r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5121
Expires: Fri, 09 Dec 2022 15:07:54 GMT
Date: Fri, 09 Dec 2022 13:42:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8588
Expires: Fri, 09 Dec 2022 16:05:41 GMT
Date: Fri, 09 Dec 2022 13:42:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8432
Expires: Fri, 09 Dec 2022 16:03:05 GMT
Date: Fri, 09 Dec 2022 13:42:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 13:08:18 GMT
content-type: application/json
age: 2055
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown
103.224.182.247302 Found 0 B URL HTTP/1.1 best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown
IP 103.224.182.247:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown HTTP/1.1
Host: best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 13:42:33 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670593353.5114621; expires=Mon, 06-Dec-2032 13:42:33 GMT; Max-Age=315360000
Location: http://ww16.best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown&sub1=20221210-0042-33a1-8ba1-84cd215bf8fd
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r/H8IqvRIYeXrVw3H5ZWhB9RA4eDr1pNwKoSTipgdhz9yy3MDNq3Ln+15qQOvWLJ/Ok6KNqtrFs=
x-amz-request-id: STEHBF74DJSXN3ZB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 12:48:20 GMT
age: 3253
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 13:42:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 13:07:55 GMT
age: 2079
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20140
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 13:42:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20140
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 13:42:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20140
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 13:42:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20140
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 13:42:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20140
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 13:42:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 34527
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 36048
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 74490
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 36487
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 34426
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sVBYLtIioHYKROtAhiQ1BpQyuLqjBNlREaT22evfVPJ1fX1rzO-7WQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 22:39:52 GMT
age: 54162
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6011
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:34 GMT
Last-Modified: Fri, 09 Dec 2022 12:02:23 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ww16.best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown&sub1=20221210-0042-33a1-8ba1-84cd215bf8fd
64.190.63.136200 OK 1.3 kB URL HTTP/1.1 ww16.best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown&sub1=20221210-0042-33a1-8ba1-84cd215bf8fd
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (740)
Hash 36880c09575d92df55f76728cf72b51d
88c1ce01122af5a2d5f540bea7a1381966c91d88
3720cfdfd1799e9cf181a5152a6393be17d86941ee3161b087c109f1f254b30c
GET /install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown&sub1=20221210-0042-33a1-8ba1-84cd215bf8fd HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Fri, 09 Dec 2022 13:42:34 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_NIjgspnghbJJKUsI+8527QN5DDFkuLh7cYxwEUWl6jb/vdE7FaC7MqnqF85cOZ1LCnzVBfYM/sInfJDoUOeuwQ==
last-modified: Fri, 09 Dec 2022 13:42:33 GMT
x-cache-miss-from: parking-7887f445cc-btv6c
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 13:42:35 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Fri, 16 Dec 2022 13:42:35 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: c38f4052f9fd210fe209ff5f90f52212
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY3MDU5MzM1NGRhMGIwZWY1YWQ1MjJjYjg4NDI5MjAwY2FjMjQ1OWFj&crc=2d87583b362716fe0926a5de9deeeb70dadefeac&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY3MDU5MzM1NGRhMGIwZWY1YWQ1MjJjYjg4NDI5MjAwY2FjMjQ1OWFj&crc=2d87583b362716fe0926a5de9deeeb70dadefeac&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY3MDU5MzM1NGRhMGIwZWY1YWQ1MjJjYjg4NDI5MjAwY2FjMjQ1OWFj&crc=2d87583b362716fe0926a5de9deeeb70dadefeac&cv=1 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown&sub1=20221210-0042-33a1-8ba1-84cd215bf8fd
HTTP/1.1 200 OK
date: Fri, 09 Dec 2022 13:42:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-7887f445cc-mflss
server: NginX
ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Devnemn8-tzQ_0&v=MDYxZGViMzc0YTNiOGYxMTFlODRlMjA3OGM4NmQ2NTYJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTJlMC4yMzMyNTk0MQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTk2OS40NTY2MjY1OAkxNjcwNTkzMzU0CWFkXzYzXzA=&l=OAkzODMwMzc1Zjg5ZDk2ZTlkMzY3Y2Q5ZTEwN2VlMDcwYgkwCTM1CTAJYTQwMGYxOTkyZjhkZGEyN2U0MTM1OGVjZGE0MjQ4NzUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjcwNTkzMzU0CTAuMDAwNjUJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 0 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Devnemn8-tzQ_0&v=MDYxZGViMzc0YTNiOGYxMTFlODRlMjA3OGM4NmQ2NTYJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTJlMC4yMzMyNTk0MQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTk2OS40NTY2MjY1OAkxNjcwNTkzMzU0CWFkXzYzXzA=&l=OAkzODMwMzc1Zjg5ZDk2ZTlkMzY3Y2Q5ZTEwN2VlMDcwYgkwCTM1CTAJYTQwMGYxOTkyZjhkZGEyN2U0MTM1OGVjZGE0MjQ4NzUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjcwNTkzMzU0CTAuMDAwNjUJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Devnemn8-tzQ_0&v=MDYxZGViMzc0YTNiOGYxMTFlODRlMjA3OGM4NmQ2NTYJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTJlMC4yMzMyNTk0MQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTk2OS40NTY2MjY1OAkxNjcwNTkzMzU0CWFkXzYzXzA=&l=OAkzODMwMzc1Zjg5ZDk2ZTlkMzY3Y2Q5ZTEwN2VlMDcwYgkwCTM1CTAJYTQwMGYxOTkyZjhkZGEyN2U0MTM1OGVjZGE0MjQ4NzUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjcwNTkzMzU0CTAuMDAwNjUJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown&sub1=20221210-0042-33a1-8ba1-84cd215bf8fd
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Fri, 09 Dec 2022 13:42:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Fri, 09 Dec 2022 13:42:35 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Devnemn8-tzQ_0&v=MDYxZGViMzc0YTNiOGYxMTFlODRlMjA3OGM4NmQ2NTYJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTJlMC4yMzMyNTk0MQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTk2OS40NTY2MjY1OAkxNjcwNTkzMzU0CWFkXzYzXzA=&l=OAkzODMwMzc1Zjg5ZDk2ZTlkMzY3Y2Q5ZTEwN2VlMDcwYgkwCTM1CTAJYTQwMGYxOTkyZjhkZGEyN2U0MTM1OGVjZGE0MjQ4NzUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjcwNTkzMzU0CTAuMDAwNjUJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-7887f445cc-2ksr7
server: NginX
ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Devnemn8-tzQ_0&v=MDYxZGViMzc0YTNiOGYxMTFlODRlMjA3OGM4NmQ2NTYJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTJlMC4yMzMyNTk0MQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTk2OS40NTY2MjY1OAkxNjcwNTkzMzU0CWFkXzYzXzA=&l=OAkzODMwMzc1Zjg5ZDk2ZTlkMzY3Y2Q5ZTEwN2VlMDcwYgkwCTM1CTAJYTQwMGYxOTkyZjhkZGEyN2U0MTM1OGVjZGE0MjQ4NzUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjcwNTkzMzU0CTAuMDAwNjUJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 311 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Devnemn8-tzQ_0&v=MDYxZGViMzc0YTNiOGYxMTFlODRlMjA3OGM4NmQ2NTYJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTJlMC4yMzMyNTk0MQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTk2OS40NTY2MjY1OAkxNjcwNTkzMzU0CWFkXzYzXzA=&l=OAkzODMwMzc1Zjg5ZDk2ZTlkMzY3Y2Q5ZTEwN2VlMDcwYgkwCTM1CTAJYTQwMGYxOTkyZjhkZGEyN2U0MTM1OGVjZGE0MjQ4NzUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjcwNTkzMzU0CTAuMDAwNjUJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 88c6c235a8464c78b62ecc8b5399a719
2336a5a4d2f3be6a26cc27995dd4196c51e022a2
2f9b00346ca9dd626be38d97d52f20f441a200a72ec71087d08827dd14cfc5e2
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Devnemn8-tzQ_0&v=MDYxZGViMzc0YTNiOGYxMTFlODRlMjA3OGM4NmQ2NTYJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTJlMC4yMzMyNTk0MQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzkzM2I0OWMxMTk2OS40NTY2MjY1OAkxNjcwNTkzMzU0CWFkXzYzXzA=&l=OAkzODMwMzc1Zjg5ZDk2ZTlkMzY3Y2Q5ZTEwN2VlMDcwYgkwCTM1CTAJYTQwMGYxOTkyZjhkZGEyN2U0MTM1OGVjZGE0MjQ4NzUJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjcwNTkzMzU0CTAuMDAwNjUJTgkwCTEJMTgwNQkxMjA1CTI2NTEwNjYzCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=9b122252314ctsgecd&version=1.7&pais=Unknown&sub1=20221210-0042-33a1-8ba1-84cd215bf8fd
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Fri, 09 Dec 2022 13:42:35 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Fri, 09 Dec 2022 13:42:35 GMT
location: http://xml.sedodna.com/click?i=evnemn8-tzQ_0
x-cache-miss-from: parking-7887f445cc-dv59s
server: NginX
push.services.mozilla.com/
54.186.117.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.117.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zvhXJXNXRRfk9sZBb939xg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tQVICD9czmT6NyujDTJUWw5ojEk=
xml.sedodna.com/click?i=evnemn8-tzQ_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=evnemn8-tzQ_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=evnemn8-tzQ_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://q2.quotes.com/55cb71a8-77c7-11ed-b8b4-3bf45ac40fd4
Pragma: no-cache
q2.quotes.com/55cb71a8-77c7-11ed-b8b4-3bf45ac40fd4
23.19.76.168200 OK 170 B URL HTTP/1.1 q2.quotes.com/55cb71a8-77c7-11ed-b8b4-3bf45ac40fd4
IP 23.19.76.168:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 1b89bea2c55fa25af934757e3792791d
5364655ff8a1c241c8df3aa4f5dacc5f73be2b8c
401e29bca2521d0f21fc89b9ae969996b3b8749d9c6a833896e553d73d5f3191
GET /55cb71a8-77c7-11ed-b8b4-3bf45ac40fd4 HTTP/1.1
Host: q2.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 13:42:35 GMT
server: nginx
q2.quotes.com/55cb71a8-77c7-11ed-b8b4-3bf45ac40fd4?hr=1
23.19.76.168302 Found 11 B URL HTTP/1.1 q2.quotes.com/55cb71a8-77c7-11ed-b8b4-3bf45ac40fd4?hr=1
IP 23.19.76.168:0
ASN #395954 LEASEWEB-USA-LAX-11
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /55cb71a8-77c7-11ed-b8b4-3bf45ac40fd4?hr=1 HTTP/1.1
Host: q2.quotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 09 Dec 2022 13:42:35 GMT
location: http://ciar-kep.com/zcvisitor/55d6a142-77c7-11ed-9c2f-127bbe85a12b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
server: nginx
ciar-kep.com/zcvisitor/55d6a142-77c7-11ed-9c2f-127bbe85a12b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
