r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12812
Expires: Tue, 21 Mar 2023 14:47:10 GMT
Date: Tue, 21 Mar 2023 11:13:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4455
Expires: Tue, 21 Mar 2023 12:27:53 GMT
Date: Tue, 21 Mar 2023 11:13:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14374
Expires: Tue, 21 Mar 2023 15:13:12 GMT
Date: Tue, 21 Mar 2023 11:13:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 10:14:57 GMT
content-type: application/json
age: 3521
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: w+4pYOd32GAj2+AGs5wNWadHT4Y/he82wBGHnAFgNXDMj82h7Ckcx2VsbGaSD1pNyr86KQDI18U=
x-amz-request-id: 3CSTJ5SB27M4JY7Z
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 10:59:05 GMT
age: 873
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
postalsevers.ml/07eb9a5bcf8d123/login.php
185.53.177.31200 OK 1.4 kB URL HTTP/1.1 postalsevers.ml/07eb9a5bcf8d123/login.php
IP 185.53.177.31:0
ASN #61969 Team Internet AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385)
Hash ce88d3e7a6ce3aba8f38ec4088ec0e51
913eb3e9838eff5fa8da0ff9b9154b1d4612f47e
d319739d977ccd8c82cbe3fc9680ca4fc1a053839572a71d7221fe6278fe8a53
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /07eb9a5bcf8d123/login.php HTTP/1.1
Host: postalsevers.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 11:13:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Buckets: bucket011
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BXUSVmAoTCPQYM0ZZxQaR/PaDaoz6wmyOAWmV2gJ5Wwxdy6bKYrX7yNtiiTpYLGcwH2MONTYaAaHxNX73Sg3RQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: postalsevers.ml
X-Subdomain:
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 11:13:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
d38psrni17bvxu.cloudfront.net/scripts/js3.js
13.32.11.7200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP 13.32.11.7:0
File type ASCII text, with very long lines (468)
Hash a66b149a7ebc798955373415d683f32a
15ceaba8cfae8368600620ae97aa26ae7331d626
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://postalsevers.ml/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1096
Connection: keep-alive
Server: nginx
Date: Tue, 21 Mar 2023 04:12:55 GMT
Last-Modified: Mon, 23 Jan 2023 11:12:07 GMT
Accept-Ranges: bytes
ETag: "63ce6b87-448"
X-Cache: Hit from cloudfront
Via: 1.1 015d563c1df00e18321ce956266180b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: EiqUhkdKLZ-_oNk7x92VsLvG0Oh7G3t9Hb8MoOAqpv6rQVkHDP-ZgA==
Age: 25244
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 10:17:22 GMT
age: 3377
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Tue, 21 Mar 2023 12:59:46 GMT
Date: Tue, 21 Mar 2023 11:13:39 GMT
Connection: keep-alive
postalsevers.ml/track.php?domain=postalsevers.ml&toggle=browserjs&uid=MTY3OTM5NzIxOC40OTY4OjE3ODBlYWFkNzFhODFmMTRjYjU2YmJiYzFiMmEyZTg3MmQ4MTk5MDYwZGZiZTAzNTEyZWQ4YTI1MDZkYmE1ZWU6NjQxOTkxNjI3OTRhYw%3D%3D
185.53.177.31200 OK 20 B URL HTTP/1.1 postalsevers.ml/track.php?domain=postalsevers.ml&toggle=browserjs&uid=MTY3OTM5NzIxOC40OTY4OjE3ODBlYWFkNzFhODFmMTRjYjU2YmJiYzFiMmEyZTg3MmQ4MTk5MDYwZGZiZTAzNTEyZWQ4YTI1MDZkYmE1ZWU6NjQxOTkxNjI3OTRhYw%3D%3D
IP 185.53.177.31:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /track.php?domain=postalsevers.ml&toggle=browserjs&uid=MTY3OTM5NzIxOC40OTY4OjE3ODBlYWFkNzFhODFmMTRjYjU2YmJiYzFiMmEyZTg3MmQ4MTk5MDYwZGZiZTAzNTEyZWQ4YTI1MDZkYmE1ZWU6NjQxOTkxNjI3OTRhYw%3D%3D HTTP/1.1
Host: postalsevers.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://postalsevers.ml/07eb9a5bcf8d123/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 11:13:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
postalsevers.ml/ls.php?t=64199162&token=43ee16878938530a2ee16a4bec5ef5967aa18d4d
185.53.177.31201 Created 16 B URL HTTP/1.1 postalsevers.ml/ls.php?t=64199162&token=43ee16878938530a2ee16a4bec5ef5967aa18d4d
IP 185.53.177.31:0
ASN #61969 Team Internet AG
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /ls.php?t=64199162&token=43ee16878938530a2ee16a4bec5ef5967aa18d4d HTTP/1.1
Host: postalsevers.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://postalsevers.ml/07eb9a5bcf8d123/login.php
HTTP/1.1 201 Created
Server: nginx
Date: Tue, 21 Mar 2023 11:13:39 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 64199163b8059a261d74696b
Charset: utf-8
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_OrNiAqMAtHGigb1rnuFix+s9zt/rNUhl/UsIr6qTbGngxGwJuuwLqmv6plY36HJeR8zTQ142A44yFCc3CHMG7Q==
postalsevers.ml/favicon.ico
185.53.177.31200 OK 0 B URL HTTP/1.1 postalsevers.ml/favicon.ico
IP 185.53.177.31:0
ASN #61969 Team Internet AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /favicon.ico HTTP/1.1
Host: postalsevers.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://postalsevers.ml/07eb9a5bcf8d123/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 11:13:39 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
postalsevers.ml/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=postalsevers.ml&uid=MTY3OTM5NzIxOC40OTY4OjE3ODBlYWFkNzFhODFmMTRjYjU2YmJiYzFiMmEyZTg3MmQ4MTk5MDYwZGZiZTAzNTEyZWQ4YTI1MDZkYmE1ZWU6NjQxOTkxNjI3OTRhYw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDE5OTE2Mjc5NDg4fHx8MTY3OTM5NzIxOC44MTk0fDMxOTJjZDZlNGJjYTViYTk3ODgwYTc0NDljOGU3NWY5YTU0YzAwZTd8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw0M2VlMTY4Nzg5Mzg1MzBhMmVlMTZhNGJlYzVlZjU5NjdhYTE4ZDRkfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
185.53.177.31200 OK 20 B URL HTTP/1.1 postalsevers.ml/track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=postalsevers.ml&uid=MTY3OTM5NzIxOC40OTY4OjE3ODBlYWFkNzFhODFmMTRjYjU2YmJiYzFiMmEyZTg3MmQ4MTk5MDYwZGZiZTAzNTEyZWQ4YTI1MDZkYmE1ZWU6NjQxOTkxNjI3OTRhYw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDE5OTE2Mjc5NDg4fHx8MTY3OTM5NzIxOC44MTk0fDMxOTJjZDZlNGJjYTViYTk3ODgwYTc0NDljOGU3NWY5YTU0YzAwZTd8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw0M2VlMTY4Nzg5Mzg1MzBhMmVlMTZhNGJlYzVlZjU5NjdhYTE4ZDRkfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
IP 185.53.177.31:0
ASN #61969 Team Internet AG
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /track.php?click=7d905f613654ea9b70e255b7bdd643a73d525fe6&domain=postalsevers.ml&uid=MTY3OTM5NzIxOC40OTY4OjE3ODBlYWFkNzFhODFmMTRjYjU2YmJiYzFiMmEyZTg3MmQ4MTk5MDYwZGZiZTAzNTEyZWQ4YTI1MDZkYmE1ZWU6NjQxOTkxNjI3OTRhYw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDE5OTE2Mjc5NDg4fHx8MTY3OTM5NzIxOC44MTk0fDMxOTJjZDZlNGJjYTViYTk3ODgwYTc0NDljOGU3NWY5YTU0YzAwZTd8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw0M2VlMTY4Nzg5Mzg1MzBhMmVlMTZhNGJlYzVlZjU5NjdhYTE4ZDRkfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off HTTP/1.1
Host: postalsevers.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://postalsevers.ml/07eb9a5bcf8d123/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Mar 2023 11:13:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
push.services.mozilla.com/
34.214.78.62101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.78.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JzUUnaU4SBi+kqoZiuDBCA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U9Gwr7akXw8VO1xozhdvyZ/qA7Y=
cynes-gwf.com/zcvisitor/6e0d4efd-c7d9-11ed-93e4-1257e1be0a39/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
3.231.116.86200 1.1 kB URL HTTP/1.1 cynes-gwf.com/zcvisitor/6e0d4efd-c7d9-11ed-93e4-1257e1be0a39/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
IP 3.231.116.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 90acb880b0f44201667bc3ba7d7d6c4d
bcd9b7d684ef632c33dd172be2829cf52a2336a4
36d3d7371c6521543458e8c1e9e28b0eb759f0ec3dfe2902da8ed9665a6945a1
GET /zcvisitor/6e0d4efd-c7d9-11ed-93e4-1257e1be0a39/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://postalsevers.ml/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 21 Mar 2023 11:13:40 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: fuLFmHfi
cynes-gwf.com/zcredirect?visitid=6e0d4efd-c7d9-11ed-93e4-1257e1be0a39&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.231.116.86200 364 B URL HTTP/1.1 cynes-gwf.com/zcredirect?visitid=6e0d4efd-c7d9-11ed-93e4-1257e1be0a39&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.231.116.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fa9e2fb782243d474f03cacd82cb23f9
b3888eddfa437de4d1349335959b0fe082e0b473
59706d058667e6032adf74ec13d929d914423d480899307a421feb5ffccd0b71
GET /zcredirect?visitid=6e0d4efd-c7d9-11ed-93e4-1257e1be0a39&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcvisitor/6e0d4efd-c7d9-11ed-93e4-1257e1be0a39/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 21 Mar 2023 11:13:40 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: FaVCaosF
cynes-gwf.com/favicon.ico
3.231.116.86404 653 B URL HTTP/1.1 cynes-gwf.com/favicon.ico
IP 3.231.116.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcredirect?visitid=6e0d4efd-c7d9-11ed-93e4-1257e1be0a39&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Tue, 21 Mar 2023 11:13:40 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: NuvEMABv
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a950bb4cee1f08534bd6b6fef9c63000
a471ba8cf65a8cc4c64419969bffbaa1d970773e
284cfc2683fdfd453f4a070e0e71b4e76cdb81a98f85006b69ab18357d5a475b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "284CFC2683FDFD453F4A070E0E71B4E76CDB81A98F85006B69AB18357D5A475B"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8992
Expires: Tue, 21 Mar 2023 13:43:32 GMT
Date: Tue, 21 Mar 2023 11:13:40 GMT
Connection: keep-alive
clever-redirect.com/s/r6?s=623619497&s2=lateritious-falcon&s3=sierra-dye-1jpw559rzj
116.203.50.204200 OK 272 B URL HTTP/1.1 clever-redirect.com/s/r6?s=623619497&s2=lateritious-falcon&s3=sierra-dye-1jpw559rzj
IP 116.203.50.204:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 50165924252d26e5b4714126dbd88bcf
3d864f6723062db05aa9097f3e9e63620b149876
21aef392e5ecd9afd3456c342a27c4c638fc4c7f22ee3ad560b60497e7ff3c70
GET /s/r6?s=623619497&s2=lateritious-falcon&s3=sierra-dye-1jpw559rzj HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cynes-gwf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 11:13:40 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Referrer-Policy: no-referrer
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
clever-redirect.com/s/rc?l=4cb7abd2f923a5fb3bd269845861e542
