 12:24:14 GMT;path=/;domain=.media.net;
data-c=k-wz2uDIafKcz0rMrIaEO3Gc972MprKO0N_TmjHA~~3;Expires=Tue, 03 Jan 2023 12:24:14 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 04 Dec 2022 12:24:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 12:24:14 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ
302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 45eee5842b260dd0b41cc012a6fc434b
e0aa562f72a0fdc2047ad1d2106fdfbaeac254c9
fc79a2095939d83ee7bb40ad1ddbeaa25955e05653c472927d05547d117a3f36
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm=&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ&google_tc=
date: Sun, 04 Dec 2022 12:24:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 12:39:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 9b291400ef8d62e8f5f54830a122b442
8529df830a0453c7d79438e76b6f880d1d917c62
c3be4fd4a74f01cf1c073ab7785b24391457cff4406030999688815365b19cc5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4959
Cache-Control: max-age=123096
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638bbbe7-1d7"
Expires: Mon, 05 Dec 2022 22:35:50 GMT
Last-Modified: Sat, 03 Dec 2022 21:13:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm=&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm=&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c188655239ad95020883fa8c23c3b5b4
6c05b1bb897669fd2a6452b7f7721431bde0e90e
270bb7838f1f4ea4b08f971156a2e4006fc8da585769c12c5450c80ab938436e
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_cm=&google_hm=ay1maEZBV29hZktjejByTXJJYUVPM0djOTcyTXBPb0t5V3J5ZFl5UQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_error=3
date: Sun, 04 Dec 2022 12:24:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 12:24:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 7e399048-2e3e-446e-bedf-3a642dbbd202
Set-Cookie: uuid2=2851917388759122031; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 12:24:14 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog&C=1
200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-TNxiq4afKcz0rMrIaEO3Gc972MqefhqdCxGAog&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: image/gif
content-length: 43
cf-ray: 774484942823b51d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPJJzMp7y7wsmyOKllUCBb7Ht39ZGGEGF151lgi%2FiW9BoUZVvk33l3V8UWf2yXd5Z%2B%2BgAFtgtF7Xy0y0N%2BHIZtEAApLevfIJOa9ZFgvW3QLU143Upixl1mcUuo8evEhBQSwR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 744520b70d0eae35ac40ece84669ca6c
139a011cb51181708e1fc7bb759debd204bfcf57
31fa10ca032ba89fa8990871d7123213bf7296486ca73c17733aa0b3ea5ed362
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4844
Cache-Control: max-age=137004
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638bf2ae-1d7"
Expires: Tue, 06 Dec 2022 02:27:38 GMT
Last-Modified: Sun, 04 Dec 2022 01:06:54 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 313 B IP
Hash bd713988f2198b52776dbf52f92723ec
a8c3b616316d36a34fcd122233fecb3e7bbf7ac1
1ef638904995777cedae913b933495acf6ab62085f98eeec1ed85c83251313ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4737
Cache-Control: max-age=103763
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638b7140-139"
Expires: Mon, 05 Dec 2022 17:13:37 GMT
Last-Modified: Sat, 03 Dec 2022 15:54:40 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-kCvWz4afKcz0rMrIaEO3Gc972Mo90dUsk7Mf3w&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-kCvWz4afKcz0rMrIaEO3Gc972Mo90dUsk7Mf3w&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-kCvWz4afKcz0rMrIaEO3Gc972Mo90dUsk7Mf3w&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
Content-Type: image/gif
ocsp.digicert.com/
200 OK 471 B IP
Hash 89757b50a8055fe5630793960963e992
4686842e9b109dd056936e47c364dd10995c1293