3.208.247.235200 1.1 kB URL HTTP/1.1 ciar-kep.com/zcvisitor/55d6a142-77c7-11ed-9c2f-127bbe85a12b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e7f672ff42612968179652c853094998
fcd8fcfd0eb72c19a9dfb125ef549bd91db2db90
af8acc45c1ab7192e0266f3b373d8c2aa8baed1455a3f73999c6011720869462
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /zcvisitor/55d6a142-77c7-11ed-9c2f-127bbe85a12b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 09 Dec 2022 13:42:36 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: BTnzOqhA
ciar-kep.com/zcredirect?visitid=55d6a142-77c7-11ed-9c2f-127bbe85a12b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.208.247.235200 354 B URL HTTP/1.1 ciar-kep.com/zcredirect?visitid=55d6a142-77c7-11ed-9c2f-127bbe85a12b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.208.247.235:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9acd8a66e09cb1a540cc39df4e05d70b
a4af55c1b5292da20b06f6875e34e0c21b260c5d
19058d41439b8ff31784d6c6d1799e08c385676aaee1414531c8d8453ac39fa4
Analyzer Verdict Alert quad9 Sinkholed
GET /zcredirect?visitid=55d6a142-77c7-11ed-9c2f-127bbe85a12b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ciar-kep.com/zcvisitor/55d6a142-77c7-11ed-9c2f-127bbe85a12b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 09 Dec 2022 13:42:36 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: sgsejyYg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec37df219bd4c41f75cc0253979fe3e0
a64a0b7cb3b0babac599847ca33d6e28f5dbaa1b
fadd9f40749b65df34d78af5ac677b60186bca4bb23505f2a7bad7088162487e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FADD9F40749B65DF34D78AF5AC677B60186BCA4BB23505F2A7BAD7088162487E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18226
Expires: Fri, 09 Dec 2022 18:46:22 GMT
Date: Fri, 09 Dec 2022 13:42:36 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=zulu-asp-1ewp8oem0q
78.46.197.88200 OK 352 B URL HTTP/2 clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=zulu-asp-1ewp8oem0q
IP 78.46.197.88:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (352), with no line terminators
Hash 1492987912db752ededc7b2b51914100
cb3a0b237cd0159b3f13ad718ccb389813fce605
1366532495b0823e864987a1173249581598cd26df9e3695c322819219c4f070
GET /s/r6?s=623619497&s2=badious-buzzard&s3=zulu-asp-1ewp8oem0q HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ciar-kep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
set-cookie: 625df41d0264a68da9822ea38d1f8f49=f68ab6415579ce2e8eaa2fc21f5c782e8da33a91ea1ec0ac9ecfca747b67a94da%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22625df41d0264a68da9822ea38d1f8f49%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Sat, 10-Dec-2022 13:42:36 GMT; Max-Age=86400; path=/; HttpOnly
content-length: 352
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 13:42:36 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 79cdce4503d21bc516046d9d886fa36a
6b9175c966d6fca960b71460d3d6a5eb4dd7e8ea
202afc8e3cbcd5611f9e32352577b6a118d2d83807af27e6b2fd27e3be3c2e28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "202AFC8E3CBCD5611F9E32352577B6A118D2D83807AF27E6B2FD27E3BE3C2E28"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7151
Expires: Fri, 09 Dec 2022 15:41:47 GMT
Date: Fri, 09 Dec 2022 13:42:36 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=antonsport.no&s1=623619497&s2=badious-buzzard&s3=zulu-asp-1ewp8oem0q&s5=cf
5.9.110.29200 OK 939 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=antonsport.no&s1=623619497&s2=badious-buzzard&s3=zulu-asp-1ewp8oem0q&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (939), with no line terminators
Hash f83bd89140795405d2be049999c9d0c7
257b52060ab1084a1accb9c829833976d452c01a
a7f46073b52cc1dcc5338ff4c34cbb4b5745f439b6f2e63a28935c0183f9645a
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=antonsport.no&s1=623619497&s2=badious-buzzard&s3=zulu-asp-1ewp8oem0q&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 13:42:37 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Set-Cookie: e7e4fd4c2aa8cb4ebb56634a40ccf8a0=431d6c5f8966f7c50912ae2d3fa553e84cb4dccdea286b1c2bcba45f4a2a70d2a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22e7e4fd4c2aa8cb4ebb56634a40ccf8a0%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Sat, 10-Dec-2022 13:42:37 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DZ3EzR01kbTdTS3o1STdUcHZPME1wbzlWcWZoNmVjUmR1bG5ILzFKR1BCc3lKTCtzV0w2T0ZCeG0wbHhZRXo5a3l6b2xVNUxzMXlqWnJxbVVwWURIdndlYlljekpTdk1GdU4zSkdYZlZXWGdhdlBweHZiUnlNVE1SU0o4eUJNRGpKa2o2N3F4by9XRDgvZ2JJbnVSbEwxbjlZNHE5WmFBZXUzZi9QU05hU2FuL0ltZTVYL3lTWlBZbG5SaktoTitPWlltNGtNNTRYUVFrNDMvM0lEL29BWmZKVzZpRzF1K1dob0Jibm1GZm55ZGtsWVJNNWhNMU9ZYnFNZWpsakVpQ2diSXVmRlRma0NFSFB1UktTazIwTnlRMGY1RGdQQmpjc2ZkVENhRzIxYkQ3RlFqekF4cXNEck0zajhqVGc3SEZ2V0JwQkcxQmhLOEduOW1US293SEtueTk5Ykg0aWxBcW1iWDRQbk5VZlZvamxVZnZER3p4ZGpab2FxbjBac3NUcTJWcG5aNUUrbXZSb2VEbCtNMEJ5elpnbDdTNkh0d0tJQnAwUFE9PQ%3D%3D%26i%3DcKCZWBE4Oe753mWU%26placementId%3D6bf8e578e712dd21e56937daf82e2c2a&h=6e875abb80ced9bfa8374f4ac5caf53c
5.9.110.29200 OK 867 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DZ3EzR01kbTdTS3o1STdUcHZPME1wbzlWcWZoNmVjUmR1bG5ILzFKR1BCc3lKTCtzV0w2T0ZCeG0wbHhZRXo5a3l6b2xVNUxzMXlqWnJxbVVwWURIdndlYlljekpTdk1GdU4zSkdYZlZXWGdhdlBweHZiUnlNVE1SU0o4eUJNRGpKa2o2N3F4by9XRDgvZ2JJbnVSbEwxbjlZNHE5WmFBZXUzZi9QU05hU2FuL0ltZTVYL3lTWlBZbG5SaktoTitPWlltNGtNNTRYUVFrNDMvM0lEL29BWmZKVzZpRzF1K1dob0Jibm1GZm55ZGtsWVJNNWhNMU9ZYnFNZWpsakVpQ2diSXVmRlRma0NFSFB1UktTazIwTnlRMGY1RGdQQmpjc2ZkVENhRzIxYkQ3RlFqekF4cXNEck0zajhqVGc3SEZ2V0JwQkcxQmhLOEduOW1US293SEtueTk5Ykg0aWxBcW1iWDRQbk5VZlZvamxVZnZER3p4ZGpab2FxbjBac3NUcTJWcG5aNUUrbXZSb2VEbCtNMEJ5elpnbDdTNkh0d0tJQnAwUFE9PQ%3D%3D%26i%3DcKCZWBE4Oe753mWU%26placementId%3D6bf8e578e712dd21e56937daf82e2c2a&h=6e875abb80ced9bfa8374f4ac5caf53c
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (867), with no line terminators
Hash 33bf5cd7158d6bc25b2f64feb46e90d6
85cfae75f84b051fbadab796e02b1940feb4b1de
4d876d40410ee67ffd3813192fccf30703c14fc0112a70035d72463deb14c0d5
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%3Fe%3DZ3EzR01kbTdTS3o1STdUcHZPME1wbzlWcWZoNmVjUmR1bG5ILzFKR1BCc3lKTCtzV0w2T0ZCeG0wbHhZRXo5a3l6b2xVNUxzMXlqWnJxbVVwWURIdndlYlljekpTdk1GdU4zSkdYZlZXWGdhdlBweHZiUnlNVE1SU0o4eUJNRGpKa2o2N3F4by9XRDgvZ2JJbnVSbEwxbjlZNHE5WmFBZXUzZi9QU05hU2FuL0ltZTVYL3lTWlBZbG5SaktoTitPWlltNGtNNTRYUVFrNDMvM0lEL29BWmZKVzZpRzF1K1dob0Jibm1GZm55ZGtsWVJNNWhNMU9ZYnFNZWpsakVpQ2diSXVmRlRma0NFSFB1UktTazIwTnlRMGY1RGdQQmpjc2ZkVENhRzIxYkQ3RlFqekF4cXNEck0zajhqVGc3SEZ2V0JwQkcxQmhLOEduOW1US293SEtueTk5Ykg0aWxBcW1iWDRQbk5VZlZvamxVZnZER3p4ZGpab2FxbjBac3NUcTJWcG5aNUUrbXZSb2VEbCtNMEJ5elpnbDdTNkh0d0tJQnAwUFE9PQ%3D%3D%26i%3DcKCZWBE4Oe753mWU%26placementId%3D6bf8e578e712dd21e56937daf82e2c2a&h=6e875abb80ced9bfa8374f4ac5caf53c HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e7e4fd4c2aa8cb4ebb56634a40ccf8a0=431d6c5f8966f7c50912ae2d3fa553e84cb4dccdea286b1c2bcba45f4a2a70d2a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22e7e4fd4c2aa8cb4ebb56634a40ccf8a0%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 13:42:37 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.13
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b92c1d58ddc7f93b7cbd4bc15e1079a7
6c17f651023e5ac08dacc8076f91efe66f1a8c36
ecb6c3d5da65d801d346aa1fd327d18137acdbcd059fc5d82b308474228b9566
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECB6C3D5DA65D801D346AA1FD327D18137ACDBCD059FC5D82B308474228B9566"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=177
Expires: Fri, 09 Dec 2022 13:45:34 GMT
Date: Fri, 09 Dec 2022 13:42:37 GMT
Connection: keep-alive
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3e11173752e4960ef12783f1f9677bbd
6c4c9d064b55b13e727ccb747024b3bf684980d0
cfd8975f30724dd659b4a58ab749fdb6c1223d1825ba5f17c1f55a2242b5a3f2
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2327
Cache-Control: max-age=102413
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:37 GMT
Etag: "63921f43-1d7"
Expires: Sat, 10 Dec 2022 18:09:30 GMT
Last-Modified: Thu, 08 Dec 2022 17:30:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
api.yadore.com/v2/r?e=Z3EzR01kbTdTS3o1STdUcHZPME1wbzlWcWZoNmVjUmR1bG5ILzFKR1BCc3lKTCtzV0w2T0ZCeG0wbHhZRXo5a3l6b2xVNUxzMXlqWnJxbVVwWURIdndlYlljekpTdk1GdU4zSkdYZlZXWGdhdlBweHZiUnlNVE1SU0o4eUJNRGpKa2o2N3F4by9XRDgvZ2JJbnVSbEwxbjlZNHE5WmFBZXUzZi9QU05hU2FuL0ltZTVYL3lTWlBZbG5SaktoTitPWlltNGtNNTRYUVFrNDMvM0lEL29BWmZKVzZpRzF1K1dob0Jibm1GZm55ZGtsWVJNNWhNMU9ZYnFNZWpsakVpQ2diSXVmRlRma0NFSFB1UktTazIwTnlRMGY1RGdQQmpjc2ZkVENhRzIxYkQ3RlFqekF4cXNEck0zajhqVGc3SEZ2V0JwQkcxQmhLOEduOW1US293SEtueTk5Ykg0aWxBcW1iWDRQbk5VZlZvamxVZnZER3p4ZGpab2FxbjBac3NUcTJWcG5aNUUrbXZSb2VEbCtNMEJ5elpnbDdTNkh0d0tJQnAwUFE9PQ==&i=cKCZWBE4Oe753mWU&placementId=6bf8e578e712dd21e56937daf82e2c2a
88.99.112.2302 Found 33 kB URL HTTP/2 api.yadore.com/v2/r?e=Z3EzR01kbTdTS3o1STdUcHZPME1wbzlWcWZoNmVjUmR1bG5ILzFKR1BCc3lKTCtzV0w2T0ZCeG0wbHhZRXo5a3l6b2xVNUxzMXlqWnJxbVVwWURIdndlYlljekpTdk1GdU4zSkdYZlZXWGdhdlBweHZiUnlNVE1SU0o4eUJNRGpKa2o2N3F4by9XRDgvZ2JJbnVSbEwxbjlZNHE5WmFBZXUzZi9QU05hU2FuL0ltZTVYL3lTWlBZbG5SaktoTitPWlltNGtNNTRYUVFrNDMvM0lEL29BWmZKVzZpRzF1K1dob0Jibm1GZm55ZGtsWVJNNWhNMU9ZYnFNZWpsakVpQ2diSXVmRlRma0NFSFB1UktTazIwTnlRMGY1RGdQQmpjc2ZkVENhRzIxYkQ3RlFqekF4cXNEck0zajhqVGc3SEZ2V0JwQkcxQmhLOEduOW1US293SEtueTk5Ykg0aWxBcW1iWDRQbk5VZlZvamxVZnZER3p4ZGpab2FxbjBac3NUcTJWcG5aNUUrbXZSb2VEbCtNMEJ5elpnbDdTNkh0d0tJQnAwUFE9PQ==&i=cKCZWBE4Oe753mWU&placementId=6bf8e578e712dd21e56937daf82e2c2a
IP 88.99.112.2:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 20af4e97821919e96e4a1dfb12089aec
76abafbc845bc8ec18c04458c9f0de1721f76bc3
cbbc45be6a2fd22da39f6b36d60f11f05ec406c6161c3b0f8296c49cac1f245c
GET /v2/r?e=Z3EzR01kbTdTS3o1STdUcHZPME1wbzlWcWZoNmVjUmR1bG5ILzFKR1BCc3lKTCtzV0w2T0ZCeG0wbHhZRXo5a3l6b2xVNUxzMXlqWnJxbVVwWURIdndlYlljekpTdk1GdU4zSkdYZlZXWGdhdlBweHZiUnlNVE1SU0o4eUJNRGpKa2o2N3F4by9XRDgvZ2JJbnVSbEwxbjlZNHE5WmFBZXUzZi9QU05hU2FuL0ltZTVYL3lTWlBZbG5SaktoTitPWlltNGtNNTRYUVFrNDMvM0lEL29BWmZKVzZpRzF1K1dob0Jibm1GZm55ZGtsWVJNNWhNMU9ZYnFNZWpsakVpQ2diSXVmRlRma0NFSFB1UktTazIwTnlRMGY1RGdQQmpjc2ZkVENhRzIxYkQ3RlFqekF4cXNEck0zajhqVGc3SEZ2V0JwQkcxQmhLOEduOW1US293SEtueTk5Ykg0aWxBcW1iWDRQbk5VZlZvamxVZnZER3p4ZGpab2FxbjBac3NUcTJWcG5aNUUrbXZSb2VEbCtNMEJ5elpnbDdTNkh0d0tJQnAwUFE9PQ==&i=cKCZWBE4Oe753mWU&placementId=6bf8e578e712dd21e56937daf82e2c2a HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 13:42:37 GMT
location: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670574231988&.sig=mUxeeFrwoSTmUuJAm5r0bPGutl0-&affiliationId=96965886&comId=100542281&country=no&offerId=0f657da1ea858e922269b7f200aa537f&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.25