116.203.50.204200 OK 357 B URL HTTP/1.1 clever-redirect.com/s/rc?l=4cb7abd2f923a5fb3bd269845861e542
IP 116.203.50.204:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (357), with no line terminators
Hash 714eb301715e6278b594dd0826a99bae
bfb2d8d22c6cdcd19f23b8d7550506bc1352c8ba
5b82415f2386e565153d15b1982ed4012dcd87e1d535b6946f4ec9d73a268959
GET /s/rc?l=4cb7abd2f923a5fb3bd269845861e542 HTTP/1.1
Host: clever-redirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 11:13:40 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
Referrer-Policy: no-referrer
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13348
Expires: Tue, 21 Mar 2023 14:56:08 GMT
Date: Tue, 21 Mar 2023 11:13:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13348
Expires: Tue, 21 Mar 2023 14:56:08 GMT
Date: Tue, 21 Mar 2023 11:13:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00d5824792d2b97182c7fe2f91880eee
75e82060efb997641f24c68ebc70d0828ba90311
bc5e9cf1d7d78b14e595705eee550f5d6acd712feb4b3a9e428ae4ce863edc58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3835
x-amzn-requestid: 8f05ddb5-6a3c-4902-a3a0-f40a9e59394b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI-GjWIAMFTsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-26854db13f914e1579b9e752;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: nPGp--k2s14M2YR095tI4Y5BjuEyNY4NWF9Nb0Pck3HWn6xapRy9Gw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:51:42 GMT
age: 48118
etag: "75e82060efb997641f24c68ebc70d0828ba90311"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc78f90b-41af-4ead-ad86-702e5fda80ad.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc78f90b-41af-4ead-ad86-702e5fda80ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8211ace94cc818c0b092a0f8c24c7e
785e7ca94d770a89c2d738d38c880d676bf14652
f14171e1bf278f881e63d81884e84b0395f37871bfdad187c57ee8b1c337602d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc78f90b-41af-4ead-ad86-702e5fda80ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10326
x-amzn-requestid: 21739424-faef-436b-9024-5354854b622c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI8E4poAMFsvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-1627c1db7ff0c2f05f9c4e6e;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RIABIQaX9GWt0kbVqf4YeCZOVYYZRq0I31xV_YXoi4TQKvAQqY7ftA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:17 GMT
age: 48503
etag: "785e7ca94d770a89c2d738d38c880d676bf14652"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38bb12d7-f954-4d00-8df4-529b55100544.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38bb12d7-f954-4d00-8df4-529b55100544.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f5a12c7beb240250d70bf6049cdd80f
7d44ba70f3e2ed0efeb22312550a49f2eb3d8857
077bb80f575533f541b809cc99fab53278c161be6077cceef77d6fd649f274e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38bb12d7-f954-4d00-8df4-529b55100544.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6608
x-amzn-requestid: c996ce16-31c3-4019-8b10-c10e6bcfd1b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFZyGKrIAMF-dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641782a4-1f5079bd367eee3967348203;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:46:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: QdVJspl0oGNiVJSKYLsglPe0qmIVUIUXzTuSGmDhVQEhMPkmo8RuEw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 08:09:04 GMT
age: 11076
etag: "7d44ba70f3e2ed0efeb22312550a49f2eb3d8857"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:08 GMT
age: 48092
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83b411d866428669d03b1976161389e7
7ea69307d21876d48217e4845204c7cc84db101e
461a26b9fcda639f3935a9355cbe12f49a17e4eb754281fa9468317ec40eccce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9160
x-amzn-requestid: 8f8a7d81-ac5e-4992-a0cf-95b3c9791bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEW3qFRnIAMFZBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641804fd-64acec7844b88457144b35ce;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:02:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DukK8fFtnkEZTkcz6-n6ZU1lnhBsXSZa27_76Hvwgh8hQ-eYewoB9g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 12:50:23 GMT
age: 80597
etag: "7ea69307d21876d48217e4845204c7cc84db101e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 47200
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17cf19534a9662926524aad18af2c0ed
6cbef7395c4a05e819775f3e98424582a74794b0
7cde784c484fd2b0511ca1f757b421170d0b5491e94e41d97fd8398a594a1310
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7CDE784C484FD2B0511CA1F757B421170D0B5491E94E41D97FD8398A594A1310"
Last-Modified: Sun, 19 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10752
Expires: Tue, 21 Mar 2023 14:12:52 GMT
Date: Tue, 21 Mar 2023 11:13:40 GMT
Connection: keep-alive
lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=lateritious-falcon&s3=sierra-dye-1jpw559rzj&s5=cf
5.9.110.29200 OK 616 B URL HTTP/1.1 lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=lateritious-falcon&s3=sierra-dye-1jpw559rzj&s5=cf
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document, ASCII text, with very long lines (616), with no line terminators
Hash 772584351ff783eb4f15894c2507ff2c
2357ab7577e1458c0c012d46a78a905c3b42aec4
90944fd6cba173fb7ed943133321f75ce0520062a53a2cc825bff5e67106c2cd
GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=fjellsport.no&s1=623619497&s2=lateritious-falcon&s3=sierra-dye-1jpw559rzj&s5=cf HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 11:13:41 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.17
Set-Cookie: 94b7d4c013def48f8237354ad3356e31=609ec25e094a193a9e1d2c558985951e89dd355931da10e43d479caa6f26fb70a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2294b7d4c013def48f8237354ad3356e31%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Wed, 22-Mar-2023 11:13:41 GMT; Max-Age=86400; path=/; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DYmxTalRiTXg1TS9CeThlT1VudFRTd3FVOWRrNVFybVFybVQrWUtsdzNodkw5RldNTHFydXBidDhYQitrWWtUbnYyN1lNQzdlRGZXYXFsVURGeFdGUW5UVWdPQ3dlMFRRM0pBZms1ZnRYd3pEeHBiWTJoUzlQMEpMZWVOYnpnWlRheUJ0SnRpallQamE0bFJpWGp0ckprcnY5bUhOdjA4NzZMWHkxU3FKdWtMUjVtOD0%3D%26i%3DJVVPMvAYFMecxBaC%26placementId%3D1b0dc15c8df4f15d19b2092e8da0fafb&h=191186a033ca9c05de73691cd5623197
5.9.110.29200 OK 544 B URL HTTP/1.1 lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DYmxTalRiTXg1TS9CeThlT1VudFRTd3FVOWRrNVFybVFybVQrWUtsdzNodkw5RldNTHFydXBidDhYQitrWWtUbnYyN1lNQzdlRGZXYXFsVURGeFdGUW5UVWdPQ3dlMFRRM0pBZms1ZnRYd3pEeHBiWTJoUzlQMEpMZWVOYnpnWlRheUJ0SnRpallQamE0bFJpWGp0ckprcnY5bUhOdjA4NzZMWHkxU3FKdWtMUjVtOD0%3D%26i%3DJVVPMvAYFMecxBaC%26placementId%3D1b0dc15c8df4f15d19b2092e8da0fafb&h=191186a033ca9c05de73691cd5623197
IP 5.9.110.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators
Hash 62e95ef515fce84355d6607b7cb4627e
df4fc892c5dacf78eda2fa3fef10dae4cf0f16f0
d6a47b4699ccc8fed233526df5c038847784e02aca102085dc3a273a7ab68e6d
GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DYmxTalRiTXg1TS9CeThlT1VudFRTd3FVOWRrNVFybVFybVQrWUtsdzNodkw5RldNTHFydXBidDhYQitrWWtUbnYyN1lNQzdlRGZXYXFsVURGeFdGUW5UVWdPQ3dlMFRRM0pBZms1ZnRYd3pEeHBiWTJoUzlQMEpMZWVOYnpnWlRheUJ0SnRpallQamE0bFJpWGp0ckprcnY5bUhOdjA4NzZMWHkxU3FKdWtMUjVtOD0%3D%26i%3DJVVPMvAYFMecxBaC%26placementId%3D1b0dc15c8df4f15d19b2092e8da0fafb&h=191186a033ca9c05de73691cd5623197 HTTP/1.1
Host: lookandfind.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 94b7d4c013def48f8237354ad3356e31=609ec25e094a193a9e1d2c558985951e89dd355931da10e43d479caa6f26fb70a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2294b7d4c013def48f8237354ad3356e31%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 11:13:41 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By: PHP/8.1.17
Referrer-Policy: strict-origin-when-cross-origin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 10cf2fe055dc5b80cf75dc2f66707ff6
f5e52974bb0791c181574326a7c41ccfb975d756
575655d366077897533c6154af7e0b79be6efd05b8fdf43eed9d46f621834eed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "575655D366077897533C6154AF7E0B79BE6EFD05B8FDF43EED9D46F621834EED"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15389
Expires: Tue, 21 Mar 2023 15:30:10 GMT
Date: Tue, 21 Mar 2023 11:13:41 GMT
Connection: keep-alive
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 83c2235842193a086e7f5857278312fb
1206ad8046d534e36d4a8249882223d9c0994bc3
4f13972b4cf4d91e7bab249d7e9e805c3d2285af1c7e7235210d3ba2397292cd
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111774
Date: Tue, 21 Mar 2023 11:13:41 GMT
Etag: "64189b0b-1d7"
Expires: Wed, 22 Mar 2023 18:16:35 GMT
Last-Modified: Mon, 20 Mar 2023 17:42:35 GMT
Server: ECAcc (nya/79F3)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Yck5288xFGQgyMspaTf4vYBN-FS7JDY0AVG-QTF4lV5NZhtjd39lUg==
Age: 2040
api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=a7fef098f9fc1f00e1a5cc88675d757304919b0aaee67da8f15eefb5b3b1c905&custom2=SRdytlITOR16&custom3=false
54.230.111.108200 OK 32 kB URL HTTP/2 api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=a7fef098f9fc1f00e1a5cc88675d757304919b0aaee67da8f15eefb5b3b1c905&custom2=SRdytlITOR16&custom3=false
IP 54.230.111.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12878)
Hash ee937ce5e243a67b752a0b5482fe986e
8d3294b6776f78f2e03f43098ae7e926b38d10cd
4e03c0b76022c3902afc7681b458e612084edaa636a6d43905037c38edccf031
GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=a7fef098f9fc1f00e1a5cc88675d757304919b0aaee67da8f15eefb5b3b1c905&custom2=SRdytlITOR16&custom3=false HTTP/1.1
Host: api.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 32498
x-gravitee-transaction-id: a917b004-de66-4c49-97b0-04de662c49a0
x-gravitee-request-id: a917b004-de66-4c49-97b0-04de662c49a0
leadid: 62A001GW1XZY4WXPWKR75BYAAJTX6X
clickid: 107698148_1679397221843_1367362
country: no
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
set-cookie: datadome=4unqBKXnJqOGqz7xjsmopZSMqAEdt~TBhUtK2Pvyr4QIn2M_4Mhw0Orrm0hYTbc02WAk8~8CGROK2nZUCg61Bw1bf8p4T3IeBtTl7M_9bWN7rxsz6~_xV36J4LEYMQH0; Max-Age=31536000; Expires=Wed, 20 Mar 2024 11:13:42 GMT; SameSite=Lax; Path=/; Domain=.kelkoo.net; Secure