995c2617619bb86561a6620440002d85f54e42a0c46ee19d9c002c273e29264e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4649
Cache-Control: max-age=101140
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638b6759-1d7"
Expires: Mon, 05 Dec 2022 16:29:54 GMT
Last-Modified: Sat, 03 Dec 2022 15:12:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-5SFOK4afKcz0rMrIaEO3Gc972MrjfAGenOewkQ
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-5SFOK4afKcz0rMrIaEO3Gc972MrjfAGenOewkQ
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-5SFOK4afKcz0rMrIaEO3Gc972MrjfAGenOewkQ HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 04 Dec 2022 12:24:14 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=3438435098267642060; expires=Thu, 04 Jan 2024 12:24:14 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 04 Jan 2024 12:24:14 GMT; domain=smartadserver.com; path=/
csync=79:k-5SFOK4afKcz0rMrIaEO3Gc972MrjfAGenOewkQ; expires=Mon, 04 Dec 2023 12:24:14 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0a0bec46778e4ea5fe7c731704106c6b
d7e26cea7ebebf23caf0bc3bf1f72625de082a54
00fa3a7a44fa56fb7025e159a01e7ec7bc45c5c159adcd0ce48c86eb710d1d21
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 12:24:14 GMT
Last-Modified: Sun, 04 Dec 2022 11:06:32 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ioWFz8_TJSgVLi_QQFM-a9CNKy7IUvB0uS-RNpPDgBERVqFYjS6otg==
Age: 4666
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 12:24:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 289fee85-9ec2-4731-8d9c-653b0261a2cf
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 7f8c921d04d1982f6d86a43a2b4e47a0
c46c062dbccb06ad9eb7d5994c21acc7b7ed958a
6060a7e93037381cad620517facad87735169b0c421b20b121224b49f13b50f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4295
Cache-Control: max-age=99712
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638b6327-1d7"
Expires: Mon, 05 Dec 2022 16:06:06 GMT
Last-Modified: Sat, 03 Dec 2022 14:54:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
criteo-sync.teads.tv/um?eid=80&uid=k-li-3Q4afKcz0rMrIaEO3Gc972MrWCUTamLSgeg
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-li-3Q4afKcz0rMrIaEO3Gc972MrWCUTamLSgeg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-li-3Q4afKcz0rMrIaEO3Gc972MrWCUTamLSgeg HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sun, 04 Dec 2022 12:24:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 12:24:14 GMT
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-F3YKe4afKcz0rMrIaEO3Gc972MoZW3HsntdZOQ
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-F3YKe4afKcz0rMrIaEO3Gc972MoZW3HsntdZOQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-F3YKe4afKcz0rMrIaEO3Gc972MoZW3HsntdZOQ HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:24:14 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: ba2b9e1ba80891c7ea10192f9ad5f4c1
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:24:14 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBG6RjGMCEAbFh3H40JMZ8YBpR2SHX44FEgEBAQHijWOWYwAAAAAA_eMAAA&S=AQAAArqyQLXftx3LMA0r3ZlnyWo; Expires=Mon, 4 Dec 2023 18:24:14 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 25b6359c83340f619ebf9a7bf75be58e
1afc9e9ed1c1c57c8fd6b934489244a25612778a
3e95976d851c18179fa4bff928c3809735d71c27d131359ff839013421aa266c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 12:24:14 GMT
Last-Modified: Sun, 04 Dec 2022 11:01:46 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QF11qpEO6S4QpE-k_srM5RFXcekBvJl7TAGnw0QQpFSgi3033dOmWw==
Age: 4948
cm.adform.net/pixel?adform_pid=15&adform_pc=k-UveORoafKcz0rMrIaEO3Gc972MrQQdEojxzaCg
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-UveORoafKcz0rMrIaEO3Gc972MrQQdEojxzaCg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-UveORoafKcz0rMrIaEO3Gc972MrQQdEojxzaCg HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 20 Jul 2016 07:18:22 GMT