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670574231988&.sig=mUxeeFrwoSTmUuJAm5r0bPGutl0-&affiliationId=96965886&comId=100542281&country=no&offerId=0f657da1ea858e922269b7f200aa537f&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=7nPj1lPnL-ima0ZUqNjQ25ufgeNtOW1EfP0Xh0xmM4It8hGUcnvmA80dwBvUjxcCAViGvXgKsQmU9pWrAa0XJAyx6gngiaLhwx5fZpdV1dPTJB1fx~3u-t8h--wnIzBo; kelkooID=a4c6294-184f71fa72a-ab0f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 13:42:37 GMT
Request-Time: PT0.001697S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670574231988&.sig=mUxeeFrwoSTmUuJAm5r0bPGutl0-&affiliationId=96965886&comId=100542281&country=no&offerId=0f657da1ea858e922269b7f200aa537f&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364&custom2=SRdytlITOR16&custom3=false
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=7nPj1lPnL-ima0ZUqNjQ25ufgeNtOW1EfP0Xh0xmM4It8hGUcnvmA80dwBvUjxcCAViGvXgKsQmU9pWrAa0XJAyx6gngiaLhwx5fZpdV1dPTJB1fx~3u-t8h--wnIzBo; kelkooID=a4c6294-184f71fa72a-ab0f1; _ga=GA1.2.1224793993.1670593356; _gid=GA1.2.493301271.1670593356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 13:42:37 GMT
Request-Time: PT0.003433S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=77
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.93200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.93:0
File type ASCII text, with very long lines (65432)
Hash 415a2173b7594522994c0d8b20a61e84
25e995f3ba4c22c8f252550532609cecc9e8e80b
49c82e367a121c73a821d132f5e48c06490731203c241c779ae7c58bfab60da5
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=7nPj1lPnL-ima0ZUqNjQ25ufgeNtOW1EfP0Xh0xmM4It8hGUcnvmA80dwBvUjxcCAViGvXgKsQmU9pWrAa0XJAyx6gngiaLhwx5fZpdV1dPTJB1fx~3u-t8h--wnIzBo; kelkooID=a4c6294-184f71fa72a-ab0f1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 42664
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 07 Dec 2022 10:03:12 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront), 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
date: Fri, 09 Dec 2022 12:52:37 GMT
cache-control: max-age=3600, public
expires: Fri, 09 Dec 2022 13:52:27 GMT
etag: "32de8-5ef3a07422ee0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: rfKfSwJKWBBcwLjMjQ_d242tv9mYxoDKUqbCkI6GmQB7YGk0vHKrPw==
age: 3010
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.27403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670574231988&.sig=mUxeeFrwoSTmUuJAm5r0bPGutl0-&affiliationId=96965886&comId=100542281&country=no&offerId=0f657da1ea858e922269b7f200aa537f&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=7nPj1lPnL-ima0ZUqNjQ25ufgeNtOW1EfP0Xh0xmM4It8hGUcnvmA80dwBvUjxcCAViGvXgKsQmU9pWrAa0XJAyx6gngiaLhwx5fZpdV1dPTJB1fx~3u-t8h--wnIzBo; kelkooID=a4c6294-184f71fa72a-ab0f1; _ga=GA1.2.1224793993.1670593356; _gid=GA1.2.493301271.1670593356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444&url=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444&url=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43705260665475808a7c7b0643c5a9306164ccd55ea68dc55d10d963661ec038d4f5b50796b940d0f6cf3c8fc5514ff05742a20f7f6d05b17f3e1aefa41d894ca8d0bbcbb8eaec980ed7a1f3f6bb88493b699f58993867deb8e83b4b8eecb1645cf4017731ce4223a6ad714e04cf727d8ac98feae9a1100c3562ef03b3981f0839fca531bc7eac00f77999d2b63ab1f04e7be2ac135768e5bde0657ad7ff0600b6f0f975b7c954da57c12e5a15c46d686cf92c9fe55ad8e175d557035e01e54f88a7a2c3fc4c844ce839e4384498f9b5b93bd9cb9022a8415b3af812939f3efbca8fe3ff04b218be2ebad371b536ea636d74bae59c6b5b8dcc6b83facf4130b0fdbbcb7fd22ec359b4d&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&clickId=107698148_1670593357610_2046444&url=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670574231988&.sig=mUxeeFrwoSTmUuJAm5r0bPGutl0-&affiliationId=96965886&comId=100542281&country=no&offerId=0f657da1ea858e922269b7f200aa537f&service=37&tokenId=eef84b7f-8e19-45d1-adee-7c88767dc72d&wait=true&addedParams=true&custom1=c3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364&custom2=SRdytlITOR16&custom3=false
Connection: keep-alive
Cookie: datadome=7nPj1lPnL-ima0ZUqNjQ25ufgeNtOW1EfP0Xh0xmM4It8hGUcnvmA80dwBvUjxcCAViGvXgKsQmU9pWrAa0XJAyx6gngiaLhwx5fZpdV1dPTJB1fx~3u-t8h--wnIzBo; kelkooID=a4c6294-184f71fa72a-ab0f1; _ga=GA1.2.1224793993.1670593356; _gid=GA1.2.493301271.1670593356
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 13:42:37 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866
clickId: 107698148_1670593357610_2046444
country: no
Location: https://www.antonsport.no/patagonia-314-calcite-jacket-m-p19490/andes-blue-xl-v125265?kk=a4c6294-184f71fa72a-ab0f1&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Patagonia+Calcite+Jacket+M
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.016754S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=3bnGe1_7Bu6nC-PQkdondJ3ObSk~O3m88nxk62bqYsc1b5qPL4Y-xXJZcrwn20q4PZrB1SKnXDYvzu8UhYoNS1b4ZZL2ni3q3dxMhdQ4acwFWjy2DqARnTASjAOcGvhh; Max-Age=31536000; Expires=Sat, 09 Dec 2023 13:42:37 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=76
Connection: Keep-Alive
Content-Type: text/plain
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash befe05fb3c85ee9a74ab672aaecb9aa6
a6ffd7600387830e3e1a3173f08d347aea042679
238e4f98a73ff58ae548e020a3c8d36967d5e76ed7051502abb530fc769f4ea2
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 13:42:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:51:18 GMT
Expires: Tue, 13 Dec 2022 13:51:17 GMT
Etag: "a6ffd7600387830e3e1a3173f08d347aea042679"
Cache-Control: max-age=602318,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 247
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776e2a473db20b3d-OSL
api-js.datadome.co/js/
16.170.81.167200 OK 236 B IP 16.170.81.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7a227dfb84886d9c7451ce62db36c885
9fb01f5a5dd68431ae091cb36661994174266b0c
9c0bc83eda58aa077219bad5307b77bed398db2277bd669fee954593303cdcf1
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4081
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:37 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670574231988%26.sig%3DmUxeeFrwoSTmUuJAm5r0bPGutl0-%26affiliationId%3D96965886%26comId%3D100542281%26country%3Dno%26offerId%3D0f657da1ea858e922269b7f200aa537f%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dc3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100542281%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Antonsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1224793993.1670593356&tid=UA-168544891-6&_gid=493301271.1670593356&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&cd3=100542281&cd4=a4c6294-184f71fa72a-ab0f1&cd5=&cd6=96965886%7C100542281%7C&z=416431581
216.239.32.178200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670574231988%26.sig%3DmUxeeFrwoSTmUuJAm5r0bPGutl0-%26affiliationId%3D96965886%26comId%3D100542281%26country%3Dno%26offerId%3D0f657da1ea858e922269b7f200aa537f%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dc3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100542281%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Antonsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1224793993.1670593356&tid=UA-168544891-6&_gid=493301271.1670593356&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&cd3=100542281&cd4=a4c6294-184f71fa72a-ab0f1&cd5=&cd6=96965886%7C100542281%7C&z=416431581
IP 216.239.32.178:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670574231988%26.sig%3DmUxeeFrwoSTmUuJAm5r0bPGutl0-%26affiliationId%3D96965886%26comId%3D100542281%26country%3Dno%26offerId%3D0f657da1ea858e922269b7f200aa537f%26service%3D37%26tokenId%3Deef84b7f-8e19-45d1-adee-7c88767dc72d%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3Dc3553a1bd402d814893132cce3972f5f431222ca0fdb9b02a31ac3131ece8364%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F96965886%7C100542281%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Antonsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1224793993.1670593356&tid=UA-168544891-6&_gid=493301271.1670593356&_r=1&cd1=96965886&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670593357618_788866&cd3=100542281&cd4=a4c6294-184f71fa72a-ab0f1&cd5=&cd6=96965886%7C100542281%7C&z=416431581 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Fri, 09 Dec 2022 13:42:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LcHIFQiAAAAAH-HFy6MtH6V1w9w3-4rwhmNjyKq
142.250.74.132200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcHIFQiAAAAAH-HFy6MtH6V1w9w3-4rwhmNjyKq
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash b4ee1b87e8ce3327d29eff77fc7a3669
66304ba7b226abcfaeb203898d43e6412ce363e2
a2eb025e9aeb099ce023a4d61c5a71a609415206a8a6febf3f9c98bf81a30764
GET /recaptcha/api.js?render=6LcHIFQiAAAAAH-HFy6MtH6V1w9w3-4rwhmNjyKq HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 13:42:39 GMT
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/is1vng2qmut0vjci4ylf.webp
23.38.200.38200 OK 3.6 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/is1vng2qmut0vjci4ylf.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 165x223, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c18ccea8186378200ec6d91e05829dae
5fcd83b47cd04ed61b366da5265fd94431712951
cda5dc5eb1ecb46b6ab323eaced99671c1da57f29c81d79e43b45d245fe4b994
GET /image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/is1vng2qmut0vjci4ylf.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="is1vng2qmut0vjci4ylf.webp"
content-type: image/webp
etag: "c18ccea8186378200ec6d91e05829dae"
last-modified: Thu, 28 Apr 2022 10:42:34 GMT
content-length: 3630
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=3;start=2022-12-09T13:42:39.300Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/bc2hak5xgpycsghsjrlp.webp
23.38.200.38200 OK 6.2 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/bc2hak5xgpycsghsjrlp.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 82513e9a9b5261efa83667ac62c165e5
94afa049c2d9106538a9ccb2c2d9b601884e1294
b20b02a87ca4af0b62c1b1aba4f3c6c0be6f437c81ba25ca9ce76e913157a0a5
GET /image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/bc2hak5xgpycsghsjrlp.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="bc2hak5xgpycsghsjrlp.webp"
content-type: image/webp
etag: "82513e9a9b5261efa83667ac62c165e5"
last-modified: Mon, 28 Sep 2020 08:17:20 GMT
content-length: 6214
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=2;start=2022-12-09T13:42:39.303Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/goib6ecywdlzasoqnnb8.webp
23.38.200.38200 OK 8.2 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/goib6ecywdlzasoqnnb8.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 203x223, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd3bf215198bdbd4b464ec0c169693fb