kelkooID=a4c6294-18703dff5d3-4be23; Max-Age=31536000; Expires=Wed, 20 Mar 2024 11:13:42 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
x-datadome: protected
request-time: PT0.718556S
x-robots-tag: noindex,nofollow
referrer-policy: origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
date: Tue, 21 Mar 2023 11:13:42 GMT
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MsngT_HyV3oiuzad9rIrIIqLQE3lD-UaF5wvlfF5enRsh9AVcHAH_A==
X-Firefox-Spdy: h2
status.thawte.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e8594cb957e77a2ef1a0587903cad76f
96a815ceaa465b09a7f450889aa82892b51c7292
3570cac1d1b8fa0bbed4c1383f1f4b0f27357a614bd9e73eb55fa0c78632aaaf
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3505
Cache-Control: max-age=108935
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:42 GMT
Etag: "64188a3c-1d7"
Expires: Wed, 22 Mar 2023 17:29:17 GMT
Last-Modified: Mon, 20 Mar 2023 16:30:52 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e8594cb957e77a2ef1a0587903cad76f
96a815ceaa465b09a7f450889aa82892b51c7292
3570cac1d1b8fa0bbed4c1383f1f4b0f27357a614bd9e73eb55fa0c78632aaaf
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3505
Cache-Control: max-age=108935
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:42 GMT
Etag: "64188a3c-1d7"
Expires: Wed, 22 Mar 2023 17:29:17 GMT
Last-Modified: Mon, 20 Mar 2023 16:30:52 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b1369dae1edb1ddf7a1f59be452ee7d2c4c3184db21f9528a4d6c057e0702cb37befd6075fb0ea25169178149fb171b4d2f76413419db92c6479b13a5ffff7b2ae15b4f6b5eb89c273cc584408d7eba8c2e1e6f8f0ca6a44912a1304458309dc5d18507d79d3e4f4cf29844d4b6a6dbb46b748f3894f42cdf2cb012746fd2d05b0f8f6b0ca09b7ae762e3e0422cae21a75bd05947ef85013a756d30c24d76d50a2d1a3cec2766e48c9a9f0de7e4b1444497b9571e83996e091ebe747c99b1382135e580e7f95f057fb9dc1bf002c92da8e0cb2489f0363e6bf6963c7cb22cd05653e2ee7a6ef31099e9040963107c365e761ea49b87ceb60152e04bff13bd35da978e5c22cd1a5fa2a9a0a287fabb1ad6e1712b1f8654c3bc7365d20ddd2a3feaf08e0250531c47da
95.211.116.26200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b1369dae1edb1ddf7a1f59be452ee7d2c4c3184db21f9528a4d6c057e0702cb37befd6075fb0ea25169178149fb171b4d2f76413419db92c6479b13a5ffff7b2ae15b4f6b5eb89c273cc584408d7eba8c2e1e6f8f0ca6a44912a1304458309dc5d18507d79d3e4f4cf29844d4b6a6dbb46b748f3894f42cdf2cb012746fd2d05b0f8f6b0ca09b7ae762e3e0422cae21a75bd05947ef85013a756d30c24d76d50a2d1a3cec2766e48c9a9f0de7e4b1444497b9571e83996e091ebe747c99b1382135e580e7f95f057fb9dc1bf002c92da8e0cb2489f0363e6bf6963c7cb22cd05653e2ee7a6ef31099e9040963107c365e761ea49b87ceb60152e04bff13bd35da978e5c22cd1a5fa2a9a0a287fabb1ad6e1712b1f8654c3bc7365d20ddd2a3feaf08e0250531c47da
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b1369dae1edb1ddf7a1f59be452ee7d2c4c3184db21f9528a4d6c057e0702cb37befd6075fb0ea25169178149fb171b4d2f76413419db92c6479b13a5ffff7b2ae15b4f6b5eb89c273cc584408d7eba8c2e1e6f8f0ca6a44912a1304458309dc5d18507d79d3e4f4cf29844d4b6a6dbb46b748f3894f42cdf2cb012746fd2d05b0f8f6b0ca09b7ae762e3e0422cae21a75bd05947ef85013a756d30c24d76d50a2d1a3cec2766e48c9a9f0de7e4b1444497b9571e83996e091ebe747c99b1382135e580e7f95f057fb9dc1bf002c92da8e0cb2489f0363e6bf6963c7cb22cd05653e2ee7a6ef31099e9040963107c365e761ea49b87ceb60152e04bff13bd35da978e5c22cd1a5fa2a9a0a287fabb1ad6e1712b1f8654c3bc7365d20ddd2a3feaf08e0250531c47da HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Content-Type: text/plain;charset=utf-8
Content-Length: 536
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Cookie: kelkooID=a4c6294-18703dff5d3-4be23; _ga=GA1.2.1476174820.1679397225; _gid=GA1.2.848241993.1679397225
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
leadId: 62A001GW1XZY4WXPWKR75BYAAJTX6X
clickId: 107698148_1679397221843_1367362
country: no
Request-Time: PT0.003949S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 21 Mar 2023 11:13:42 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b1369dae1edb1ddf7a1f59be452ee7d2c4c3184db21f9528a4d6c057e0702cb37befd6075fb0ea25169178149fb171b4d2f76413419db92c6479b13a5ffff7b2ae15b4f6b5eb89c273cc584408d7eba8c2e1e6f8f0ca6a44912a1304458309dc5d18507d79d3e4f4cf29844d4b6a6dbb46b748f3894f42cdf2cb012746fd2d05b0f8f6b0ca09b7ae762e3e0422cae21a75bd05947ef85013a756d30c24d76d50a2d1a3cec2766e48c9a9f0de7e4b1444497b9571e83996e091ebe747c99b1382135e580e7f95f057fb9dc1bf002c92da8e0cb2489f0363e6bf6963c7cb22cd05653e2ee7a6ef31099e9040963107c365e761ea49b87ceb60152e04bff13bd35da978e5c22cd1a5fa2a9a0a287fabb1ad6e1712b1f8654c3bc7365d20ddd2a3feaf08e0250531c47da&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-18703dff5d3-4be23%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
95.211.116.26303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b1369dae1edb1ddf7a1f59be452ee7d2c4c3184db21f9528a4d6c057e0702cb37befd6075fb0ea25169178149fb171b4d2f76413419db92c6479b13a5ffff7b2ae15b4f6b5eb89c273cc584408d7eba8c2e1e6f8f0ca6a44912a1304458309dc5d18507d79d3e4f4cf29844d4b6a6dbb46b748f3894f42cdf2cb012746fd2d05b0f8f6b0ca09b7ae762e3e0422cae21a75bd05947ef85013a756d30c24d76d50a2d1a3cec2766e48c9a9f0de7e4b1444497b9571e83996e091ebe747c99b1382135e580e7f95f057fb9dc1bf002c92da8e0cb2489f0363e6bf6963c7cb22cd05653e2ee7a6ef31099e9040963107c365e761ea49b87ceb60152e04bff13bd35da978e5c22cd1a5fa2a9a0a287fabb1ad6e1712b1f8654c3bc7365d20ddd2a3feaf08e0250531c47da&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-18703dff5d3-4be23%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono
IP 95.211.116.26:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef24626042196e82e72d1da8b6cee3d7088f40bd4974e8d54cf678814beb5655245eb5332f184d197c9aaf5c4302e398022a1eded6b1369dae1edb1ddf7a1f59be452ee7d2c4c3184db21f9528a4d6c057e0702cb37befd6075fb0ea25169178149fb171b4d2f76413419db92c6479b13a5ffff7b2ae15b4f6b5eb89c273cc584408d7eba8c2e1e6f8f0ca6a44912a1304458309dc5d18507d79d3e4f4cf29844d4b6a6dbb46b748f3894f42cdf2cb012746fd2d05b0f8f6b0ca09b7ae762e3e0422cae21a75bd05947ef85013a756d30c24d76d50a2d1a3cec2766e48c9a9f0de7e4b1444497b9571e83996e091ebe747c99b1382135e580e7f95f057fb9dc1bf002c92da8e0cb2489f0363e6bf6963c7cb22cd05653e2ee7a6ef31099e9040963107c365e761ea49b87ceb60152e04bff13bd35da978e5c22cd1a5fa2a9a0a287fabb1ad6e1712b1f8654c3bc7365d20ddd2a3feaf08e0250531c47da&url=https%3A%2F%2Ffjellsport.no%2F%3Fkk%3Da4c6294-18703dff5d3-4be23%26channable%3D01649e696400313030343532d7%26utm_medium%3Dcpc%26utm_source%3Dkelkoono HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Cookie: kelkooID=a4c6294-18703dff5d3-4be23; _ga=GA1.2.1476174820.1679397225; _gid=GA1.2.848241993.1679397225
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 303 See Other
leadId: 62A001GW1XZY4WXPWKR75BYAAJTX6X
clickId: 107698148_1679397221843_1367362
country: no
Location: https://fjellsport.no/?kk=a4c6294-18703dff5d3-4be23&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=1zuy0jfVgD2QFF1-ywZM4F1-duUdn9uKVvOWhlIOFcJgAlP_195r07NEwkOFWzEwi_tTPbGUv1SVMKyeg1yH185Ug2iB5ZMBXz96FhM3qrbLYS4Osz6WbfEYw0UHI_zG; Max-Age=31536000; Expires=Wed, 20 Mar 2024 11:13:42 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.012432S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Tue, 21 Mar 2023 11:13:42 GMT
Content-Length: 0
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 884f42ed5bb09ffa7517ad3ac0966679
2f263a79fa41f4d97cbabba39a61f5a64b1cdcd6
16e0031b7b6b80685c5684d88e4f6a137ef0ccb08a4c3abc1f46ee7ada2c4b43
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 11:13:43 GMT
Etag: "64160376-1d7"
Server: ECAcc (dcb/7EAD)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _TBGw4DkEAOZpkFyehDXmF0eiZXsTl6RGTIESqYqmXSWZXIV43U-Rg==
fjellsport.no/?kk=a4c6294-18703dff5d3-4be23&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
13.51.149.109302 Found 0 B URL HTTP/2 fjellsport.no/?kk=a4c6294-18703dff5d3-4be23&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono
IP 13.51.149.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?kk=a4c6294-18703dff5d3-4be23&channable=01649e696400313030343532d7&utm_medium=cpc&utm_source=kelkoono HTTP/1.1
Host: fjellsport.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 11:13:43 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.fjellsport.no/
server: Apache/2.4.25 (Debian)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3Da7fef098f9fc1f00e1a5cc88675d757304919b0aaee67da8f15eefb5b3b1c905%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1476174820.1679397225&tid=UA-168544891-6&_gid=848241993.1679397225&_r=1&cd1=&cd2=62A001GW1XZY4WXPWKR75BYAAJTX6X&cd3=7246223&cd4=a4c6294-18703dff5d3-4be23&cd5=&cd6=%7C7246223%7C&z=206513100
172.217.21.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3Da7fef098f9fc1f00e1a5cc88675d757304919b0aaee67da8f15eefb5b3b1c905%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1476174820.1679397225&tid=UA-168544891-6&_gid=848241993.1679397225&_r=1&cd1=&cd2=62A001GW1XZY4WXPWKR75BYAAJTX6X&cd3=7246223&cd4=a4c6294-18703dff5d3-4be23&cd5=&cd6=%7C7246223%7C&z=206513100
IP 172.217.21.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fapi.kelkoogroup.net%2Fpublisher%2Fshopping%2Fv2%2Flink-monetizer%2Flink%3Fcountry%3Dno%26id%3De4ef5dec-03eb-11eb-bf21-ba5ec25d7100%26merchantUrl%3Dhttps%253A%252F%252Ffjellsport.no%252F%26custom1%3Da7fef098f9fc1f00e1a5cc88675d757304919b0aaee67da8f15eefb5b3b1c905%26custom2%3DSRdytlITOR16%26custom3%3Dfalse&dr=https%3A%2F%2Flookandfind.me%2F&dp=%2F%7C7246223%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Fjellsport.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1476174820.1679397225&tid=UA-168544891-6&_gid=848241993.1679397225&_r=1&cd1=&cd2=62A001GW1XZY4WXPWKR75BYAAJTX6X&cd3=7246223&cd4=a4c6294-18703dff5d3-4be23&cd5=&cd6=%7C7246223%7C&z=206513100 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://api.kelkoogroup.net
Connection: keep-alive
Referer: https://api.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://api.kelkoogroup.net
date: Tue, 21 Mar 2023 11:13:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 2.1 kB IP 142.250.74.163:0
Hash ab2e657be5c755cc13e94823a0e70807
91eac82684d4ea8ad6232fcb9057856de94443c7
67a9f5c552892d24422e1349528ce56e930197202805efca6a09450bc183b60f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ab129d514d0faf0666e6ce43b569f76c
409850d345706b34fee6a566aa6a745520c1119e
4affe3f4c37db07bd93e76f6049157812a7dcf2e2e389260d5205e41b3b25d2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4816