etag: "578f25be-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw
set-cookie: tuuid=2da50151-6b48-4629-aeb0-531dfa9527f3; Expires=Sat, 04 Mar 2023 12:24:14 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670156654; Expires=Sat, 04 Mar 2023 12:24:14 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 781104b37bdb426ff9a2b0e85226d91b
72111d40cf1dad2e72558893d1f04fec64d9a6f9
0660b8819869e10506a3f0cb08f13b3fa45cc39212982ab57143e98ba2540ac9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151149
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638c297b-1d7"
Expires: Tue, 06 Dec 2022 06:23:23 GMT
Last-Modified: Sun, 04 Dec 2022 05:00:43 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MB6MIaz6f2oPBusVkW6qfBzYiVZlE77adDczsGjtM5JJHvMmzd7qOA==
Age: 4960
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3ad43a7a8b270f41308175b62db5732a
12ba23791d4af270f78c4fcfc3fb09636398a651
cd9c4f87165c07494f088237baa4a4838772881e30a7d96bdf1f42a98b188894
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD9C4F87165C07494F088237BAA4A4838772881E30A7D96BDF1F42A98B188894"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3424
Expires: Sun, 04 Dec 2022 13:21:18 GMT
Date: Sun, 04 Dec 2022 12:24:14 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 841aa6e47394e8dcb3126e9fbb88fcdf
6d7a773dbf3759d567c66b907b52e61f5d93f9f9
ba2bf4a41df43d5563181e11c44baf6f58afc3fe13a80050a7ec44cd0882c60b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4753
Cache-Control: max-age=167491
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638c6a20-1d7"
Expires: Tue, 06 Dec 2022 10:55:45 GMT
Last-Modified: Sun, 04 Dec 2022 09:36:32 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ad.yieldlab.net/m?dt_id=8664&ext_id=k-SdO4gIafKcz0rMrIaEO3Gc972MqM_2_ap3DllA
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-SdO4gIafKcz0rMrIaEO3Gc972MqM_2_ap3DllA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-SdO4gIafKcz0rMrIaEO3Gc972MqM_2_ap3DllA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 03 Dec 2022 12:24:14 GMT
Date: Sun, 04 Dec 2022 12:24:14 GMT
Connection: keep-alive
Set-Cookie: id=30ae657f-fa52-4535-b40e-14533ce059b6; Path=/; Domain=prod.svc.y6b.de; Expires=Mon, 04-Dec-2023 12:24:14 GMT; Max-Age=31536000; Secure; SameSite=None
chat.kindlycdn.com/kindly-chat.js
200 OK 83 kB URL HTTP/2 chat.kindlycdn.com/kindly-chat.js
IP
File type Unicode text, UTF-8 text, with very long lines (53382)
Hash f9bebd2a6a3f39a85ccedd3fd4bcbe2f
f8aa205aae23df1c345b81dc2ae130d426d95e10
1ed9ce757f1714f02e731330734f2b658447db87368febcf687e74e6ede12d4d
GET /kindly-chat.js HTTP/1.1
Host: chat.kindlycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduT2VAnFyuoq6TD8oIoNJBhsYyMkfYRaAkxDoJ2uBnwZb5Vq0G1c949LOSvQRZFYIP7LRVTvVng5OEpbOzuYoEofEsHfYpZ
cache-control: public, max-age=1800
expires: Sun, 04 Dec 2022 12:53:13 GMT
last-modified: Tue, 22 Nov 2022 14:26:05 GMT
etag: W/"959d4fd403fd2c6dc47875a52640f6b6"
x-goog-generation: 1669127165705086
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 255889
x-goog-meta-goog-reserved-file-mtime: 1669127158
x-goog-meta-kindly-chat-version: v2.39.8
x-goog-hash: crc32c=9+4mPA==, md5=lZ1P1AP9LG3EeHWlJkD2tg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: HIT
age: 61
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oENPqfLfkEPFMOhwVIiFO9SK7W%2BopBrMlXQdu9TwMLuJtLdIxZ6yUoXBtsd2d3d4t3zMM1am847eTeqgo%2BiSJT7UKpMpyJ9UPljuN7gGhfvuNlFjb3FraBGVAnRKp0YEaoOn6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77448492dd7db500-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e471e4415d227aa6441e48d6543b2f5d
5d31fde87a692fcde1747dfeec56d42caa2338e9
691eac9590299d938d2b2722a1a3ca784a1f2d7b49b2982f372c3becdcb631ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4690