4a59cab524febafc2232f4f6de4d5eddbc0eaee8
afefc0cc73c91bcbce53d678e8d875acc642a32e33894e5fa7daab5bc3cb9f90
GET /image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/goib6ecywdlzasoqnnb8.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="goib6ecywdlzasoqnnb8.webp"
content-type: image/webp
etag: "bd3bf215198bdbd4b464ec0c169693fb"
last-modified: Mon, 17 Oct 2022 10:16:12 GMT
content-length: 8180
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=1;start=2022-12-09T13:42:39.306Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/k682g3qglvvweodntxlo.webp
23.38.200.38200 OK 2.8 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/k682g3qglvvweodntxlo.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 199x223, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5cce305e507777db65cce3d9e0c1b6a0
29a16c5113ae8d8c835a2b581ed66a63e0ba44de
7f5ada455ea118488ff2e30f8caec3a5902cb330ea60eea3dd35b30322c97116
GET /image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/k682g3qglvvweodntxlo.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="k682g3qglvvweodntxlo.webp"
content-type: image/webp
etag: "5cce305e507777db65cce3d9e0c1b6a0"
last-modified: Fri, 16 Apr 2021 12:48:54 GMT
content-length: 2844
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=1;start=2022-12-09T13:42:39.308Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/gc4abjgpocnxjujtpaue.webp
23.38.200.38200 OK 5.9 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/gc4abjgpocnxjujtpaue.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 438f5fe994e2072db556957febe88c2a
6ff209e1a2cace6e3f1a3744d5f9796dc445443a
f5e52fa0120c6e7d4f69d108c2a875724a01d4aba9b5f3227a08347d295eae8f
GET /image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/gc4abjgpocnxjujtpaue.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="gc4abjgpocnxjujtpaue.webp"
content-type: image/webp
etag: "438f5fe994e2072db556957febe88c2a"
last-modified: Wed, 12 Aug 2020 18:03:08 GMT
content-length: 5932
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=2;start=2022-12-09T13:42:39.321Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/oxhiwtiwwqekutrm4tcg.webp
23.38.200.38200 OK 3.5 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/oxhiwtiwwqekutrm4tcg.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 177x223, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45434e3a40e3cd487271a74152dfa22e
191d770ef4f8e3c3aaa8367c60f174651ecaf862
76e0b1e0846e030b27691fd6fbeab9691f7f075a062cec2ba7c745f134c7a23b
GET /image/upload/e_trim:0/c_fit,g_center,w_363,h_223/q_auto/oxhiwtiwwqekutrm4tcg.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="oxhiwtiwwqekutrm4tcg.webp"
content-type: image/webp
etag: "45434e3a40e3cd487271a74152dfa22e"
last-modified: Fri, 29 Apr 2022 10:55:49 GMT
content-length: 3474
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=2;start=2022-12-09T13:42:39.325Z;desc=hit,rtt;dur=2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 9.4 kB IP 142.250.74.131:0
Hash 2cb301bf955ee4492a05627ab828f3ad
a9de5609526f71f3727f20444370f753e0f3db8a
0e2396396698a5ab40f37ea64b02744f48ecdd1cf76fd7f9ebfe12b1107e8ca9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 3.9 kB IP 93.184.220.29:0
Hash 3f8dda4ef33f3dcec3223916f8b98047
a4cbde6b7dcfb9bca0d6c5da4fa672b5176b8962
1d4210051668e13aee3e0814598cc1749feb75b60aaa9e32bad2f246220189f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4515
Cache-Control: max-age=87341
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:39 GMT
Etag: "6391dbd9-117"
Expires: Sat, 10 Dec 2022 13:58:20 GMT
Last-Modified: Thu, 08 Dec 2022 12:43:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 10 kB IP 142.250.74.131:0
Hash 767e8437c1ceac962ea1424659a5736d
6baa7dfdc8713a7c5dfdd35ab72e85c542498c2d
d584247ae106867a8536f17d024855adfc8c1cdea19c6bda6b30024d4fc16b4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rsms.me/inter/inter.css
104.21.78.162200 OK 10 kB IP 104.21.78.162:0
File type Unicode text, UTF-8 text, with very long lines (6846)
Hash 250d33eed023fb1b3059864759719373
311fd1ddd537a8c72213e39814063d5971c65d1f
3e56da088a209609c11502aa38b8f76be12c43da6aae842273a0692723ce7476
GET /inter/inter.css HTTP/1.1
Host: rsms.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zizr.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:39 GMT
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 04 Oct 2022 15:53:21 GMT
access-control-allow-origin: *
etag: W/"633c56f1-1490"
expires: Fri, 09 Dec 2022 03:40:18 GMT
cache-control: max-age=14400
x-proxy-cache: HIT
x-github-request-id: 0821:8122:54D276:576B89:633C5749
via: 1.1 varnish
age: 54
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664899213.652545,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: 30b439f3b7737e36e775d6bfcb26bf5286f95667
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vz1nMpucLEZAqKj3uk0IJ%2BhNfg6izJ38ejZCURMXqkjsEJPtsxVhFs23GS3HrHxOL4iBV5BElBO3kBExxepoMKdmn5UIUjH24n2ivmMrZFpzn%2Fhp1lsANZg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776e2a505fb20af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PD2NKQ
172.217.21.168200 OK 150 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PD2NKQ
IP 172.217.21.168:0
File type Unicode text, UTF-8 text, with very long lines (5503)
Size 150 kB (150291 bytes)
Hash a531043a68efcbd5f13d8eb9021407b8
316383503a5ef0f7c1b86cd52390b7f1e12495af
a457666e3c401f8057f6824876aa813728e735197c15d2893a4a94ce612d33f2
GET /gtm.js?id=GTM-PD2NKQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 13:42:39 GMT
expires: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/qlqb9w47vof2xp9nqpz4.webp
23.38.200.38200 OK 2.0 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/qlqb9w47vof2xp9nqpz4.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7e5e5485cc7e5d925973add966511805
56befb920e2e12a812848448fdd3618716704a7d
07c317f16a1b1d06ecbbd28c252c168ee14b7742d568efdf2e38a897291afdaa
GET /image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/qlqb9w47vof2xp9nqpz4.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="qlqb9w47vof2xp9nqpz4.webp"
content-type: image/webp
etag: "7e5e5485cc7e5d925973add966511805"
last-modified: Thu, 02 Sep 2021 21:47:12 GMT
content-length: 2026
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=231;cpu=70;start=2022-12-09T13:42:39.314Z;desc=miss,rtt;dur=1,cloudinary;dur=64;start=2022-12-09T13:42:39.395Z
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/epjhfw4mhngsbicaiy2g.webp
23.38.200.38200 OK 912 B URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/epjhfw4mhngsbicaiy2g.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 68adfc39b52d6e26e37b8e7a3977fd13
a0e201bc521de1abfbede19026652bc86b7edd58
0c9cd591c443a78359aade2931a275e484782c55692a6241e096b00caa5ce18c
GET /image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/epjhfw4mhngsbicaiy2g.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="epjhfw4mhngsbicaiy2g.webp"
content-type: image/webp
etag: "68adfc39b52d6e26e37b8e7a3977fd13"
last-modified: Sun, 25 Apr 2021 12:30:54 GMT
content-length: 912
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=254;cpu=115;start=2022-12-09T13:42:39.316Z;desc=miss,rtt;dur=1,cloudinary;dur=48;start=2022-12-09T13:42:39.410Z
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/w_75,h_75,c_fit,c_limit/e_unsharp_mask:50/q_auto,f_auto/eaktqdrioyxpefxtnrwj
23.38.200.38200 OK 1.4 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/w_75,h_75,c_fit,c_limit/e_unsharp_mask:50/q_auto,f_auto/eaktqdrioyxpefxtnrwj
IP 23.38.200.38:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x75, components 3\012- data
Hash 8c542e8a3f943e74deb70c72ce89ee66
10658c1fcc3a5ef409b486e370993e34068f389a
d520f84b71b13ecec8c7adc07ea23a59ad936b3ee2280bcb14ee3fc3952ed87f
GET /image/upload/e_trim:0/w_75,h_75,c_fit,c_limit/e_unsharp_mask:50/q_auto,f_auto/eaktqdrioyxpefxtnrwj HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: "8c542e8a3f943e74deb70c72ce89ee66"
last-modified: Sun, 25 Apr 2021 12:30:53 GMT
content-length: 1420
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=336;cpu=240;start=2022-12-09T13:42:39.310Z;desc=miss,rtt;dur=1,cloudinary;dur=18;start=2022-12-09T13:42:39.574Z
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/w_75,h_75,c_fit,c_limit/e_unsharp_mask:50/q_auto,f_auto/epjhfw4mhngsbicaiy2g
23.38.200.38200 OK 2.0 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/w_75,h_75,c_fit,c_limit/e_unsharp_mask:50/q_auto,f_auto/epjhfw4mhngsbicaiy2g
IP 23.38.200.38:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 54x75, components 3\012- data
Hash 883e401c04048f662ff12c5c8be9d06d
0b5672c3343e422e1003fe85059b37042f9961ef
0308f26be8baaf459982014a3756aeea392513eccd91f47e2306e16aa334cc28
GET /image/upload/e_trim:0/w_75,h_75,c_fit,c_limit/e_unsharp_mask:50/q_auto,f_auto/epjhfw4mhngsbicaiy2g HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: "883e401c04048f662ff12c5c8be9d06d"
last-modified: Sun, 25 Apr 2021 12:30:54 GMT
content-length: 1951
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=329;cpu=73;start=2022-12-09T13:42:39.318Z;desc=miss,rtt;dur=1,cloudinary;dur=97;start=2022-12-09T13:42:39.383Z
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/q9lr1al65xutmioikgog.webp
23.38.200.38200 OK 1.9 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/q9lr1al65xutmioikgog.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d8ed6ce0aa53ec4f5e58b6b1a1258962
f4cdcade71af138df29d280230ffb323c66439e8
4d8db0ba48cbfcd6ecb53b2e66dc04af7d852111281a75cbf1b40f22927ed3e5
GET /image/upload/e_trim:0/c_lpad,g_center,w_60,h_60/q_auto/q9lr1al65xutmioikgog.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="q9lr1al65xutmioikgog.webp"
content-type: image/webp
etag: "d8ed6ce0aa53ec4f5e58b6b1a1258962"
last-modified: Mon, 10 Jan 2022 13:17:39 GMT
content-length: 1940
date: Fri, 09 Dec 2022 13:42:39 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=340;cpu=155;start=2022-12-09T13:42:39.319Z;desc=miss,rtt;dur=1,cloudinary;dur=84;start=2022-12-09T13:42:39.481Z
X-Firefox-Spdy: h2
magicwidgetapi.socialboards.com/api/chat/settings?communityName=antonsport&widgetId=1013&language=1
13.95.82.181200 OK 1.5 kB URL HTTP/2 magicwidgetapi.socialboards.com/api/chat/settings?communityName=antonsport&widgetId=1013&language=1
IP 13.95.82.181:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (341), with CRLF line terminators
Hash e6ac1f89263ade5cb7bc4bf90292a792
a14350054d713df8d49f842b716f945141cd0dab