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:43 GMT
Last-Modified: Tue, 21 Mar 2023 09:53:27 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtm.js?id=GTM-TP3749N
142.250.74.168200 OK 88 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TP3749N
IP 142.250.74.168:0
File type ASCII text, with very long lines (25458)
Hash d6cd36ad86771bc97c158eb5680fad1d
f829ede5d07282e0728780aac461c70d3cb914b0
5eb846740fc718a6a80dd1c206d2b609b6f2a213f41adbbb960992aa5cbebb29
GET /gtm.js?id=GTM-TP3749N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 11:13:43 GMT
expires: Tue, 21 Mar 2023 11:13:43 GMT
cache-control: private, max-age=900
last-modified: Tue, 21 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ab129d514d0faf0666e6ce43b569f76c
409850d345706b34fee6a566aa6a745520c1119e
4affe3f4c37db07bd93e76f6049157812a7dcf2e2e389260d5205e41b3b25d2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5264
Cache-Control: max-age=111790
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:43 GMT
Etag: "64188e85-1d7"
Expires: Wed, 22 Mar 2023 18:16:53 GMT
Last-Modified: Mon, 20 Mar 2023 16:49:09 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9240310&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__02vzjz5d55s4
23.36.79.16200 OK 3.5 kB URL HTTP/2 api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9240310&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__02vzjz5d55s4
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash 3d2f886b2b79aefa4e1898f6e4352257
ea72b2b6664d56cfbfacf4c01ad562d3c54a5e78
d77940c723f7b497b9685f5c7bbce52f5cfdf1ab3a835c0a69faba1c65eb2b94
GET /v3.6/customer/action/get_dynamic_configuration?license_id=9240310&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.fjellsport.no%2F&channel_type=code&jsonp=__02vzjz5d55s4 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://www.fjellsport.no/;
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-frame-options: allow-from https://www.fjellsport.no/
content-length: 395
date: Tue, 21 Mar 2023 11:13:43 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb&version=1450.8.8.1640.101.193.68.8.10.17.7.152.6&group_id=1&jsonp=__lc_static_config
23.36.79.16200 OK 1.4 kB URL HTTP/2 api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb&version=1450.8.8.1640.101.193.68.8.10.17.7.152.6&group_id=1&jsonp=__lc_static_config
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (4049), with no line terminators
Hash 79b561a8e1b2f5ab92dc71e13baf3425
0b28bbfbb69327ea25f0eb1ce389de466a4650f3
1eb42a69cb2d7becdff71ace2f00e756807dbee66328499af71f65186ab0cd1b
GET /v3.4/customer/action/get_configuration?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb&version=1450.8.8.1640.101.193.68.8.10.17.7.152.6&group_id=1&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
content-length: 1439
cache-control: public, max-age=130
expires: Tue, 21 Mar 2023 11:15:54 GMT
date: Tue, 21 Mar 2023 11:13:44 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb&version=a2fb162d3655d456397b7117a50bebbc_cb44b693ec9b26872b5b46ecda0ea338&language=nb&group_id=1&jsonp=__lc_localization
23.36.79.16200 OK 4.2 kB URL HTTP/2 api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb&version=a2fb162d3655d456397b7117a50bebbc_cb44b693ec9b26872b5b46ecda0ea338&language=nb&group_id=1&jsonp=__lc_localization
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11444), with no line terminators
Hash 56e6bae866a4b31f4417017948ff4163
469f449cbf3fbd1ffa218e22087b6568f6ec4180
f458cc369e6c8cb3656394085828f78bd7f9806e72d254a81acd4bbb0fd8cae7
GET /v3.4/customer/action/get_localization?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb&version=a2fb162d3655d456397b7117a50bebbc_cb44b693ec9b26872b5b46ecda0ea338&language=nb&group_id=1&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
cache-control: public, max-age=130
expires: Tue, 21 Mar 2023 11:15:54 GMT
date: Tue, 21 Mar 2023 11:13:44 GMT
content-length: 4195
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
151.101.246.248200 OK 84 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP 151.101.246.248:0
File type Web Open Font Format (Version 2), TrueType, length 84088, version 1.66\012- data
Hash f7b12903dd7a2d536ceb2b7cd1dba2c1
82d12ab89c971973141475ecbefa5da97ad57195
3760e89dfff6078afcdc5404e4735e266a4799babd9fa853ff388c702e992c5f
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84027
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: "f7b12903dd7a2d536ceb2b7cd1dba2c1"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 21 Mar 2023 11:13:44 GMT
Age: 22295307
X-Served-By: cache-ord1745-ORD, cache-chi-kigq8000071-CHI, cache-hel1410025-HEL
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 250033
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
secure.livechatinc.com/customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0
23.36.79.16200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 0fa67c2edb3d404fbb15d383b079eedf
43d8626b6e24dff3cf937cc4143c10049acaf352
072e11771425c25df2301aea4faf826eb985eabc76ca8e3854f2daa32429fdcd
GET /customer/action/open_chat?license_id=9240310&group=1&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Tue, 21 Mar 2023 11:13:44 GMT
content-length: 2559
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/generated-locales/embed/en.9bacc10a.json
151.101.246.251200 OK 786 B URL HTTP/2 open.spotifycdn.com/cdn/generated-locales/embed/en.9bacc10a.json
IP 151.101.246.251:0
File type JSON data\012- , ASCII text
Hash 5423b5e6ee9cc826062b60ea3d169b4e
db6b1bc6d71ed2571ac8632b7862db160eb3bb2c
a43e0a9a70b16b3e2af9b2f3da00c524e745f1567e6d16db531bd09bbffa2a3e
GET /cdn/generated-locales/embed/en.9bacc10a.json HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 10:57:33 GMT
etag: "5423b5e6ee9cc826062b60ea3d169b4e"
x-goog-generation: 1679396253831630
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 786
content-type: application/json
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 11:13:44 GMT
age: 783
x-served-by: cache-chi-klot8100104-CHI, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 24, 87
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 786
X-Firefox-Spdy: h2
www.fjellsport.no/
104.18.22.72200 OK 53 kB IP 104.18.22.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24457)
Hash c91877480882bde769636dd831553596
709972dd6c2afaabc5e968753deaf0215af9fe30
63152f2f9c0e831db249c1eaa05c4fa88a9142ef4f2a1805c700ecc8678b8b59
GET / HTTP/1.1
Host: www.fjellsport.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:43 GMT
content-type: text/html; charset=utf-8
cf-ray: 7ab5c4655ccc1c0a-OSL
age: 8
cache-control: no-store
expires: Tue, 21 Mar 2023 15:13:43 GMT
last-modified: Tue, 21 Mar 2023 11:13:35 GMT
link: </static/runtime.7bb83b00e472ec5b26ac.135.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/main.6526e1d87f126dcea17d.135.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/vendors~main.1e2c4ac7505c735744dc.135.nb-NO.js>; rel="modulepreload"; as="script"; crossorigin="anonymous", </static/globals.32424bf13487e1ab89ee.css>; rel="preload"; as="style", </static/static.44c7fea7404b473a2206.css>; rel="preload"; as="style", </static/f785bde0ec212bfab70652799e038381.woff2>; rel="preload"; as="font"; crossorigin="anonymous"
vary: Accept-Encoding
cf-cache-status: HIT
request-context: appId=cid-v1:0c613cf3-3219-4402-8e44-accd6521a7dc
x-cache-load-time: 6ms
x-cache-status: HIT
x-original-cache-control: public, s-maxage=30, stale-while-revalidate=900, stale-if-error=1800
x-original-date: Tue, 21 Mar 2023 11:13:35 GMT
x-worker-time: 6ms
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.56ff3dd7.chunk.js
23.36.79.16200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.56ff3dd7.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 7c3dc364f1dbdd4c4e6f0de6bcc7e8d8
bd4287cc9bf64c24ac43e40aaf859af228235ea2
f87d4e7bafd6250364aa32f0000891a2eaeac14a0c59aa1889ee39bf92754838
GET /widget/static/js/1.56ff3dd7.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Mar 2023 09:29:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: xiuRP9ngsNjNTs9HmKs.2KjQwzL8hteR
server: AmazonS3
content-encoding: br
etag: W/"82d0dc19c8413c5682ac79122698124f"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: vuObFLNecmwEbmkTlAGfbdKtSw52WTt7Ynql6XYuDB18vuV269CtXg==
content-length: 66451
cache-control: max-age=31536000
expires: Wed, 20 Mar 2024 11:13:44 GMT
date: Tue, 21 Mar 2023 11:13:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.f3afd98f.chunk.js
23.36.79.16200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.f3afd98f.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash f09d9b5065aab8825dd08d7913bae1f5
5deb1be8e9fc6f8ccadba10260fcf6cb16e75c0f
87b0af1eec5c6e8932a90445802bc65cda56d58ce4a61c2d8acfa8391884db11
GET /widget/static/js/0.f3afd98f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 11:00:20 GMT
etag: W/"8b6c1a603bccc6a1e3b59ff3aace75e9"
x-amz-server-side-encryption: AES256
x-amz-version-id: h2cmWK2hBRFGAcYHe5iF9o0zzYpsb.No
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: Bw2IzZOyr_49K9oRG13FInrJKTBymZV69Cv1jf8Jl85RWWz2ol11cw==
content-length: 14942
cache-control: max-age=31536000
expires: Wed, 20 Mar 2024 11:13:44 GMT
date: Tue, 21 Mar 2023 11:13:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
151.101.246.248200 OK 86 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
IP 151.101.246.248:0
File type Web Open Font Format (Version 2), TrueType, length 85622, version 1.66\012- data
Hash 0e196bce574e01f42fc686e3e6dc4f76
330b633667a9533638955e725e53a760904170eb
94591008ecb9d40b575e52b72bd30dc31bab0b064ba132766fb80f95f85d27aa
GET /fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 85585
Last-Modified: Thu, 19 May 2022 07:59:22 GMT
ETag: "0e196bce574e01f42fc686e3e6dc4f76"
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 21 Mar 2023 11:13:44 GMT
Age: 21785726
X-Served-By: cache-ord1740-ORD, cache-chi-klot8100119-CHI, cache-hel1410022-HEL
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 114101
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.246.248200 OK 96 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.246.248:0
Hash 63f560df719e66a531a628b5233e4720
ca70fad889648646c5a3e5cb3cb00c0f35ee4e0f