Cache-Control: max-age=154852
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:14 GMT
Etag: "638c3900-1d7"
Expires: Tue, 06 Dec 2022 07:25:06 GMT
Last-Modified: Sun, 04 Dec 2022 06:06:56 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 471 B IP
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:24:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=480153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774484944ea90b06-OSL
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oYrJe4afKcz0rMrIaEO3Gc972Mq3DgxyoOLZ9g
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oYrJe4afKcz0rMrIaEO3Gc972Mq3DgxyoOLZ9g
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oYrJe4afKcz0rMrIaEO3Gc972Mq3DgxyoOLZ9g HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 12:24:14 GMT
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-_2XiBoafKcz0rMrIaEO3Gc972MqO2mGelwxt7w
200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-_2XiBoafKcz0rMrIaEO3Gc972MqO2mGelwxt7w
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-_2XiBoafKcz0rMrIaEO3Gc972MqO2mGelwxt7w HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 04-Dec-2022 12:29:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 04-Dec-2022 12:29:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 04-Dec-2022 12:29:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 04-Dec-2022 12:29:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 04-Dec-2022 12:29:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 04-Dec-2022 12:29:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 04 Dec 2022 12:24:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-YIpkA4afKcz0rMrIaEO3Gc972Mpqk3pM_EaFWw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-KxmSbYafKcz0rMrIaEO3Gc972ModbpNY8mwhzQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 12:24:14 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBG6RjGMCEOoDHYveyQJ9YZ1ZPpI4ingFEgEBAQHijWOWYwAAAAAA_eMAAA&S=AQAAApdXNd32KmqMKE2wZ_VN2Lo; Expires=Mon, 4 Dec 2023 18:24:14 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 215b075f694ff20a273abb7f6f62c24a
800e79b7ef21534a09ca4047ad376b67586da7ad
7ba3b307bc991e400fd7bf5ca602a41d2c1bb1c5489f7db04c6838bf6619972b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 12:24:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 06:40:17 GMT
Expires: Mon, 05 Dec 2022 06:40:17 GMT
ETag: "800e79b7ef21534a09ca4047ad376b67586da7ad"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ&KRTB&23144-uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ&KRTB&23286-uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ&KRTB&23287-uid:k-YdZ354afKcz0rMrIaEO3Gc972MoADrA4_-AEpQ; domain=pubmatic.com; secure; expires=Tue, 03-Jan-2023 12:24:14 GMT; path=/
PugT=1670156654; domain=pubmatic.com; secure; expires=Tue, 03-Jan-2023 12:24:14 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash f6ea289668229920eb646b0178f8a432
51418c31042db3b08ffa3c50a1d7809dc8393ad8
c50efd970149388f8bab4669b66cab41ab381d6347b0489885dc33a4d0d32343
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:24:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 15:11:53 GMT
Expires: Sat, 10 Dec 2022 15:11:52 GMT
Etag: "51418c31042db3b08ffa3c50a1d7809dc8393ad8"
Cache-Control: max-age=527857,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774484955fa9b503-OSL
x.bidswitch.net/sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:24:14 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=e3306b48-a9df-4c12-9172-d7ce4efa8b42; path=/; expires=Mon, 04-Dec-2023 12:24:14 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670156654; path=/; expires=Mon, 04-Dec-2023 12:24:14 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670156654; path=/; expires=Mon, 04-Dec-2023 12:24:14 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670156654; path=/; expires=Mon, 04-Dec-2023 12:24:14 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=09267185641647837373845206647187362737; Max-Age=15552000; Expires=Fri, 02 Jun 2023 12:24:14 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: GGOokqVGQ1U=