65f7a08d4938e5d8e718a1874635005b5082ff4521f8abe37611434c5c7b3b14
GET /api/chat/settings?communityName=antonsport&widgetId=1013&language=1 HTTP/1.1
Host: magicwidgetapi.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.antonsport.no
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 13:42:39 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://www.antonsport.no
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
content-length: 1487
X-Firefox-Spdy: h2
magicwidget.socialboards.com/launcher-child/index.html
23.101.67.245200 OK 375 B URL HTTP/2 magicwidget.socialboards.com/launcher-child/index.html
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0f8b6d782f5a56569d19468ee288f266
9bf5edf471280cf9f7c2c4a6f89bcad481bc1596
aa9f3cea9e930e0db4e6e75e1903cd306442720ae0ea7c54d586b4fbb90118d7
GET /launcher-child/index.html HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Fri, 09 Dec 2022 13:42:39 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "bc99515830ad91:0"
last-modified: Wed, 07 Dec 2022 11:37:54 GMT
vary: Accept-Encoding
content-length: 375
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
23.101.67.245200 OK 718 B URL HTTP/2 magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with CRLF line terminators
Hash db249634768c5ba7757389a835982be6
c9bb4420f40e2a7ee6253f1dd65b2a70645bd1ca
af8ba318bcd4b87c889d86058bdb75945406d9b457ac12cb4a280c5d30dab320
GET /messenger-child/index.html?isWidgetMode=true HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Fri, 09 Dec 2022 13:42:39 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "ca1c76de30ad91:0"
last-modified: Wed, 07 Dec 2022 11:41:39 GMT
vary: Accept-Encoding
content-length: 718
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=G101&rnd=1203100763.1670593359&url=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265>m=2wgbu0PD2NKQ
142.250.74.34200 OK 9.9 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=G101&rnd=1203100763.1670593359&url=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265>m=2wgbu0PD2NKQ
IP 142.250.74.34:0
Hash cb189434fbcfc5b1085db83593e5d7a5
69270c2fb1cb9d531dcfe45c6920f01f65c20b59
3803c9cb83b2e6ad7287eb0397e687f9f429fb1ac3e9c2ab8fdef3080ff64ed2
POST /pagead/landing?gcs=G101&gcd=G101&rnd=1203100763.1670593359&url=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265>m=2wgbu0PD2NKQ HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.antonsport.no
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:42:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/gc4abjgpocnxjujtpaue.jpg
23.38.200.38200 OK 8.5 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/gc4abjgpocnxjujtpaue.jpg
IP 23.38.200.38:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 139x256, components 3\012- data
Hash 62336d8c67383b07b783c5bd1e6b5b65
c5361a3e47f4b9a3be85c990147033972a72551e
41a0059452a9e32c0dce26a089e199f8966dd4d973eb05276a624b132ec1e501
GET /image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/gc4abjgpocnxjujtpaue.jpg HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: "62336d8c67383b07b783c5bd1e6b5b65"
last-modified: Tue, 27 Sep 2022 07:59:53 GMT
content-length: 8526
date: Fri, 09 Dec 2022 13:42:40 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=3;start=2022-12-09T13:42:40.396Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 5.1 kB IP 142.250.74.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 204x256, components 3\012- data
Hash b39de3e02c78bc454b05752162b25baa
0c15c287c360c1454f2ac87e865a39711eb07560
742be4d8ea7bf5598918e80084ff495226f2e9d1689690d5a8283ea28e5ed9f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/bc2hak5xgpycsghsjrlp.jpg
23.38.200.38200 OK 8.4 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/bc2hak5xgpycsghsjrlp.jpg
IP 23.38.200.38:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 158x256, components 3\012- data
Hash e3add01369ab51f8aa51dfad7577af9e
9766c562d4628c4ed790c1a241c9c777d01adab4
c6905ce2542a994332ce5a998272afcd74997e9cdf58fabdbb14f20c725bced1
GET /image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/bc2hak5xgpycsghsjrlp.jpg HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: "e3add01369ab51f8aa51dfad7577af9e"
last-modified: Sat, 22 Oct 2022 10:16:28 GMT
content-length: 8400
date: Fri, 09 Dec 2022 13:42:40 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=2;start=2022-12-09T13:42:40.409Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
eu-library.klarnaservices.com/lib.js
54.230.111.116200 OK 11 kB URL HTTP/2 eu-library.klarnaservices.com/lib.js
IP 54.230.111.116:0
File type ASCII text, with very long lines (34396), with no line terminators
Hash 129fafe4f7ff6d73731ca2ecda5fc7b6
10c57a08e432c6ca3e040d1935ff8967c610b6c3
2e18eda31d63da454d295e77dea66e373384eff755e14f2bf03276febb15a20f
GET /lib.js HTTP/1.1
Host: eu-library.klarnaservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 09 Dec 2022 13:41:21 GMT
last-modified: Thu, 08 Dec 2022 11:03:08 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=900
server: AmazonS3
content-encoding: br
etag: W/"d8a42410012ae365c5fecb6845490adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K72qkf8SpCV_pnAnYBiTorGQSHzIMBJ9xK609PI8sVmxMjpSf3sWKQ==
age: 80
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/goib6ecywdlzasoqnnb8.jpg
23.38.200.38200 OK 11 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/goib6ecywdlzasoqnnb8.jpg
IP 23.38.200.38:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x256, components 3\012- data
Hash 7931c8c4afcc0c0b77c06df205bc717e
4bde27f1300c3fc1d0096e4a20c9a8ea2e90b6a2
4c87f73d62fa28542520b25f92f82a5d365d1c11223fde4331809cf36a2cb1bc
GET /image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/goib6ecywdlzasoqnnb8.jpg HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: "7931c8c4afcc0c0b77c06df205bc717e"
last-modified: Mon, 17 Oct 2022 10:04:20 GMT
content-length: 10589
date: Fri, 09 Dec 2022 13:42:40 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=2;start=2022-12-09T13:42:40.418Z;desc=hit,rtt;dur=1
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/k682g3qglvvweodntxlo.jpg
23.38.200.38200 OK 6.0 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/k682g3qglvvweodntxlo.jpg
IP 23.38.200.38:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 229x256, components 3\012- data
Hash 7e093c0f3c841dc956d50c1955a47e87
cf0465fbe3cb76d75dabd58fe5628faef1855b73
4ab0bddaf5bcb7b40320758aed52dbbad0cd4c10c296e9edcc29c15772b73d17
GET /image/upload/e_trim:0/c_fit,g_center,w_256,h_256/q_auto/k682g3qglvvweodntxlo.jpg HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: "7e093c0f3c841dc956d50c1955a47e87"
last-modified: Fri, 30 Sep 2022 04:23:37 GMT
content-length: 6019
date: Fri, 09 Dec 2022 13:42:40 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=2;start=2022-12-09T13:42:40.420Z;desc=hit,rtt;dur=0
X-Firefox-Spdy: h2
zizr.id/integration/anton-sport.js
13.107.219.45200 OK 9.6 kB URL HTTP/2 zizr.id/integration/anton-sport.js
IP 13.107.219.45:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (20523)
Hash 8be4e2ddb2b6fbe8629ec54c5707802f
bb9f84118a72ef0035009450ba8817cb4c6d6e9b
f159a4564359b60989e4118c0b6a17dfecb210e542382761d5ef0000fb0fa251
GET /integration/anton-sport.js HTTP/1.1
Host: zizr.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store
content-type: application/javascript
content-encoding: br
last-modified: Fri, 09 Dec 2022 11:21:29 GMT
accept-ranges: bytes
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-credentials: true
x-azure-ref-originshield: 0PDmTYwAAAAAz6Wj4LHvJRZ3tnk737IqJQU1TMDRFREdFMTkyMgA3ZGM2M2E4Mi1kOGVlLTQ3YTItYTA2Ny0wMWViNDQ1YjRiZTY=
x-azure-ref: 0UDuTYwAAAABTsBtJfQXQQ7/8O3WK1a8PT1NMMjMxMDUwMjA1MDQ3ADdkYzYzYTgyLWQ4ZWUtNDdhMi1hMDY3LTAxZWI0NDViNGJlNg==
date: Fri, 09 Dec 2022 13:42:39 GMT
X-Firefox-Spdy: h2
magicwidget.socialboards.com/launcher-child/launcher-child.js
23.101.67.245200 OK 18 kB URL HTTP/2 magicwidget.socialboards.com/launcher-child/launcher-child.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (56173), with no line terminators
Hash 58614f01650f0039577b2b4f1261ab88
e72c15e48facc3935f7871fb24a4a320e4c86886
80c22d9d162a79a82c835bb5852588f6f62a1c1117420f4b080937f74ab3c3ba
GET /launcher-child/launcher-child.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/launcher-child/index.html
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Fri, 09 Dec 2022 13:42:40 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "095485830ad91:0"
last-modified: Wed, 07 Dec 2022 11:37:54 GMT
vary: Accept-Encoding
content-length: 18522
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/runtime-es2015.0cfc7504ed81c3a81c26.js
23.101.67.245200 OK 20 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/runtime-es2015.0cfc7504ed81c3a81c26.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 5c3f88cd883c6d928d8a61b8476ab8f0
5bcc643410bbb0a80d92ea41c2bd6e324687d76c
d5d3032a68d20ee7e71735b110ca608b0e395c4b552407266351750d40a56467
GET /messenger-child/runtime-es2015.0cfc7504ed81c3a81c26.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Fri, 09 Dec 2022 13:42:40 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "6c7d97c030ad91:0"
last-modified: Wed, 07 Dec 2022 11:40:49 GMT
vary: Accept-Encoding
content-length: 1688
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/styles.264dcfab7b9699e7aa1f.css
23.101.67.245200 OK 32 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/styles.264dcfab7b9699e7aa1f.css
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (63761)
Hash fdd973d4d701ab5a47dafc2657f4f748
a8ae336a11e4b8bce6211442495e6cadd57432f5
5c753ca58338c61282ba070c4714acbb6d5764ca9c93e464e9a7d446e8e39c12
GET /messenger-child/styles.264dcfab7b9699e7aa1f.css HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Fri, 09 Dec 2022 13:42:40 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "801c35be30ad91:0"
last-modified: Wed, 07 Dec 2022 11:40:45 GMT
vary: Accept-Encoding
content-length: 32058
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/polyfills-es2015.68c57873205f360e1278.js
23.101.67.245200 OK 110 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/polyfills-es2015.68c57873205f360e1278.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 110 kB (109537 bytes)
Hash 227f427bfa4a8fce62aba5ec58ae58a4
49053f290d407eb5b442bb6c49660812062efda8
67254dca51e6ea93fe761f12a3643bc81b3fe38f92edaffd698d507f7e558941
GET /messenger-child/polyfills-es2015.68c57873205f360e1278.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Fri, 09 Dec 2022 13:42:40 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "01b57c830ad91:0"
last-modified: Wed, 07 Dec 2022 11:41:02 GMT