9911addef830baceb14787daf01e1f5e84ff4080f7847fb84f0a16b429ef1922
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89529
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: "216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 21 Mar 2023 11:13:44 GMT
Age: 16475259
X-Served-By: cache-chi-kigq8000117-CHI, cache-hel1410027-HEL
X-Cache: HIT, HIT
X-Cache-Hits: 1, 9274
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
151.101.246.248200 OK 87 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
IP 151.101.246.248:0
File type Web Open Font Format (Version 2), TrueType, length 87350, version 1.66\012- data
Hash db1a27b35e26398fef4be920ea96078d
436a76d889fe34eaf1c213447d3d94a5dc3adedd
847a8377ef2e424408f08c04f34697edd3ceca9f8a6455678493dd69e5d0bd47
GET /fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 87344
Last-Modified: Thu, 19 May 2022 07:59:23 GMT
ETag: "db1a27b35e26398fef4be920ea96078d"
x-goog-generation: 1652947162999500
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 87344
Content-Type: font/woff2
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 21 Mar 2023 11:13:44 GMT
Age: 22295306
X-Served-By: cache-ord1746-ORD, cache-chi-klot8100112-CHI, cache-hel1410034-HEL
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 123135
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
open.spotifycdn.com/cdn/build/embed/vendor~embed.359598f4.css
151.101.246.251200 OK 1.0 kB URL HTTP/2 open.spotifycdn.com/cdn/build/embed/vendor~embed.359598f4.css
IP 151.101.246.251:0
File type ASCII text, with very long lines (9735), with no line terminators
Hash 1709e694ecf23c10d4a5354eee9b33f4
3fa698f29cd0bbc27df50a4b220d02ccd61a0286
e172cd12a441b036216d6808178611c41a605d625c87daa40830a9acee5a54e1
GET /cdn/build/embed/vendor~embed.359598f4.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 08 Dec 2022 08:51:22 GMT
etag: "1709e694ecf23c10d4a5354eee9b33f4"
x-goog-generation: 1670489482436115
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1047
content-type: text/css
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 11:13:44 GMT
age: 8907530
x-served-by: cache-chi-klot8100109-CHI, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 51, 84003
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1047
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.4a9c5b18.chunk.js
23.36.79.16200 OK 206 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.4a9c5b18.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65457)
Size 206 kB (206167 bytes)
Hash 308393b2d2194a78fddd12c4bcb58cdc
b376b636dbe12d048444f35316c907d8a9fc24c6
f1233f0b7b818d2df6a35f0409cc0b0b71bb7f0b55c9d38fcb218360c9a67ee2
GET /widget/static/js/iframe.4a9c5b18.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Mar 2023 09:03:45 GMT
etag: W/"ee1ee2e924d64b378d63f6a05a6ffdf0"
x-amz-server-side-encryption: AES256
x-amz-version-id: He6acq_HduuELcp3HP_QIcEBoA.Bhwcc
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: HNaNaxG97RyARcrGd2tjgwXyva5cOjqmOIardXaZlCSiL9dsxY5wZQ==
content-length: 206167
cache-control: max-age=31536000
expires: Wed, 20 Mar 2024 11:13:44 GMT
date: Tue, 21 Mar 2023 11:13:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
23.36.79.16200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Wed, 20 Mar 2024 11:13:44 GMT
date: Tue, 21 Mar 2023 11:13:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
23.36.79.16200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Wed, 20 Mar 2024 11:13:44 GMT
date: Tue, 21 Mar 2023 11:13:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 1be31158bee0c64f001b72296984ccd9
78b95a3e619f15b094c1d1020f4e26aaefe212ce
811cf00914204ae8d851bf3e4a97044d83d8b67fee0fbb8e823c9a4ad4a8bf9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1902
Cache-Control: max-age=130764
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:44 GMT
Etag: "6418e5c6-1d7"
Expires: Wed, 22 Mar 2023 23:33:08 GMT
Last-Modified: Mon, 20 Mar 2023 23:01:26 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
script.hotjar.com/modules.e2da18cc902540af2c47.js
54.230.111.93200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.e2da18cc902540af2c47.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (50842)
Hash 0dbc433f6fb478c9dd6bfaf47096a6fd
4ca17e0b3f4c64e635f429368c131dff11a49fd1
6f3f259cee768fa5803b521863f67de1198c564bea9fd419b57c8c05d8c0debb
GET /modules.e2da18cc902540af2c47.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 69113
date: Mon, 20 Mar 2023 11:39:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "0dbc433f6fb478c9dd6bfaf47096a6fd"
last-modified: Mon, 20 Mar 2023 11:38:47 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -lJxwCmZNyUCnqh5-5PjfWOWQK0jJ70Ip_Pt3BhDfY7pItGvyi_DUg==
age: 84877
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed/vendor~embed.50901b83.js
151.101.246.251200 OK 303 kB URL HTTP/2 open.spotifycdn.com/cdn/build/embed/vendor~embed.50901b83.js
IP 151.101.246.251:0
Size 303 kB (303272 bytes)
Hash 532a875f7b9d9051e026cc47fe43f849
b628191b37742ef08172ff0cfabb2a9c5c9aa8fc
7fdd4575b01a48bd58d70b939bde3dc97dd04e9bc1e1cb35ca3075b9cd544d34
GET /cdn/build/embed/vendor~embed.50901b83.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 09:58:19 GMT
etag: "657722ab147a41561c23e22f430d105f"
x-goog-generation: 1679392699766172
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 301161
content-type: application/javascript
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 11:13:44 GMT
age: 4328
x-served-by: cache-chi-kigq8000114-CHI, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 30, 1283
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 301161
X-Firefox-Spdy: h2
i.scdn.co/image/ab67656300005f1f70edda4950509274c9dea50a
151.101.246.248200 OK 65 kB URL HTTP/1.1 i.scdn.co/image/ab67656300005f1f70edda4950509274c9dea50a
IP 151.101.246.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 48a3f9a3eadeb1be9c04be813c76f004
44562c40d60077d4afc30a677e71f0ecade39dcd
05a08415a389bfac823cabc527e88f2d7da83993aaf61431192e28e080d6a6f2
GET /image/ab67656300005f1f70edda4950509274c9dea50a HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 64952
Last-Modified: Mon, 19 Dec 2022 06:30:32 GMT
ETag: "48a3f9a3eadeb1be9c04be813c76f004"
x-goog-generation: 1671431432313203
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 64952
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Tue, 21 Mar 2023 11:13:44 GMT
Age: 101887
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100127-CHI, cache-hel1410031-HEL
X-Cache: HIT, HIT
X-Cache-Hits: 16, 2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
vc.hotjar.io/sessions/75470?s=0.25&r=0.1542930266302711
54.230.111.8204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/75470?s=0.25&r=0.1542930266302711
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/75470?s=0.25&r=0.1542930266302711 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Tue, 21 Mar 2023 11:13:44 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KBbWLg3xDsab7VBOee1KaA3hakqJN8x6bM3UFlAIIFuSu4NE56sEog==
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d4cc715116802f0cf114b224011ee033
0f1bdbdf3aae69814f58c6251b54217660e97d71
789e8f0f47b70a06556e3b8dc129915eb2b110b98eba5b1448552b94616c2a95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "789E8F0F47B70A06556E3B8DC129915EB2B110B98EBA5B1448552B94616C2A95"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Tue, 21 Mar 2023 15:07:12 GMT
Date: Tue, 21 Mar 2023 11:13:44 GMT
Connection: keep-alive
o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.43.0
34.120.195.249200 OK 2 B URL HTTP/2 o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.43.0
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.43.0 HTTP/1.1
Host: o22381.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 459
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 11:13:44 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 110 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1dd6c1ca39ff7f62f6f5dd73cbb69e60
007b03249980c5f5037713c49f2ffe5c34b8ca30
0bbfb9e870bc8a77808b5cec871a59121e1d81788b4b4beebc422729b5ae88f0
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Tue, 21 Mar 2023 11:13:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d4cc715116802f0cf114b224011ee033
0f1bdbdf3aae69814f58c6251b54217660e97d71
789e8f0f47b70a06556e3b8dc129915eb2b110b98eba5b1448552b94616c2a95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "789E8F0F47B70A06556E3B8DC129915EB2B110B98EBA5B1448552B94616C2A95"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14008
Expires: Tue, 21 Mar 2023 15:07:12 GMT
Date: Tue, 21 Mar 2023 11:13:44 GMT
Connection: keep-alive
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 109 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9826337fe1ee7fa6261b6313fbb39e0a
8a70b70aa7f0788cd4ae2bce1f0d0b91b722d603
b5758526a870ab1c5b4b4f043df2f9677612d914593275c544769b92fc9a85ae
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 109
date: Tue, 21 Mar 2023 11:13:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.livechatinc.com/v2/customer/token
23.36.79.16200 OK 195 B URL HTTP/2 accounts.livechatinc.com/v2/customer/token
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 10c974f35c427af5459bfd506ea28d12
b02192a0dcf4a98cf7679e9e43ab5e9ca62e9aae
9ac9bd573c65acfc16546b5f5b93e39cf9b321d2bbead49ca7b7e7a31d12e84c
POST /v2/customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 225
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 195
date: Tue, 21 Mar 2023 11:13:44 GMT
set-cookie: __lc_cid=d26b39b7-96f2-452b-920c-ee7e5f6cb6a7; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 21 Mar 2025 11:13:44 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=65400d40a763e447ecfad4884c26e2e207f75b27cd105297786b534cdd829e16183dc3844d911e2f76388ac5d239b7cddc469341b8fe501b32af3339dd71; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 21 Mar 2025 11:13:44 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=d26b39b7-96f2-452b-920c-ee7e5f6cb6a7; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 21 Mar 2025 11:13:44 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=65400d40a763e447ecfad4884c26e2e207f75b27cd105297786b534cdd829e16183dc3844d911e2f76388ac5d239b7cddc469341b8fe501b32af3339dd71; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 21 Mar 2025 11:13:44 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1679397254&tag=c605ada341676a392ed8c9695faad79d6924f397; Path=/; Expires=Tue, 21 Mar 2023 11:14:14 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (31112), with no line terminators