Content-Length: 0
Connection: keep-alive
e1.emxdgt.com/put?d=d53&uid=k-LpgpioafKcz0rMrIaEO3Gc972Mo-uWdYrUrRdcHiDehP6XL6
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-LpgpioafKcz0rMrIaEO3Gc972Mo-uWdYrUrRdcHiDehP6XL6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-LpgpioafKcz0rMrIaEO3Gc972Mo-uWdYrUrRdcHiDehP6XL6 HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sun, 04 Dec 2022 12:24:14 GMT
content-length: 0
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-LdaCRoafKcz0rMrIaEO3Gc972Mq4ibIiqW0ukw&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:15 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0df7a788e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: VeOA3HbfRbc=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f5c019434f824ad9785f6d214c4c2b91
f32f6b3d43342ecbef056afc1e160b678a91d856
dbebcf4adfe7ef03b2e80328c69e0f65974162e2d70d9fdbc6e139985f45d960
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89762
Date: Sun, 04 Dec 2022 12:24:15 GMT
Etag: "638b3a89-1d7"
Expires: Mon, 05 Dec 2022 13:20:17 GMT
Last-Modified: Sat, 03 Dec 2022 12:01:13 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ippAFa39efwPdG96ANl3C5mSuI2YHW-OA65t-v98I6wMPo6HF0WJ-Q==
Age: 4744
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ed1905788781e21fddfadbc6e2c81f8b
044863294a2f2e4e79ca468e40b4657a3fe25457
a72dfe1662a88aa1e966ae22e10f9e52924faaf4fc116210e65a42696d40d301
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108710
Date: Sun, 04 Dec 2022 12:24:15 GMT
Etag: "638b83ae-1d7"
Expires: Mon, 05 Dec 2022 18:36:05 GMT
Last-Modified: Sat, 03 Dec 2022 17:13:18 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: v3kNvRzZ0DZGGnTShP138_0GggivKnazHP6jKvi7lrqZw7HtLZiKnw==
Age: 4967
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:24:14 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 847283
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UAGdQoafKcz0rMrIaEO3Gc972MpWxZTK8xyABQ
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UAGdQoafKcz0rMrIaEO3Gc972MpWxZTK8xyABQ
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-UAGdQoafKcz0rMrIaEO3Gc972MpWxZTK8xyABQ HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=7826e3fcbf12f7e08bf0c649d45b698c; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 12:24:14 GMT
content-length: 49
x-envoy-upstream-service-time: 62
server: ayl-lb-fra02
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-asiC74afKcz0rMrIaEO3Gc972Mq5rcT71jCe_g&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-asiC74afKcz0rMrIaEO3Gc972Mq5rcT71jCe_g&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-asiC74afKcz0rMrIaEO3Gc972Mq5rcT71jCe_g&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:15 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g5eaedd5ab14f43a8d13%7C1670156655072%7C0%7C; Domain=.yieldmo.com; Expires=Mon, 04-Dec-2023 12:24:15 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-asiC74afKcz0rMrIaEO3Gc972Mq5rcT71jCe_g; Domain=ads.yieldmo.com; Expires=Mon, 04-Dec-2023 12:24:15 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 85cec64428416d7d04aeb9938de82e61
8390cfbc9a92f4de4c10eb23eb85ce563249f98a
24bbd6dbb6d37e2415598c71670bcb136add875ccfc4588dcce8a73b02b763d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3687
Cache-Control: max-age=88700
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:24:15 GMT
Etag: "638b3a84-1d7"
Expires: Mon, 05 Dec 2022 13:02:35 GMT