vary: Accept-Encoding
content-length: 109537
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/scripts.9a493c2c3614341ec254.js
23.101.67.245200 OK 1.5 MB URL HTTP/2 magicwidget.socialboards.com/messenger-child/scripts.9a493c2c3614341ec254.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 1.5 MB (1542720 bytes)
Hash f2235d7290ba6ebe2530fc0949af2899
5f49662cd248682ff5daae66fd120b3bf89e1827
021a00055cd2126d985cf4b4ef88982329e2c42b4675cc4ad4dc6f6e7501725a
GET /messenger-child/scripts.9a493c2c3614341ec254.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Fri, 09 Dec 2022 13:42:40 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "801c35be30ad91:0"
last-modified: Wed, 07 Dec 2022 11:40:45 GMT
vary: Accept-Encoding
content-length: 209285
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
magicwidget.socialboards.com/messenger-child/main-es2015.abcd08835b03f3a65216.js
23.101.67.245200 OK 292 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/main-es2015.abcd08835b03f3a65216.js
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 292 kB (291683 bytes)
Hash f65c91096e4d96b17fc3f5242c59610c
ebd01f01cf3c65781f09bcbbf7069efcc4482f2d
aaee4d2792567e5ba4761c6fdaa9daa152adec9b409094732b86343cc994d480
GET /messenger-child/main-es2015.abcd08835b03f3a65216.js HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Fri, 09 Dec 2022 13:42:40 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "0be38da30ad91:0"
last-modified: Wed, 07 Dec 2022 11:41:32 GMT
vary: Accept-Encoding
content-length: 291683
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_998,h_600,a_0/q_auto/epjhfw4mhngsbicaiy2g.webp
23.38.200.38200 OK 24 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_998,h_600,a_0/q_auto/epjhfw4mhngsbicaiy2g.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e3cd75146aed6cff8546564334641c8
d9176e1dc8e8991490d1c62ac80a5de025c2c9ce
3a96f062622cd85efc3fcde662ffdb46aecbcd4e9b5494722d6564ba9477d8ad
GET /image/upload/e_trim:0/c_lpad,g_center,w_998,h_600,a_0/q_auto/epjhfw4mhngsbicaiy2g.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="epjhfw4mhngsbicaiy2g.webp"
content-type: image/webp
etag: "8e3cd75146aed6cff8546564334641c8"
last-modified: Sun, 25 Apr 2021 12:30:54 GMT
content-length: 23562
date: Fri, 09 Dec 2022 13:42:40 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=235;cpu=39;start=2022-12-09T13:42:40.473Z;desc=miss,rtt;dur=0,cloudinary;dur=119;start=2022-12-09T13:42:40.536Z
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 12:41:08 GMT
expires: Fri, 09 Dec 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 3692
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
magicwidget.socialboards.com/messenger-child/assets/i18n/nb.json?1.0.0
23.101.67.245200 OK 3.5 kB URL HTTP/2 magicwidget.socialboards.com/messenger-child/assets/i18n/nb.json?1.0.0
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash ef51394794194bbef0a02e71ff1a6917
bf12bc80d232b14bcbf46d37c8bae07c4f20b292
e79e33ee340da4602f5616c0d80c38247e1e7c5c9adeb48e72655121d08e4812
GET /messenger-child/assets/i18n/nb.json?1.0.0 HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/messenger-child/index.html?isWidgetMode=true
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 09 Dec 2022 13:42:40 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "80874d822fad91:0"
last-modified: Wed, 07 Dec 2022 11:31:55 GMT
vary: Accept-Encoding
content-length: 3458
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
www.antonsport.no/patagonia-314-calcite-jacket-m-p19490/andes-blue-xl-v125265?kk=a4c6294-184f71fa72a-ab0f1&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Patagonia+Calcite+Jacket+M
104.21.19.184200 OK 111 kB URL HTTP/2 www.antonsport.no/patagonia-314-calcite-jacket-m-p19490/andes-blue-xl-v125265?kk=a4c6294-184f71fa72a-ab0f1&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Patagonia+Calcite+Jacket+M
IP 104.21.19.184:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7292)
Size 111 kB (110621 bytes)
Hash dd746dc09839ad3b788fd1d8300aa8de
c32c730b14fb2b16b75828d415c255cc5701b323
ab2d520c7773c681566bc9e3db3a0b67ea7312437a4bc3544cf98c8e36c1a30a
GET /patagonia-314-calcite-jacket-m-p19490/andes-blue-xl-v125265?kk=a4c6294-184f71fa72a-ab0f1&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Patagonia+Calcite+Jacket+M HTTP/1.1
Host: www.antonsport.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:39 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: public, s-maxage=180, max-age=0, must-revalidate, proxy-revalidate
via: 1.1 vegur
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq%2FPmpS%2BORQ0slGPBqgUQ%2BEEKbun2WPANXJNnoRkWW958rRTSYSwJ3SOtgNRwIWvRiprsVicIB%2FpMqAi7R3e2RkJUokYlbs51A04b8q6YHrpv0kgEadusMTo4Y4CcK13yfKURA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776e2a46ea76b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 624c5dd7a5a227aa063185cc1ac29d3c
d0d5cae93fdf68e84816638d533453b9d3c42b27
9659ccea75eb24251c1c4b48342ad78af99d596f3261522b09e4ca87c9fea404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/api.js
142.250.74.46200 OK 6.9 kB URL HTTP/2 apis.google.com/js/api.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (2054)
Hash a96aedd73e336e3ed2a1fd04fb44dbc0
a8e1f3e747d19da7f703e26e91a2bd7bdd36e691
c2d2e400110440141ba24abc5c52818875d2b9ba29e772da8cc88db71106fa40
GET /js/api.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6893
date: Fri, 09 Dec 2022 13:42:41 GMT
expires: Fri, 09 Dec 2022 13:42:41 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "62e346024404732b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-FQ4H9XCCMT>m=2oebu0&_p=1395131239&gcs=G101&cid=1759353474.1670593360&ul=en-us&sr=1280x1024&_s=1&sid=1670593359&sct=1&seg=0&dl=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Patagonia%20Calcite%20Jacket%20Herre%20%7C%20Anton%20Sport&en=product_view_in_stock&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FQ4H9XCCMT>m=2oebu0&_p=1395131239&gcs=G101&cid=1759353474.1670593360&ul=en-us&sr=1280x1024&_s=1&sid=1670593359&sct=1&seg=0&dl=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Patagonia%20Calcite%20Jacket%20Herre%20%7C%20Anton%20Sport&en=product_view_in_stock&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FQ4H9XCCMT>m=2oebu0&_p=1395131239&gcs=G101&cid=1759353474.1670593360&ul=en-us&sr=1280x1024&_s=1&sid=1670593359&sct=1&seg=0&dl=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM&dr=https%3A%2F%2Fno-go.kelkoogroup.net%2F&dt=Patagonia%20Calcite%20Jacket%20Herre%20%7C%20Anton%20Sport&en=product_view_in_stock&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.antonsport.no
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.antonsport.no
date: Fri, 09 Dec 2022 13:42:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24604080e8365a78443106bff9fd4e0d
f8ce80875d8907c57cde6d1be381dc72878cd5e3
9c82a762bc59135465b39636b983f565a309f76329fa0e68940d36916b1bdfba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C82A762BC59135465B39636B983F565A309F76329FA0E68940D36916B1BDFBA"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16564
Expires: Fri, 09 Dec 2022 18:18:45 GMT
Date: Fri, 09 Dec 2022 13:42:41 GMT
Connection: keep-alive
rcgmal4n.klarnaservices.com/v3/s?ver=2.17.11&d=credit-promotion-small&e=no-NO&g=7dc81983-468c-5fa1-a5e3-01e4f9ee6e07&purchase_amount=399900
143.204.55.11200 OK 7.6 kB URL HTTP/2 rcgmal4n.klarnaservices.com/v3/s?ver=2.17.11&d=credit-promotion-small&e=no-NO&g=7dc81983-468c-5fa1-a5e3-01e4f9ee6e07&purchase_amount=399900
IP 143.204.55.11:0
Hash b1959285fad0a2da36e78d0e9cf9de87
8bce05252954c1b89ffb55a3c20528d3fa90c54c
5f56f99a29e4692df7cce8dbaf3fa05de49670805b385bcb556a671de3414fa5
GET /v3/s?ver=2.17.11&d=credit-promotion-small&e=no-NO&g=7dc81983-468c-5fa1-a5e3-01e4f9ee6e07&purchase_amount=399900 HTTP/1.1
Host: rcgmal4n.klarnaservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.antonsport.no/
Origin: https://www.antonsport.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 13:42:40 GMT
access-control-allow-origin: https://www.antonsport.no
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
klarna-correlation-id: 9b2468c2-8287-418e-acdf-b6d306507dc6
timing-allow-origin: *
cache-control: public, max-age=86400
etag: W/"aa8-QOEEGA+v/yNnPb2VnhodpCSDNxQ"
x-envoy-upstream-service-time: 5
server: envoy
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: birr00bc0SH4gKmbCyvGWrmXPJ5zy0rVsvIZUR_R8MyM5OgAqFZOCA==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.99200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 12:31:58 GMT
expires: Sun, 03 Dec 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 522643
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:46:16 GMT
expires: Fri, 08 Dec 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 57385
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.webspec.io/api/v1/verify/page
194.31.150.103204 No Content 0 B URL HTTP/1.1 api.webspec.io/api/v1/verify/page
IP 194.31.150.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/verify/page HTTP/1.1
Host: api.webspec.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.antonsport.no/
Origin: https://www.antonsport.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 09 Dec 2022 13:42:41 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Set-Cookie: gsession=s%3Abe237674-11e0-4e7f-829f-c6b754ed369b.wvsMwm75q0jcBBznWe%2Bqy%2BpxbaHqWOZ3d9qA9J7w1ro; Path=/; Expires=Thu, 15 Dec 2022 08:13:07 GMT; HttpOnly
api.webspec.io/api/v1/verify/page
194.31.150.103200 OK 70 B URL HTTP/1.1 api.webspec.io/api/v1/verify/page
IP 194.31.150.103:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1345e4b81de872ac866c1aec54d80aa3
4bbf8d4e78ee44e89dd9caa7c0c6d803491aa714
b2eca9332dc4b7fc352bcfe372d08508028d3a95647d149452f98a793b84e229
POST /api/v1/verify/page HTTP/1.1
Host: api.webspec.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 135
Origin: https://www.antonsport.no
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 09 Dec 2022 13:42:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 70
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"46-S7+NTnjuROid2cqnwMbYA0kapxQ"
Set-Cookie: gsession=s%3Ad27b9c28-3e46-44f4-aa8d-0f4806f6103e.X18gPfkgXjY%2BuN%2B5D41m%2B2NBiO8euuZob1S6NbMeLGc; Path=/; Expires=Thu, 15 Dec 2022 08:13:07 GMT; HttpOnly
script.hotjar.com/modules.bc0a4c72d88d266f15af.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.bc0a4c72d88d266f15af.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 2375e31c5dc0ca09d740bee5c1486c2b
d68ad5ffd79e99af40377945f2f41db8b6f00ad0
2197593e6c85391abbb9c0cba866862dc84bad91aedbe5d90d374e413504f5cb