Hash ced43b482bc1e51ed1bccdc98f089862
3459a7c7ff82b6240b5fc31787365ce633680a50
978404ad8ad5ff756892de874487f8de79bb68bbb9b7c4b137d9f91f6977f8b4
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13327
server: CloudFront
date: Tue, 21 Mar 2023 11:13:45 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Wed, 22 Mar 2023 10:36:54 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GAbl8Cf-0Zxp4YIBuEiPwGXEovE1yK-CIXdeYjMZlV_DiB6Ow7EcsA==
X-Firefox-Spdy: h2
s.kk-resources.com/leadtag.js
54.230.111.62200 OK 2.6 kB URL HTTP/1.1 s.kk-resources.com/leadtag.js
IP 54.230.111.62:0
File type C source, ASCII text, with very long lines (6988)
Hash 451cbed513c586c489e0871f9fd9ebf5
274ee82e54a6afb6a3fb19d06a955412f60c87fc
5cb763e2d2e259ee43696720a1311a6929982a5c9ab63be3f9d67de55ff82602
GET /leadtag.js HTTP/1.1
Host: s.kk-resources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2608
Connection: keep-alive
X-Gravitee-Transaction-Id: b5c42ebf-8086-4dd4-842e-bf80861dd4d9
X-Gravitee-Request-Id: b5c42ebf-8086-4dd4-842e-bf80861dd4d9
ETag: "012a2b9b5a9cb8eb8485c40f282ba6dc8f499dac"
Request-Time: 11
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Mon, 27 Feb 2023 13:51:34 GMT
Content-Encoding: gzip
Date: Tue, 21 Mar 2023 10:39:15 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A_xcklPOZoXJiCekXwDPkeOWa4_sM02N_YG4qWFltfjqjLRKCCZO_A==
Age: 2070
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 38d8047ca2045200f0cac13041a1d88f
37b06f9978e5de50a3769981c9408cffaf5c3185
adbbcfb19926e3c6373d5f207c53b8b825bd5f72ac2208cdf1b800de41f4463e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11203568.fls.doubleclick.net/activityi;src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F?
142.250.74.38200 OK 239 B URL HTTP/2 11203568.fls.doubleclick.net/activityi;src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (458), with no line terminators
Hash b294f5daf2361b666e2cca4beb03bdae
9b6693b0f06ee720ac43577f43cc194b8ac57613
32ea9fd4b5128114517baf70b529abdc74b56812cca33beba65d6a1109036e6b
GET /activityi;src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F? HTTP/1.1
Host: 11203568.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 11:13:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 239
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 11:28:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 38d8047ca2045200f0cac13041a1d88f
37b06f9978e5de50a3769981c9408cffaf5c3185
adbbcfb19926e3c6373d5f207c53b8b825bd5f72ac2208cdf1b800de41f4463e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash eabde3e986fa043f6d349dd9ed5b2b66
ff4be874d38955efee92d1318a671da77086c4a2
7d968766c52053e3c835db01cb1b65db4cb2d561383d1a658950a09d7844abcd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Last-Modified: Tue, 21 Mar 2023 10:53:47 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Tue, 21 Mar 2023 11:13:45 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Tue, 21 Mar 2023 11:13:45 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG47KTJC77UENQEJPVNG&lib=ttq
23.36.79.32200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG47KTJC77UENQEJPVNG&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2321)
Hash 63df231cc928ba868d614abd62d350af
38f56510696344e669edfd86d4f4c754dc3072fb
2952e043e7efc723dad449016f9e4d7f1aba85efd4e941750f71d6eb2544c35d
GET /i18n/pixel/events.js?sdkid=CG47KTJC77UENQEJPVNG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202303211113452A1FACE8AA750736641D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca1d596ddaf70747ace331741445dfeb5941a0e7025861f35e2d2c19b7a877b03fce8562ce55ae01aadce85551e88b88d929194939c3318b0270e9e48407fbe139c
content-encoding: gzip
expires: Tue, 21 Mar 2023 11:13:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 11:13:45 GMT
content-length: 1152
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
set-cookie: _ttp=2NJzyL0QxU9FwtXi4AbJ6HgxaZT; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=99
x-origin-response-time: 99,23.36.79.28
x-akamai-request-id: 388bba4c
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash eabde3e986fa043f6d349dd9ed5b2b66
ff4be874d38955efee92d1318a671da77086c4a2
7d968766c52053e3c835db01cb1b65db4cb2d561383d1a658950a09d7844abcd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1922
Cache-Control: max-age=155254
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Etag: "6419455d-1d7"
Expires: Thu, 23 Mar 2023 06:21:19 GMT
Last-Modified: Tue, 21 Mar 2023 05:49:17 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/p?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.fjellsport.no%2F&bt=1d53c387&if=false&m_dcl=724&m_fcps=712&m_pi=638&m_pl=1968&m_pv=v2&m_rd=2710&m_sl=2707&rf=https%3A%2F%2Fapi.kelkoogroup.net%2F&trackId=b8dbb2dd-3032-4839-8ef2-9d75facfc098&ts=1679397228266&u_c1=40b158f5-5bb2-4a76-88ff-c9145acb4388&u_sclid=2c62c692-0581-42b8-bee8-fb78712e6923&u_scsid=7e3a4972-f4ee-413a-a521-ec5a8c435ce4&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.fjellsport.no%2F&bt=1d53c387&if=false&m_dcl=724&m_fcps=712&m_pi=638&m_pl=1968&m_pv=v2&m_rd=2710&m_sl=2707&rf=https%3A%2F%2Fapi.kelkoogroup.net%2F&trackId=b8dbb2dd-3032-4839-8ef2-9d75facfc098&ts=1679397228266&u_c1=40b158f5-5bb2-4a76-88ff-c9145acb4388&u_sclid=2c62c692-0581-42b8-bee8-fb78712e6923&u_scsid=7e3a4972-f4ee-413a-a521-ec5a8c435ce4&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fwww.fjellsport.no%2F&bt=1d53c387&if=false&m_dcl=724&m_fcps=712&m_pi=638&m_pl=1968&m_pv=v2&m_rd=2710&m_sl=2707&rf=https%3A%2F%2Fapi.kelkoogroup.net%2F&trackId=b8dbb2dd-3032-4839-8ef2-9d75facfc098&ts=1679397228266&u_c1=40b158f5-5bb2-4a76-88ff-c9145acb4388&u_sclid=2c62c692-0581-42b8-bee8-fb78712e6923&u_scsid=7e3a4972-f4ee-413a-a521-ec5a8c435ce4&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:45 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlI+NqXdBwhOAXDe1fLK3bL+hLGbrcsHWMU2cgUOPPt0FIA//gD0aZptzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&u_scsid=7e3a4972-f4ee-413a-a521-ec5a8c435ce4&u_sclid=2c62c692-0581-42b8-bee8-fb78712e6923
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&u_scsid=7e3a4972-f4ee-413a-a521-ec5a8c435ce4&u_sclid=2c62c692-0581-42b8-bee8-fb78712e6923
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=f4a91d9d-8e61-456b-92af-60615a1d4785&u_scsid=7e3a4972-f4ee-413a-a521-ec5a8c435ce4&u_sclid=2c62c692-0581-42b8-bee8-fb78712e6923 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:45 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
23.36.79.32200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 0315597028802fbc81ea829093ff7d7d
d0f1d8243437546f785338f1694187f28d09012d
6c4ede99d8b8d80ac7ab7ea334b13e68c2eec85360facfdaf76905b0e09ccbc6
GET /i18n/pixel/static/main.MTE3ZGZjMmFkMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Cookie: _ttp=2NJzyL0QxU9FwtXi4AbJ6HgxaZT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230221145349D8F9ABDB8DC3C0D68208
x-tt-trace-host: 01bb469d8a759a907b671c89f934679301bb550c3c66d911ef5acdfa9e308af0040737830cc9d03386c3307ac1b95412f7159ab1382b9e54de53eca4dd9d96a5ba540c63d2f8c43290a3140f13d58bb5ddd96d222444a5043bdcd754420e1624e1
content-encoding: gzip
content-length: 66240
date: Tue, 21 Mar 2023 11:13:45 GMT
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 388bbb26
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
142.250.74.66200 OK 240 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (457), with no line terminators
Hash 95d826adc74192b80e254b154356f133
a39e0957257ca834c1eab879387a2e6795b98dd7
410f024cbd5c0bdbe85aa236c1d0b7acd3029c75b4526207e6c29794e05d64b3
GET /ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11203568.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 11:13:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash eabde3e986fa043f6d349dd9ed5b2b66
ff4be874d38955efee92d1318a671da77086c4a2
7d968766c52053e3c835db01cb1b65db4cb2d561383d1a658950a09d7844abcd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2820
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Last-Modified: Tue, 21 Mar 2023 10:26:45 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 858
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Tue, 21 Mar 2023 11:13:45 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 1143
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Tue, 21 Mar 2023 11:13:45 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 681bc25d1e648965a9374cc7da238fd5
bb973302d1b656e343013fe741d0d54bfe33b15e
2d381181d954e35610fb06daba8df86d7abb4b823e87de97276e0bd81af03669
GET /i18n/pixel/static/identify_cab4d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Cookie: _ttp=2NJzyL0QxU9FwtXi4AbJ6HgxaZT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202302211453357ED32E9CB4A234CC4054
x-tt-trace-host: 015ddd7329836f23ed04aa0dd6eae000e61dfb35b73ddd0ea6d3f361692c7f8399f836da754548664a9d56a317cca937197d586aef26ea8efc3380c784f4b6030804835a6b84edf6ba964a401008dbe475da2a7be38cb7b795f8af41aeb5068142
content-encoding: gzip
date: Tue, 21 Mar 2023 11:13:45 GMT
content-length: 30779
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 388bbbb5
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11203568;type=all-p0;cat=visit0;ord=1208939314050;gtm=45He33f0;auiddc=1256476416.1679397227;u1=%2F;~oref=https%3A%2F%2Fwww.fjellsport.no%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 11:13:45 GMT
expires: Tue, 21 Mar 2023 11:13:45 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.livechatinc.com/v3.4/customer/action/check_goals?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb
23.36.79.16200 OK 0 B URL HTTP/2 api.livechatinc.com/v3.4/customer/action/check_goals?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v3.4/customer/action/check_goals?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type
access-control-allow-origin: https://secure.livechatinc.com
vary: Accept-Encoding
content-length: 0
date: Tue, 21 Mar 2023 11:13:45 GMT
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 795