Last-Modified: Sat, 03 Dec 2022 12:01:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 12:24:15 GMT
set-cookie: _kuid_=PPNM8B6d; Expires=Fri, 02-Jun-23 12:24:15 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n014-dub-prod.krxd.net
x-request-time: D=127 t=1670156655
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:24:14 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 436401
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1447
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-credentials: true
date: Sun, 04 Dec 2022 12:24:15 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 113852
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-credentials: true
date: Sun, 04 Dec 2022 12:24:15 GMT
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash d67086acc0b1f1071e0a4746f375e82b
e7cb53018be7635f6dc54190084843089d674f36
894222f7e66cbb1a82473fbf1de22aa25f579cde9577488884e061ade54db3a3
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "894222F7E66CBB1A82473FBF1DE22AA25F579CDE9577488884E061ADE54DB3A3"
Last-Modified: Sun, 04 Dec 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2951
Expires: Sun, 04 Dec 2022 13:13:26 GMT
Date: Sun, 04 Dec 2022 12:24:15 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:15 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 9158b340-73ce-11ed-a3e8-0000ac170228
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1979
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-credentials: true
date: Sun, 04 Dec 2022 12:24:16 GMT
X-Firefox-Spdy: h2
apil1.spinnaker-js.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apil1.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 222
Origin: https://evenstadmusikk.no
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:16 GMT
content-length: 0
server: nginx/1.20.0
access-control-allow-origin: https://evenstadmusikk.no
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: content-type, accept, X-Requested-With, X-HTTP-Method-Override, data, X-UA-Compatible
access-control-allow-credentials: false
access-control-max-age: 31536000
X-Firefox-Spdy: h2
cdn.spinnaker-js.com/rc/34349/scripts/s.js
200 OK 0 B URL HTTP/2 cdn.spinnaker-js.com/rc/34349/scripts/s.js
IP
GET /rc/34349/scripts/s.js HTTP/1.1
Host: cdn.spinnaker-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 09:57:52 GMT
x-amz-meta-version: 6.19.18-1.5.0
x-amz-meta-previous: rc/34349/scripts/s-1650275870.js
x-amz-meta-deployeddate: 2022-04-18 09:57:50
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Dec 2022 04:45:28 GMT
etag: W/"bc4303ad7fe6e07dff443f7b21cf3d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Izre1NET8luOluQI7Yt5tTUQ2wCfvtRx-k6Cx1mhoFv10QCMOPvW8g==
age: 27526
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 96647
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-gXocj4afKcz0rMrIaEO3Gc972MqahqnrjbkLszxc3H3Myz4i
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-gXocj4afKcz0rMrIaEO3Gc972MqahqnrjbkLszxc3H3Myz4i
IP
GET /usersync/push?partner=criteo&partnerId=k-gXocj4afKcz0rMrIaEO3Gc972MqahqnrjbkLszxc3H3Myz4i HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2290a9ae90-73ce-11ed-8975-7b5e3ed65140%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 12:24:14 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2290a9ae90-73ce-11ed-8975-7b5e3ed65140%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 12:24:14 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2290a9ae90-73ce-11ed-8975-7b5e3ed65140%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 12:24:14 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2290a9ae90-73ce-11ed-8975-7b5e3ed65140%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 18 Dec 2022 12:24:14 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-gXocj4afKcz0rMrIaEO3Gc972MqahqnrjbkLszxc3H3Myz4i%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Sun, 18 Dec 2022 12:24:14 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-57mwbIafKcz0rMrIaEO3Gc972MrtxlTiqgEKrg