GET /modules.bc0a4c72d88d266f15af.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68590
date: Wed, 07 Dec 2022 14:35:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dtSXeebnUDty-lNe4kK3zHL1d492c4McBozFUBsnYkxfdpA02VGnag==
age: 169655
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:32:24 GMT
age: 4217
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sw-t4-AeXWfpm560NmGtfAOpTz8sDU3fqU6KVxc9qJwZz-LR6fMa_A==
age: 1384355
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf439e0a629dd8cc28fcea33262aff78
f2de8c4fbdfef73e42a47cd3d9a9cab2990b9d3d
1b7c35128fb014799611a8dd3c628eeb1085a9b8e13118416141f9261c8b79a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf439e0a629dd8cc28fcea33262aff78
f2de8c4fbdfef73e42a47cd3d9a9cab2990b9d3d
1b7c35128fb014799611a8dd3c628eeb1085a9b8e13118416141f9261c8b79a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 12 kB IP 142.250.74.131:0
Hash 7f39d7194b4a4ae4704a3ca4851707d8
b88d2259ef502423deda38ad59c97eee4386bdbb
64ac456f95d4319c9cb0eca779b2b1af129395c84a961cd9b171399eb17a089c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/5hR6gT63Gz0/default.jpg
142.250.74.182200 OK 3.6 kB URL HTTP/2 i.ytimg.com/vi/5hR6gT63Gz0/default.jpg
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 9fbf646c21219acd60cdabd7e88c9323
b71ffd4ac96fed0724b9fb8fcd5645e6fe69c51b
d0d57ce087b7b379f0c78f393efd9cb84ce865903803f0cc83d8209aa24b5dc0
GET /vi/5hR6gT63Gz0/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 3634
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 11:54:24 GMT
expires: Fri, 09 Dec 2022 13:54:24 GMT
cache-control: public, max-age=7200
age: 6497
etag: "1466118114"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
magicwidget.socialboards.com/launcher-child/assets/chat-inactive.png
23.101.67.245200 OK 3.8 kB URL HTTP/2 magicwidget.socialboards.com/launcher-child/assets/chat-inactive.png
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 77 x 77, 8-bit/color RGBA, interlaced\012- data
Hash d29ec7986b0b4f0c4b11e1fdd6816c39
034fb984d62b490992d2b274dd26620c44c93a85
36fc1cefd481e75abd19d04c4ede07e2182fba532763d374242290727c1b8769
GET /launcher-child/assets/chat-inactive.png HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/launcher-child/index.html
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Fri, 09 Dec 2022 13:42:41 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "a7c0515830ad91:0"
last-modified: Wed, 07 Dec 2022 11:37:54 GMT
content-length: 3847
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
i.ytimg.com/vi/mM2tE9fF4EA/default.jpg
142.250.74.182200 OK 2.4 kB URL HTTP/2 i.ytimg.com/vi/mM2tE9fF4EA/default.jpg
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 944f49318b593d46d2b6639b7b893bde
911c5a62889fe464370e2791e182cfe592194105
541f47ac0362bd5ef1ac4c59402267ed39d3c491ba2764f7ec2f6ac9cd4fcb09
GET /vi/mM2tE9fF4EA/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 2397
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 12:21:09 GMT
expires: Fri, 09 Dec 2022 14:21:09 GMT
cache-control: public, max-age=7200
etag: "1384541695"
content-type: image/jpeg
age: 4892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
magicwidget.socialboards.com/launcher-child/assets/chat-active.png
23.101.67.245200 OK 2.7 kB URL HTTP/2 magicwidget.socialboards.com/launcher-child/assets/chat-active.png
IP 23.101.67.245:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 77 x 77, 8-bit/color RGBA, interlaced\012- data
Hash 2b22a2369b7fd29c921c9ffc7e882768
2b5d0828f92348ea175a6c904031dde3ce177b10
91adffb44fb98787a278495c0474e9a8dbb657d06df874e23de205bba50c18eb
GET /launcher-child/assets/chat-active.png HTTP/1.1
Host: magicwidget.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/launcher-child/index.html
Cookie: ARRAffinitySameSite=98696dd15fab906af29849d1293550e1abb64691bdf20fe0795bb6ab0463e8c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Fri, 09 Dec 2022 13:42:41 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "a7c0515830ad91:0"
last-modified: Wed, 07 Dec 2022 11:37:54 GMT
content-length: 2690
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
i.ytimg.com/vi/TEPo5Dyqwm8/default.jpg
142.250.74.182200 OK 1.6 kB URL HTTP/2 i.ytimg.com/vi/TEPo5Dyqwm8/default.jpg
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash fa23e6df91bdb4f5806b9af3db6f8303
d50396a33b86d7920caac377c1ca4ace623a1db1
4735b720bdd6029e3acde56b09e2e9364f9974a093f528f5988ff5850689b269
GET /vi/TEPo5Dyqwm8/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 1609
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:42:41 GMT
expires: Fri, 09 Dec 2022 15:42:41 GMT
cache-control: public, max-age=7200
etag: "1608133766"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf439e0a629dd8cc28fcea33262aff78
f2de8c4fbdfef73e42a47cd3d9a9cab2990b9d3d
1b7c35128fb014799611a8dd3c628eeb1085a9b8e13118416141f9261c8b79a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_998,h_600,a_0/q_auto/eaktqdrioyxpefxtnrwj.webp
23.38.200.38200 OK 19 kB URL HTTP/2 antonclub-res.cloudinary.com/image/upload/e_trim:0/c_lpad,g_center,w_998,h_600,a_0/q_auto/eaktqdrioyxpefxtnrwj.webp
IP 23.38.200.38:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 51348bf997e645b82eebeb0dec451a92
961e03d371c94315af923c2e7c66e75742b213a4
fc29ee5191d3612c2e287c29d0a47452272fb93b9d9ef39ef383b0f4f251ee54
GET /image/upload/e_trim:0/c_lpad,g_center,w_998,h_600,a_0/q_auto/eaktqdrioyxpefxtnrwj.webp HTTP/1.1
Host: antonclub-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="eaktqdrioyxpefxtnrwj.webp"
content-type: image/webp
etag: "51348bf997e645b82eebeb0dec451a92"
last-modified: Sun, 25 Apr 2021 12:31:13 GMT
content-length: 19268
date: Fri, 09 Dec 2022 13:42:41 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=302;cpu=165;start=2022-12-09T13:42:41.577Z;desc=miss,rtt;dur=2,cloudinary;dur=59;start=2022-12-09T13:42:41.767Z
X-Firefox-Spdy: h2
x.klarnacdn.net/ui/fonts/v1.3/fonts.css
143.204.55.106200 OK 5.2 kB URL HTTP/2 x.klarnacdn.net/ui/fonts/v1.3/fonts.css
IP 143.204.55.106:0
File type CSV text\012- , ASCII text
Hash c992228f869c757b2b0a2f8ecb17fa21
c3348b27876c39996fea3652f74eb732c4bf2197
facb59b2ae83c0d73ae3aa0c23731f8e1791fcd3148f525bdfe1b381e14c70d4
GET /ui/fonts/v1.3/fonts.css HTTP/1.1
Host: x.klarnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 5189
date: Wed, 09 Nov 2022 03:13:13 GMT
x-amz-replication-status: COMPLETED
last-modified: Fri, 30 Apr 2021 10:01:44 GMT
etag: "c992228f869c757b2b0a2f8ecb17fa21"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-meta-ui: ui
x-amz-version-id: t6YqdT7IzEDnLlEXrdYp2k7IY4qR3s8G
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KHRVl239SAE-VGlZRXowAHcsVQ9aa4C9EVp15-kXPZC3ZsmxCqVl1w==
age: 2629770
X-Firefox-Spdy: h2
x.klarnacdn.net/ui/fonts/v1.3/KlarnaHeadline-Bold.woff2
143.204.55.106200 OK 21 kB URL HTTP/2 x.klarnacdn.net/ui/fonts/v1.3/KlarnaHeadline-Bold.woff2
IP 143.204.55.106:0
File type Web Open Font Format (Version 2), TrueType, length 20860, version 1.0\012- data
Hash e934031557d0c1b8904d2d0dd4584614
0aa2a5b830a5a6add80045b9816c0c7a35c6a504
6fa9b909ad56404a9024bf64eb4fdd303ac3872310460aaa6e8ae0c6f7093448
GET /ui/fonts/v1.3/KlarnaHeadline-Bold.woff2 HTTP/1.1
Host: x.klarnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.antonsport.no
Connection: keep-alive
Referer: https://x.klarnacdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 20860
date: Wed, 14 Sep 2022 09:43:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
last-modified: Fri, 30 Apr 2021 10:01:44 GMT
etag: "e934031557d0c1b8904d2d0dd4584614"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-meta-ui: ui
x-amz-version-id: FnFe7S43tQvuoAoiPn5yrVkdL3FZK045
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ansqmamj9NA3Sv1jxbau4Ct_wUAMsCNO4OrAqeJuEgTWoCg0OI_8nw==
age: 7444775
X-Firefox-Spdy: h2
dapi.videoly.co/1/event/0/971/?brand_ids=null&i=pg-15426447085&delay=496&yt_ready=-1&product_id=61795c399c364e0056d58507&uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&product_view_uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&gl_split=undefined&p=1&vn=3&pl=no&hn=www.antonsport.no&href=https%3A%2F%2Fw%C4%88.antonsport.no%2Fpatag%C4%8Eia-314-calcite-jacket-m-p19490%2F%C4%8Bdes-blu%C4%ACxl-v125265%3Fkk%3Da4c62%C4%B9-184f71fa72%C4%A0ab0f1%26utm_source%3D%C4%B1lko%C4%8Eo%C5%AC%C5%AE_medium%3Dcpc%C5%BE%C5%AF%C4%A6m%C4%99ign%C5%B7e%C5%B9%C5%BBcli%C4%B0%C6%8B_%C4%ABr%C6%86P%C4%9A%C4%9C%C4%9Ea%2BC%C4%A7%C4%A9%C4%AB%2BJ%C4%AF%C4%B1t%2BM&br_n=Firefox&br_v=105.0&br_w=1268&br_h=939&oos=0&e=renderDelay&sId=s%3AwO9Wv8NtvvYRFNqQK58lAQ6kj_ShzWl0.c1XWVqcjNZLr2gpFhxl6CoumD%2BFWakr72%2BMJV83tkPM
172.67.74.16200 OK 73 B URL HTTP/2 dapi.videoly.co/1/event/0/971/?brand_ids=null&i=pg-15426447085&delay=496&yt_ready=-1&product_id=61795c399c364e0056d58507&uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&product_view_uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&gl_split=undefined&p=1&vn=3&pl=no&hn=www.antonsport.no&href=https%3A%2F%2Fw%C4%88.antonsport.no%2Fpatag%C4%8Eia-314-calcite-jacket-m-p19490%2F%C4%8Bdes-blu%C4%ACxl-v125265%3Fkk%3Da4c62%C4%B9-184f71fa72%C4%A0ab0f1%26utm_source%3D%C4%B1lko%C4%8Eo%C5%AC%C5%AE_medium%3Dcpc%C5%BE%C5%AF%C4%A6m%C4%99ign%C5%B7e%C5%B9%C5%BBcli%C4%B0%C6%8B_%C4%ABr%C6%86P%C4%9A%C4%9C%C4%9Ea%2BC%C4%A7%C4%A9%C4%AB%2BJ%C4%AF%C4%B1t%2BM&br_n=Firefox&br_v=105.0&br_w=1268&br_h=939&oos=0&e=renderDelay&sId=s%3AwO9Wv8NtvvYRFNqQK58lAQ6kj_ShzWl0.c1XWVqcjNZLr2gpFhxl6CoumD%2BFWakr72%2BMJV83tkPM
IP 172.67.74.16:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash a70d924edf0b7422a552976b97a2b32f
9475a10fb7803ab9fb5dd7b340f40230b5c1b608
2d14decceefca81f027db202a083e848d21210d8f5d72a2b00f5769993a596c1
GET /1/event/0/971/?brand_ids=null&i=pg-15426447085&delay=496&yt_ready=-1&product_id=61795c399c364e0056d58507&uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&product_view_uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&gl_split=undefined&p=1&vn=3&pl=no&hn=www.antonsport.no&href=https%3A%2F%2Fw%C4%88.antonsport.no%2Fpatag%C4%8Eia-314-calcite-jacket-m-p19490%2F%C4%8Bdes-blu%C4%ACxl-v125265%3Fkk%3Da4c62%C4%B9-184f71fa72%C4%A0ab0f1%26utm_source%3D%C4%B1lko%C4%8Eo%C5%AC%C5%AE_medium%3Dcpc%C5%BE%C5%AF%C4%A6m%C4%99ign%C5%B7e%C5%B9%C5%BBcli%C4%B0%C6%8B_%C4%ABr%C6%86P%C4%9A%C4%9C%C4%9Ea%2BC%C4%A7%C4%A9%C4%AB%2BJ%C4%AF%C4%B1t%2BM&br_n=Firefox&br_v=105.0&br_w=1268&br_h=939&oos=0&e=renderDelay&sId=s%3AwO9Wv8NtvvYRFNqQK58lAQ6kj_ShzWl0.c1XWVqcjNZLr2gpFhxl6CoumD%2BFWakr72%2BMJV83tkPM HTTP/1.1
Host: dapi.videoly.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Cookie: vdly=s%3AwO9Wv8NtvvYRFNqQK58lAQ6kj_ShzWl0.c1XWVqcjNZLr2gpFhxl6CoumD%2BFWakr72%2BMJV83tkPM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:42 GMT