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Cookie: _ttp=2NJzyL0QxU9FwtXi4AbJ6HgxaZT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023032111134574CAB7CD3A32D3F88420
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca17be2bc00999470dc1fdd781e7e4f202175127fa34554269f18174189e0872360d458bc7c2c99707263f7e04efded6f6fd4210e9bec2ea4989e90a56007d77b78
expires: Tue, 21 Mar 2023 11:13:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 11:13:45 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=5, origin; dur=113
x-origin-response-time: 113,23.36.79.28
x-akamai-request-id: 388bbbc1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 955
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Tue, 21 Mar 2023 11:13:45 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3497
Cache-Control: max-age=95266
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 13:41:31 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
172.217.21.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Mar 2023 09:53:25 GMT
expires: Tue, 21 Mar 2023 11:53:25 GMT
cache-control: public, max-age=7200
age: 4820
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.snapchat.com/config/no/f4a91d9d-8e61-456b-92af-60615a1d4785.js
35.190.43.134200 OK 12 kB URL HTTP/2 tr.snapchat.com/config/no/f4a91d9d-8e61-456b-92af-60615a1d4785.js
IP 35.190.43.134:0
File type Unicode text, UTF-8 text, with very long lines (40758), with no line terminators
Hash 497a74f56718bdd9aa914d52c0d59a4c
6c724da31dc37b00017f918121d9df0564e94c60
ac0d0614dc4df963e8ef03c77091b2a9daaa86dc0a97311879dc595305f19493
GET /config/no/f4a91d9d-8e61-456b-92af-60615a1d4785.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:45 GMT
access-control-allow-origin: https://www.fjellsport.no
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
Hash 9527efff2adff299ef37b1486969897b
61d14fc3b12fc023e1baa97679821e2a8f51f8a9
8436840c7d51587c09c6fbf5f3632bac74b064ed544adcc25f393483d7ec78bb
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: HLDgTeQ0GInprnMg4BZNjS/0dRDf8Vlqc1y/o1DsAPL8g40pn/kLHuFpWpIj578ByvIxwzjBhc0hoq9xsiOApw==
content-length: 27907
x-fb-trip-id: 1904183273
date: Tue, 21 Mar 2023 11:13:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 8dfb4d7009fc9f0c6a154440c5c60bd7
bbf5e775dcb99de2d26ce0f91875121b6f81e6d5
29c0ccbb6453abbc8828355d6e791188f04b44e750347ba7e2b2c9c5bc8e4238
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2621
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Last-Modified: Tue, 21 Mar 2023 10:30:04 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4143
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:45 GMT
Last-Modified: Tue, 21 Mar 2023 10:04:42 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
api.livechatinc.com/v3.4/customer/action/check_goals?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb
23.36.79.16200 OK 2 B URL HTTP/2 api.livechatinc.com/v3.4/customer/action/check_goals?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v3.4/customer/action/check_goals?organization_id=6ea70217-7165-456e-8d54-008e7e936cdb HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer dal:eOUfZWQmQtaZdSuEtp8YmQ
Content-Length: 74
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
content-type: application/json
legacy: 2024-05-31
vary: Accept-Encoding
content-length: 2
date: Tue, 21 Mar 2023 11:13:46 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5820557&tm=gtm002&Ver=2&mid=9b6c43c2-98f5-4220-924c-43e771e35578&sid=74150760c7d911ed9c20333ddc07ce74&vid=741524c0c7d911edae0b4b297e3965cc&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=1968&evt=pageLoad&sv=1&rn=151074
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5820557&tm=gtm002&Ver=2&mid=9b6c43c2-98f5-4220-924c-43e771e35578&sid=74150760c7d911ed9c20333ddc07ce74&vid=741524c0c7d911edae0b4b297e3965cc&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=1968&evt=pageLoad&sv=1&rn=151074
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5820557&tm=gtm002&Ver=2&mid=9b6c43c2-98f5-4220-924c-43e771e35578&sid=74150760c7d911ed9c20333ddc07ce74&vid=741524c0c7d911edae0b4b297e3965cc&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&p=https%3A%2F%2Fwww.fjellsport.no%2F&r=https%3A%2F%2Fapi.kelkoogroup.net%2F<=1968&evt=pageLoad&sv=1&rn=151074 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=324A5B0C6C646EA3022549D76D916FE4; domain=.bing.com; expires=Sun, 14-Apr-2024 11:13:46 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9761FDC0A1EF48C2850BD5C167D976EB Ref B: OSL30EDGE0115 Ref C: 2023-03-21T11:13:46Z
date: Tue, 21 Mar 2023 11:13:45 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&gjid=1370728201&_gid=425360072.1679397229&_u=YCDAgEABAAAAAEgCI~&z=602566774
209.85.233.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&gjid=1370728201&_gid=425360072.1679397229&_u=YCDAgEABAAAAAEgCI~&z=602566774
IP 209.85.233.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&gjid=1370728201&_gid=425360072.1679397229&_u=YCDAgEABAAAAAEgCI~&z=602566774 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.fjellsport.no
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 11:13:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/p/action/5820557.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5820557.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5820557.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 424643A62BB843AFBCAE18F4C3C5838A Ref B: OSL30EDGE0115 Ref C: 2023-03-21T11:13:46Z
date: Tue, 21 Mar 2023 11:13:45 GMT
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-8LCQQ72GE4>m=45je33f0&_p=2047005398&cid=1271680188.1679397228&ul=en-us&sr=1280x1024&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1679397228&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-8LCQQ72GE4>m=45je33f0&_p=2047005398&cid=1271680188.1679397228&ul=en-us&sr=1280x1024&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1679397228&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8LCQQ72GE4>m=45je33f0&_p=2047005398&cid=1271680188.1679397228&ul=en-us&sr=1280x1024&_s=1&dl=%2F&dt=Fjellsport.no%20-%20friluftsbutikken%20med%20det%20enorme%20utvalget%20%7C%20Fjellsport.no&sid=1679397228&sct=1&seg=0&dr=https%3A%2F%2Fapi.kelkoogroup.net%2F&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fjellsport.no
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.fjellsport.no
date: Tue, 21 Mar 2023 11:13:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 50f3a49a3279b7e42772b8348c3355c9
8116d3d0aded7cac519f65cbf17a18a725c1a017
eeed450f7b51b33eaa89632657394ebe03068c7899ee5fc45976fb318a209406
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4041
Cache-Control: max-age=104073
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:46 GMT
Etag: "6418752a-1d7"
Expires: Wed, 22 Mar 2023 16:08:19 GMT
Last-Modified: Mon, 20 Mar 2023 15:00:58 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&_u=YCDAgEABAAAAAEgCI~&z=1426181543
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&_u=YCDAgEABAAAAAEgCI~&z=1426181543
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&_u=YCDAgEABAAAAAEgCI~&z=1426181543 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 11:13:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&_u=YCDAgEABAAAAAEgCI~&z=1426181543
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&_u=YCDAgEABAAAAAEgCI~&z=1426181543
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1379067-1&cid=1271680188.1679397228&jid=1348944627&_u=YCDAgEABAAAAAEgCI~&z=1426181543 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 11:13:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1679397228977&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679397228975.825903094&it=1679397228783&coo=false&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1679397228977&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679397228975.825903094&it=1679397228783&coo=false&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3072056353006498&ev=PageView&dl=https%3A%2F%2Fwww.fjellsport.no%2F&rl=https%3A%2F%2Fapi.kelkoogroup.net%2F&if=false&ts=1679397228977&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679397228975.825903094&it=1679397228783&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 21 Mar 2023 11:13:46 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash a49520022c09b30af5561def37504c1e
a24e2ffb61958ec9f8ec5c3472bb9500b27d3353
46ffa457d3584550e25ab42b9744dbb29e0b44037d03b595f7408089215ba598
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6152
Cache-Control: max-age=114455
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:46 GMT
Etag: "64189579-1d7"
Expires: Wed, 22 Mar 2023 19:01:21 GMT
Last-Modified: Mon, 20 Mar 2023 17:18:49 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:45 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=73yv0l80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQkdYdFNCaTUzYkFLbjRNOVJDV0xyTzhYV0JsNDklMkJ0Mk1HbUtObUREMFY2; expires=Sun, 14 Apr 2024 11:13:46 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 206421
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash 02084dc65c4e4572378d5ef9da1c1415
254968fdadbc064f3000d1ce98492a9f2df691cf
1f0e28598f8ee60e8edac804622a21f060fa1d16bde31bd873fc9d19e4ebb6ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4114
Cache-Control: max-age=158126
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:46 GMT
Etag: "64194806-13a"
Expires: Thu, 23 Mar 2023 07:09:12 GMT
Last-Modified: Tue, 21 Mar 2023 06:00:38 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash 02084dc65c4e4572378d5ef9da1c1415
254968fdadbc064f3000d1ce98492a9f2df691cf
1f0e28598f8ee60e8edac804622a21f060fa1d16bde31bd873fc9d19e4ebb6ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2623
Cache-Control: max-age=156635
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:46 GMT
Etag: "64194806-13a"
Expires: Thu, 23 Mar 2023 06:44:21 GMT
Last-Modified: Tue, 21 Mar 2023 06:00:38 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 314
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e2281cccb4eaff498218cb2e3233776d
ecb9bb2e33bfc0c0cf0a69d827e6bf7d6d0d6e10
f487e24729710d69df876dad05c9d2cd4a030b94cdd816637dfcee6051f55cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F487E24729710D69DF876DAD05C9D2CD4A030B94CDD816637DFCEE6051F55CC9"