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-57mwbIafKcz0rMrIaEO3Gc972MrtxlTiqgEKrg
IP
GET /sync?UICR=k-57mwbIafKcz0rMrIaEO3Gc972MrtxlTiqgEKrg HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:15 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
evenstadmusikk.no/api/Menu/GetHtmlMenu?nodeId=1000001&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670156649918
200 OK 0 B URL HTTP/2 evenstadmusikk.no/api/Menu/GetHtmlMenu?nodeId=1000001&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670156649918
IP
ASN #21119 Braathe Gruppen AS
GET /api/Menu/GetHtmlMenu?nodeId=1000001&screensize=lg&screensizePixels=1200&width=1280&height=1024&showMobileMenuCollapsed=false&_=1670156649918 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg; sg_cookies={%225619307%22:{%22vid%22:%2228ec0f8e-6006-4286-a40b-f02510f7c618%22%2C%22lw%22:%2212-4-12-24%22%2C%22rf%22:%22https://api.kelkoogroup.net/%22%2C%22pw%22:1%2C%22tc%22:0%2C%22tv%22:1%2C%22192515858_ch%22:%22-1%22%2C%22fp%22:1382457247}}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:12 GMT
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 102382
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=65723&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=BJtN5l9QY3Nva3JuOTIlMkJpY1ZPMGpkZ3FqR2hiemdOWUxtUmVkY3BFR0toQ0tObmxYOFhCJTJCaFBOTm5Nbng2eDR2RGw3TEJhMWROdlJxcTJUUVpqY0VkQUxPYllseGZoUlQ3bVNRSU4lMkZiMlBvUWRxenpKeGduek9iVG1TSlpBcWZIMiUyRlhzMkpqbHVZUGFKOUg5RUNJUW1zWW51USUzRCUzRA&tld=evenstadmusikk.no&fu=https%253A%252F%252Fevenstadmusikk.no%252F%253Fkk%253Da4c6294-184dc5cef64-3923c7%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=65671
200 OK 0 B URL HTTP/2 sslwidget.criteo.com/event?a=65723&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=BJtN5l9QY3Nva3JuOTIlMkJpY1ZPMGpkZ3FqR2hiemdOWUxtUmVkY3BFR0toQ0tObmxYOFhCJTJCaFBOTm5Nbng2eDR2RGw3TEJhMWROdlJxcTJUUVpqY0VkQUxPYllseGZoUlQ3bVNRSU4lMkZiMlBvUWRxenpKeGduek9iVG1TSlpBcWZIMiUyRlhzMkpqbHVZUGFKOUg5RUNJUW1zWW51USUzRCUzRA&tld=evenstadmusikk.no&fu=https%253A%252F%252Fevenstadmusikk.no%252F%253Fkk%253Da4c6294-184dc5cef64-3923c7%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=65671
IP
GET /event?a=65723&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=BJtN5l9QY3Nva3JuOTIlMkJpY1ZPMGpkZ3FqR2hiemdOWUxtUmVkY3BFR0toQ0tObmxYOFhCJTJCaFBOTm5Nbng2eDR2RGw3TEJhMWROdlJxcTJUUVpqY0VkQUxPYllseGZoUlQ3bVNRSU4lMkZiMlBvUWRxenpKeGduek9iVG1TSlpBcWZIMiUyRlhzMkpqbHVZUGFKOUg5RUNJUW1zWW51USUzRCUzRA&tld=evenstadmusikk.no&fu=https%253A%252F%252Fevenstadmusikk.no%252F%253Fkk%253Da4c6294-184dc5cef64-3923c7%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=65671 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 26098701
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41
200 OK 0 B URL HTTP/2 evenstadmusikk.no/scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41
IP
ASN #21119 Braathe Gruppen AS
GET /scripts/web-4.0.js?v=UT230Hepij_Kq8SEtin6YFsQVg5zgW3vFEE3RJV2x_41 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin
IP
GET /css?family=Open+Sans:300,400,700%7CYanone+Kaffeesatz:700,400,300&subset=latin,latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 12:24:12 GMT
date: Sun, 04 Dec 2022 12:24:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=iwBdw180M0RITmhlJTJCZkMwOUJGQlhaMUN2czlscEltSWJwWEd1Rm02cUdQUjEwN3R4MUV5WWwzUlRTS2RDT0d3NGt6UTU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=ecUt8180M0RITmhlJTJCZkMwOUJGQlhaMUN2czlscEltSWJwWEd1Rm02cUdQUjEwN3MxZ3d2eVRlNmxMckU4THJYVDlDTTI; expires=Fri, 29 Dec 2023 12:24:13 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 334565