content-type: image/gif
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
set-cookie: vdly=s%3AwO9Wv8NtvvYRFNqQK58lAQ6kj_ShzWl0.c1XWVqcjNZLr2gpFhxl6CoumD%2BFWakr72%2BMJV83tkPM; Path=/; Expires=Sun, 12 Mar 2023 13:42:42 GMT; HttpOnly; Secure; SameSite=None
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FA5m2PywOA3Us%2Fsh3yvKwrEvKldqtwmsSZeGZliZYc6wnEG9C9odQaXM0XBL1WZ90W3r8M2zNtVtpU5VvdA445oJpDQ2s4mUxtnKsK5bzKhOdYzZCfO6X3NMbdkjWTVscw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776e2a5e8850b4ee-OSL
X-Firefox-Spdy: h2
master.socialboards.com/api/customer
20.50.2.0200 OK 0 B URL HTTP/2 master.socialboards.com/api/customer
IP 20.50.2.0:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/customer HTTP/1.1
Host: master.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: community
Referer: https://magicwidget.socialboards.com/
Origin: https://magicwidget.socialboards.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:41 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-headers: community
access-control-allow-origin: https://magicwidget.socialboards.com
access-control-expose-headers: date
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
master.socialboards.com/api/customer
20.50.2.0200 OK 426 B URL HTTP/2 master.socialboards.com/api/customer
IP 20.50.2.0:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash 550bd7ebb413ac31cf9b86936722f7c2
da1302a8a875f3c27508ba6a77d3710417bbe914
b86da94837d360fb68bfc84c1802fd2c1fb3dc02f1b45bed4c24c9b47d83ed74
GET /api/customer HTTP/1.1
Host: master.socialboards.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Community: antonsport
Origin: https://magicwidget.socialboards.com
Connection: keep-alive
Referer: https://magicwidget.socialboards.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 13:42:41 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://magicwidget.socialboards.com
access-control-expose-headers: date
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
content-length: 426
X-Firefox-Spdy: h2
account.zizr.id/signup?iframe=true&referer=anton-sport-iframe&lang=no
51.103.19.196200 OK 16 kB URL HTTP/1.1 account.zizr.id/signup?iframe=true&referer=anton-sport-iframe&lang=no
IP 51.103.19.196:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (16475), with no line terminators
Hash eb3e3950e19da410c166af0cdf9aee18
6a2e610c2b370cdd5e945f010e7a69882dabf2b8
8026577ac76f926d48ea63ef686997fbbf75c00db60cc632a092fd62d315f126
GET /signup?iframe=true&referer=anton-sport-iframe&lang=no HTTP/1.1
Host: account.zizr.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 13:42:42 GMT
Content-Type: text/html
Content-Length: 16475
Connection: keep-alive
Last-Modified: Tue, 14 Dec 2021 12:54:36 GMT
ETag: "61b8940c-405b"
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1f5e215f8a7a02c43465654c397e0bbd
167bfd0fe3b0bba7170f6d2b9e345ef6b3b6dfd7
ea8f444a8683640e753d493f1ffed8356ad3280f8e64f5e38e95b6551e84b383
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98442
Date: Fri, 09 Dec 2022 13:42:42 GMT
Etag: "639201e6-1d7"
Expires: Sat, 10 Dec 2022 17:03:24 GMT
Last-Modified: Thu, 08 Dec 2022 15:25:26 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6vnDM-D_GpT2stoTc_8cVoI6-KA76YI3s0shYfUiADdQFKY7jl_KbA==
Age: 5878
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 09 Dec 2022 13:42:42 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 7f6db8cbdd9c02fb657f0f6cedb6dee9
3a51d85a711a58cbd0d5986b79246dc4cac4b68b
0ae8870fa6dd4154ab70c247234bf365af21a3b4738099a6dcb6e3f3105e9b06
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 09 Dec 2022 13:42:42 GMT
server: ESF
cache-control: private
content-length: 31063
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 13:42:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zizr.id/integration/anton-sport.css
13.107.219.45200 OK 0 B URL HTTP/2 zizr.id/integration/anton-sport.css
IP 13.107.219.45:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /integration/anton-sport.css HTTP/1.1
Host: zizr.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store
content-type: text/css
content-encoding: br
last-modified: Fri, 09 Dec 2022 11:21:29 GMT
accept-ranges: bytes
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-credentials: true
x-azure-ref-originshield: 0AjuTYwAAAACayLLjoQiET5SlxREnB8llQU1TMDRFREdFMTkxNgA3ZGM2M2E4Mi1kOGVlLTQ3YTItYTA2Ny0wMWViNDQ1YjRiZTY=
x-azure-ref: 0TzuTYwAAAADo+PnNWviaR7UhleKJdzoxT1NMMjMxMDUwMjA1MDQ3ADdkYzYzYTgyLWQ4ZWUtNDdhMi1hMDY3LTAxZWI0NDViNGJlNg==
date: Fri, 09 Dec 2022 13:42:38 GMT
X-Firefox-Spdy: h2
api.videoly.co/1/quchbox/0/971/quch.js
172.67.74.16200 OK 0 B URL HTTP/2 api.videoly.co/1/quchbox/0/971/quch.js
IP 172.67.74.16:0
GET /1/quchbox/0/971/quch.js HTTP/1.1
Host: api.videoly.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,PUT,POST,OPTIONS
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=250996
etag: W/"3d474-+RelcyNNCBo2uVfJ4ybfcYZTXGc"
via: 1.1 vegur
x-powered-by: Express
cache-control: max-age=1800
cf-cache-status: HIT
age: 18638
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAr%2B7EBdWoYjISxwq7b%2BUW8HtuuhYQIgbPqmH8yfG5fBgdEgSY0%2FJCQD7q60tiEsofVzcXT6wQRao3MTov0NWxX%2B3uUFfcb2Y55FiF2fDn2El5eO%2F0mklcfc6gjnBbBU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776e2a56dd84b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
dapi.videoly.co/1/videos/0/971/?productId=19490&productTitle=Patagonia%20Calcite%20Jacket%20Herre&SKU=125265&brandName=Patagonia&categoryTree=&ean=&oos=0&maxItems=15&ytwv=&_b=Firefox&_bv=105.0&p=1&_w=1268&_h=939&_pl=no&_cl=no&tsltd=0&product_view_uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&hn=www.antonsport.no&href=https%3A%2F%2Fw%C4%88.antonsport.no%2Fpatag%C4%8Eia-314-calcite-jacket-m-p19490%2F%C4%8Bdes-blu%C4%ACxl-v125265%3Fkk%3Da4c62%C4%B9-184f71fa72%C4%A0ab0f1%26utm_source%3D%C4%B1lko%C4%8Eo%C5%AC%C5%AE_medium%3Dcpc%C5%BE%C5%AF%C4%A6m%C4%99ign%C5%B7e%C5%B9%C5%BBcli%C4%B0%C6%8B_%C4%ABr%C6%86P%C4%9A%C4%9C%C4%9Ea%2BC%C4%A7%C4%A9%C4%AB%2BJ%C4%AF%C4%B1t%2BM&callback=_vdly313065de86
172.67.74.16200 OK 0 B URL HTTP/2 dapi.videoly.co/1/videos/0/971/?productId=19490&productTitle=Patagonia%20Calcite%20Jacket%20Herre&SKU=125265&brandName=Patagonia&categoryTree=&ean=&oos=0&maxItems=15&ytwv=&_b=Firefox&_bv=105.0&p=1&_w=1268&_h=939&_pl=no&_cl=no&tsltd=0&product_view_uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&hn=www.antonsport.no&href=https%3A%2F%2Fw%C4%88.antonsport.no%2Fpatag%C4%8Eia-314-calcite-jacket-m-p19490%2F%C4%8Bdes-blu%C4%ACxl-v125265%3Fkk%3Da4c62%C4%B9-184f71fa72%C4%A0ab0f1%26utm_source%3D%C4%B1lko%C4%8Eo%C5%AC%C5%AE_medium%3Dcpc%C5%BE%C5%AF%C4%A6m%C4%99ign%C5%B7e%C5%B9%C5%BBcli%C4%B0%C6%8B_%C4%ABr%C6%86P%C4%9A%C4%9C%C4%9Ea%2BC%C4%A7%C4%A9%C4%AB%2BJ%C4%AF%C4%B1t%2BM&callback=_vdly313065de86
IP 172.67.74.16:0
GET /1/videos/0/971/?productId=19490&productTitle=Patagonia%20Calcite%20Jacket%20Herre&SKU=125265&brandName=Patagonia&categoryTree=&ean=&oos=0&maxItems=15&ytwv=&_b=Firefox&_bv=105.0&p=1&_w=1268&_h=939&_pl=no&_cl=no&tsltd=0&product_view_uuid=45d47ae6-de57-4f16-bc75-d779c3432f6b&hn=www.antonsport.no&href=https%3A%2F%2Fw%C4%88.antonsport.no%2Fpatag%C4%8Eia-314-calcite-jacket-m-p19490%2F%C4%8Bdes-blu%C4%ACxl-v125265%3Fkk%3Da4c62%C4%B9-184f71fa72%C4%A0ab0f1%26utm_source%3D%C4%B1lko%C4%8Eo%C5%AC%C5%AE_medium%3Dcpc%C5%BE%C5%AF%C4%A6m%C4%99ign%C5%B7e%C5%B9%C5%BBcli%C4%B0%C6%8B_%C4%ABr%C6%86P%C4%9A%C4%9C%C4%9Ea%2BC%C4%A7%C4%A9%C4%AB%2BJ%C4%AF%C4%B1t%2BM&callback=_vdly313065de86 HTTP/1.1
Host: dapi.videoly.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:41 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
x-content-type-options: nosniff
etag: W/"710-pZ0pt39ckWRsbJOaayllhD+/FL8"
set-cookie: vdly=s%3AwO9Wv8NtvvYRFNqQK58lAQ6kj_ShzWl0.c1XWVqcjNZLr2gpFhxl6CoumD%2BFWakr72%2BMJV83tkPM; Path=/; Expires=Sun, 12 Mar 2023 13:42:41 GMT; HttpOnly; Secure; SameSite=None
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NccgLjxSPCu7T%2FtmmUYFHKVrBPcfHE8H%2FV4EHoVNfk1HIbPrxKMGIWLjLNF7kfG3IG8WzntAnjTsOMqOnxpKSGD21mGrI4PYS1LEQC1W3aMCkP%2Fe6OgnSo3m7oOZsyRl5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776e2a5b9c4eb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2790581.js?sv=7
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2790581.js?sv=7
IP 143.204.55.84:0
GET /c/hotjar-2790581.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 09 Dec 2022 13:42:27 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/aacecdb2fa0bbccf8fb0b66ffff23993
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BnspgMpYgbhkQMcA2BtdZiSb3e3_IzkWqciGWfT7PS-_lgT-FplOOA==
age: 14
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2790581/visit-data?sv=7
52.49.107.217200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2790581/visit-data?sv=7
IP 52.49.107.217:0
POST /api/v2/client/sites/2790581/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 146
Origin: https://www.antonsport.no
Connection: keep-alive
Referer: https://www.antonsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 13:42:42 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
zizr.id/core/api/v1/recommendations?retailerIdentifier=anton-sport&referer=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM&modelStyleId=19490-andes+blue
13.107.219.45200 OK 0 B URL HTTP/2 zizr.id/core/api/v1/recommendations?retailerIdentifier=anton-sport&referer=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM&modelStyleId=19490-andes+blue
IP 13.107.219.45:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /core/api/v1/recommendations?retailerIdentifier=anton-sport&referer=https%3A%2F%2Fwww.antonsport.no%2Fpatagonia-314-calcite-jacket-m-p19490%2Fandes-blue-xl-v125265%3Fkk%3Da4c6294-184f71fa72a-ab0f1%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DPatagonia%2BCalcite%2BJacket%2BM&modelStyleId=19490-andes+blue HTTP/1.1
Host: zizr.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.antonsport.no/
Origin: https://www.antonsport.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=1800
content-type: application/json; charset=utf-8
vary: *
x-cache: TCP_MISS
request-context: appId=cid-v1:aa86738b-95bc-41e3-8c97-185fc5b915c7
access-control-allow-origin: *
access-control-allow-credentials: true
x-azure-ref-originshield: 0UTuTYwAAAABVP0YixwG7RLIFftBoBhARQU1TMDRFREdFMTgxNwA3ZGM2M2E4Mi1kOGVlLTQ3YTItYTA2Ny0wMWViNDQ1YjRiZTY=
x-azure-ref: 0UTuTYwAAAAAYlkNm9UovT5QlFnj8w/KBT1NMMjMxMDUwMjA1MDQ3ADdkYzYzYTgyLWQ4ZWUtNDdhMi1hMDY3LTAxZWI0NDViNGJlNg==
date: Fri, 09 Dec 2022 13:42:40 GMT
X-Firefox-Spdy: h2