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/142000613
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/142000613
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/142000613 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=39649a8bd8ec47c6b9d8ee1ef553f92e.20221204.20231204; expires=Mon, 04 Dec 2023 12:24:13 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 0bZGMYwAAAABFlay0A21OQr1l5E0q6keYU1ZHMjBFREdFMDYwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 04 Dec 2022 12:24:13 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0LpKLYwAAAABuhgh91EuWR6eZgSFNEUfZQU1TMDRFREdFMTgxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0bZGMYwAAAAAH0L2ZjGJ8ToDUjnhTWf5LU1ZHMjBFREdFMDYwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 04 Dec 2022 12:24:13 GMT
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-iFQwTIafKcz0rMrIaEO3Gc972MoH7d9qY7Qu1Q
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-iFQwTIafKcz0rMrIaEO3Gc972MoH7d9qY7Qu1Q
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-iFQwTIafKcz0rMrIaEO3Gc972MoH7d9qY7Qu1Q HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:24:14 GMT
x-fastly-to-nlb-rtt: 21949
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 675355
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
evenstadmusikk.no/scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1
200 OK 0 B URL HTTP/2 evenstadmusikk.no/scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1
IP
ASN #21119 Braathe Gruppen AS
GET /scripts/web-defered-4.0.js?v=fN0WFA_YErzDhsWH4WrlY8lI1cQt512_kP0y-_N2FxI1 HTTP/1.1
Host: evenstadmusikk.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/?kk=a4c6294-184dc5cef64-3923c7&utm_campaign=kelkooclick&utm_medium=cpc&utm_source=kelkoono
Cookie: .ASPXANONYMOUS=jgCBJ20-2QEkAAAAYjI2NjczMWEtZWY1Ny00NTJjLWE2NTYtNTg0NzEzNTdjM2Ni9kXGQpZ0G7XhZNYy710MHolXchw1; ASP.NET_SessionId=fdv4czvjj3vshxqw2hig1ndr; McWeb3.15.2-1=SPCId=2415108&DeviceSize=lg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Mon, 04 Dec 2023 12:24:12 GMT
last-modified: Sun, 04 Dec 2022 12:24:12 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge
date: Sun, 04 Dec 2022 12:24:11 GMT
X-Firefox-Spdy: h2
chat.kindlycdn.com/KindlyChat-98be882a307ea1e4d339.js
200 OK 0 B URL HTTP/2 chat.kindlycdn.com/KindlyChat-98be882a307ea1e4d339.js
IP
GET /KindlyChat-98be882a307ea1e4d339.js HTTP/1.1
Host: chat.kindlycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://evenstadmusikk.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycds_3OpX7kVqrCsZCosCgH46PQSw8bfhgNWnK2vIEcOXZcWzO0zA00KuXXatLN8cKer7DMdmt35fEJth-u9YfHoGbGBswZue
cache-control: public, max-age=1800
expires: Sun, 04 Dec 2022 12:26:21 GMT
last-modified: Tue, 22 Nov 2022 14:26:05 GMT
etag: W/"c026a2620a27400d55e835c3a1f2e97a"
x-goog-generation: 1669127165848597
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 478321
x-goog-meta-goog-reserved-file-mtime: 1669127158
x-goog-meta-kindly-chat-version: v2.39.8
x-goog-hash: crc32c=UM2UyA==, md5=wCaiYgonQA1V6DXDofLpeg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: HIT
age: 1168
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZT%2BE0l0Ra1mOa568WCmA4Ah6U9%2F5fyKMSXDFvp%2FY%2BM7t99z60i3j1UtmkEBnKd4CwO%2Fv6SkXObWstasLo1I78gskoOz02GCPR3waaVugtv3DARkazoh5TAltK3ONH5u7vyTGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774484939ea2b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fhFAWoafKcz0rMrIaEO3Gc972MpOoKyWrydYyQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:24:14 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 286272
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
81.171.22.5
13.107.21.200
3.248.100.224
157.240.240.1
104.18.4.123
178.250.0.130
52.28.183.187
23.33.119.27
37.157.4.40
95.211.116.27
23.43.133.70