Last-Modified: Mon, 20 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13264
Expires: Tue, 21 Mar 2023 14:54:50 GMT
Date: Tue, 21 Mar 2023 11:13:46 GMT
Connection: keep-alive
sslwidget.criteo.com/event?a=28291&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=xMnBdF9qSEhYRENtc3hMQnNTRklPRUJ2bzBJdEZsM0d2aXVUMU5YV1dtQUpMJTJGQ1Rlb1NQNyUyRnQlMkIlMkZLMm45SlhLWTlOUldBZWhjSDU3Mm9QOTRFWmF3YVpqbTVQdzVXUkJROVlXSENzWmxkcTRpU2dNSVRKMXlac3BtQjJGeTNLRXc2OEk2QlExbEs4aSUyQkJEdW0zREdqM2JoTDlBJTNEJTNE&tld=fjellsport.no&fu=https%253A%252F%252Fwww.fjellsport.no%252F&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=55720
178.250.1.9200 OK 3.8 kB URL HTTP/2 sslwidget.criteo.com/event?a=28291&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=xMnBdF9qSEhYRENtc3hMQnNTRklPRUJ2bzBJdEZsM0d2aXVUMU5YV1dtQUpMJTJGQ1Rlb1NQNyUyRnQlMkIlMkZLMm45SlhLWTlOUldBZWhjSDU3Mm9QOTRFWmF3YVpqbTVQdzVXUkJROVlXSENzWmxkcTRpU2dNSVRKMXlac3BtQjJGeTNLRXc2OEk2QlExbEs4aSUyQkJEdW0zREdqM2JoTDlBJTNEJTNE&tld=fjellsport.no&fu=https%253A%252F%252Fwww.fjellsport.no%252F&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=55720
IP 178.250.1.9:0
Hash f792cf11320d4912ef909adfb5300b05
98ae4e01b096b619ef69ff0f154761d5de1d71e9
bd0fa8c530be81675082d777a5c887ce0629d854562bdab5bf66158c9706f757
GET /event?a=28291&v=5.14.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fapi.kelkoogroup.net&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=xMnBdF9qSEhYRENtc3hMQnNTRklPRUJ2bzBJdEZsM0d2aXVUMU5YV1dtQUpMJTJGQ1Rlb1NQNyUyRnQlMkIlMkZLMm45SlhLWTlOUldBZWhjSDU3Mm9QOTRFWmF3YVpqbTVQdzVXUkJROVlXSENzWmxkcTRpU2dNSVRKMXlac3BtQjJGeTNLRXc2OEk2QlExbEs4aSUyQkJEdW0zREdqM2JoTDlBJTNEJTNE&tld=fjellsport.no&fu=https%253A%252F%252Fwww.fjellsport.no%252F&pu=https%253A%252F%252Fapi.kelkoogroup.net%252F&dtycbr=55720 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:46 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 9079791
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e2281cccb4eaff498218cb2e3233776d
ecb9bb2e33bfc0c0cf0a69d827e6bf7d6d0d6e10
f487e24729710d69df876dad05c9d2cd4a030b94cdd816637dfcee6051f55cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F487E24729710D69DF876DAD05C9D2CD4A030B94CDD816637DFCEE6051F55CC9"
Last-Modified: Mon, 20 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13264
Expires: Tue, 21 Mar 2023 14:54:50 GMT
Date: Tue, 21 Mar 2023 11:13:46 GMT
Connection: keep-alive
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.1.11302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 21 Mar 2023 11:13:46 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 497042
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f012cdd7cf0de250dad5fe3f278cb616
cb16e7ba2d5b470c7ae19546e0b51ce5f2019af7
9e4071dcc60e43a82f4a24c60c8be0eecc25dcf39682c3bbf7d4ac50d6d1f5d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/setuid?entity=52&code=k-gXhkNmfn58ZvLgGwkBPwxACA4oDZG1aSq5kLFA
185.89.210.141307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/setuid?entity=52&code=k-gXhkNmfn58ZvLgGwkBPwxACA4oDZG1aSq5kLFA
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=52&code=k-gXhkNmfn58ZvLgGwkBPwxACA4oDZG1aSq5kLFA HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 11:13:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-gXhkNmfn58ZvLgGwkBPwxACA4oDZG1aSq5kLFA
AN-X-Request-Uuid: 1d516801-8222-4059-9b6d-41101ce12142
Set-Cookie: uuid2=3807105356645566171; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Jun-2023 11:13:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.210.82307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 11:13:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: f4098f59-279d-46f9-95aa-8f831d71df0d
Set-Cookie: uuid2=8812137357573698347; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Jun-2023 11:13:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-4v3vc2fn58ZvLgGwkBPwxACA4oChnemAjeH8Rw
23.38.200.22200 OK 237 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-4v3vc2fn58ZvLgGwkBPwxACA4oChnemAjeH8Rw
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 74378edf31ef26cd97c236ad08d05fa3
fdd52cdbf193d1dfd1031978667689f3414b49ed
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
GET /cksync.php?cs=3&type=crt&ovsid=k-4v3vc2fn58ZvLgGwkBPwxACA4oChnemAjeH8Rw HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 237
content-type: image/gif
set-cookie: visitor-id=3223988273580232000V10; Expires=Wed, 20 Mar 2024 11:13:47 GMT; domain=.media.net; Path=/;
data-c-ts=1679397227;Expires=Thu, 20 Apr 2023 11:13:47 GMT;path=/;domain=.media.net;
data-c=k-4v3vc2fn58ZvLgGwkBPwxACA4oChnemAjeH8Rw~~3;Expires=Thu, 20 Apr 2023 11:13:47 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Tue, 21 Mar 2023 11:13:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 11:13:47 GMT
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-uUPxA2fn58ZvLgGwkBPwxACA4oCw1WOcdC_-sA
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-uUPxA2fn58ZvLgGwkBPwxACA4oCw1WOcdC_-sA
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-uUPxA2fn58ZvLgGwkBPwxACA4oCw1WOcdC_-sA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.10
content-length: 23
expires: Tue, 21 Mar 2023 11:13:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 21 Mar 2023 11:13:47 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_cm&google_hm=ay04NDBFUjJmbjU4WnZMZ0d3a0JQd3hBQ0E0b0FoZk85MmJodFhVdw
172.217.21.162302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_cm&google_hm=ay04NDBFUjJmbjU4WnZMZ0d3a0JQd3hBQ0E0b0FoZk85MmJodFhVdw
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 569d6e45f341418b6e57fae602871e43
cd32679fcefe7b1f895cbd2447f65992f4772789
5c8a3b346e5037ad9ef1ca00a391ab2a4b2926aeaa2d76ab491c41d3b0df9cc8
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_cm&google_hm=ay04NDBFUjJmbjU4WnZMZ0d3a0JQd3hBQ0E0b0FoZk85MmJodFhVdw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_cm=&google_hm=ay04NDBFUjJmbjU4WnZMZ0d3a0JQd3hBQ0E0b0FoZk85MmJodFhVdw&google_tc=
date: Tue, 21 Mar 2023 11:13:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Mar-2023 11:28:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c3cbd67cdb8567c010ec763a36ad6fc3
fd40f7f62a70270dd6cf4b756d1a376c20553a6c
9a6c5a32e10fc98dffc2c16c950718fefdcb0c84cb3400cd83191a7c668df095
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 11:13:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 01:56:51 GMT
Expires: Sat, 25 Mar 2023 01:56:50 GMT
Etag: "fd40f7f62a70270dd6cf4b756d1a376c20553a6c"
Cache-Control: max-age=311582,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ab5c47d4ad2b4fa-OSL
secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-gXhkNmfn58ZvLgGwkBPwxACA4oDZG1aSq5kLFA
185.89.210.141200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-gXhkNmfn58ZvLgGwkBPwxACA4oDZG1aSq5kLFA
IP 185.89.210.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-gXhkNmfn58ZvLgGwkBPwxACA4oDZG1aSq5kLFA HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 11:13:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 7b2d2b09-285e-409a-b898-1a97e825c5fa
Set-Cookie: anj=dTM7k!M4/rCxrEQF']wIg2E?jpfD(h!]tbPl@/D!9hy6]/Cr+n.x^mv5dIE-/0(o:m:^w-1E7BoiJqsrmc0K%3NY+f4z%)v??m/EF.-C?*bpRz*qF1`*bckv+i!*C; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Jun-2023 11:13:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_cm=&google_hm=ay04NDBFUjJmbjU4WnZMZ0d3a0JQd3hBQ0E0b0FoZk85MmJodFhVdw&google_tc=
172.217.21.162302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_cm=&google_hm=ay04NDBFUjJmbjU4WnZMZ0d3a0JQd3hBQ0E0b0FoZk85MmJodFhVdw&google_tc=
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 67f5ce23434a7f790da764ec916fd9c5
5bef689e29bbd0f49b740fe8c9d6054cacc33e91
f4bf4e8b72bbf72461542324e1b64358cdc18c5b31dd4bffce63b0153b0bbfa1
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_cm=&google_hm=ay04NDBFUjJmbjU4WnZMZ0d3a0JQd3hBQ0E0b0FoZk85MmJodFhVdw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_error=3
date: Tue, 21 Mar 2023 11:13:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=46&user_id=k-C6W1p2fn58ZvLgGwkBPwxACA4oCvtYm3dD8nMQ&expires=30
18.196.177.146302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-C6W1p2fn58ZvLgGwkBPwxACA4oCvtYm3dD8nMQ&expires=30
IP 18.196.177.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-C6W1p2fn58ZvLgGwkBPwxACA4oCvtYm3dD8nMQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 11:13:47 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-C6W1p2fn58ZvLgGwkBPwxACA4oCvtYm3dD8nMQ&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=c721ece6-2056-461a-9e38-0b711ffc3050; path=/; expires=Wed, 20-Mar-2024 11:13:47 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679397227; path=/; expires=Wed, 20-Mar-2024 11:13:47 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1679397227; path=/; expires=Wed, 20-Mar-2024 11:13:47 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679397227; path=/; expires=Wed, 20-Mar-2024 11:13:47 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash a14415b7f1558fb6b09cbb98adcd02b0
9fd9864c0a76772202e9157d8d8d4bfdc897630f
d7c78b6f1e68a40a4e80f0e59ea83f27522da3b23baf5a4ffac81f7d790824d8
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 11:13:47 GMT
Last-Modified: Tue, 21 Mar 2023 09:50:03 GMT
Server: ECAcc (bsa/EACA)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OfFAvxKwhSVqCOOHlTN6dM2HazyXIYj-ovWEi6jCO2vnR5MX9XUdOQ==
Age: 5024
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f7cdda0a50c9373619534f721e3fa839
50f3f9ebc144172526dc347bdd6cf87ecf00fbe2
373ecbde815717f7870b1bede265d8e54f7af09fa53ca19767dd105ee8c83946
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2318
Cache-Control: max-age=153129
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Etag: "64193b86-1d7"
Expires: Thu, 23 Mar 2023 05:45:56 GMT
Last-Modified: Tue, 21 Mar 2023 05:07:18 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-C6W1p2fn58ZvLgGwkBPwxACA4oCvtYm3dD8nMQ&expires=30
18.196.177.146200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-C6W1p2fn58ZvLgGwkBPwxACA4oCvtYm3dD8nMQ&expires=30
IP 18.196.177.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-C6W1p2fn58ZvLgGwkBPwxACA4oCvtYm3dD8nMQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=2711&xuid=k-lL1X92fn58ZvLgGwkBPwxACA4oCS92wiGUzUdg&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-lL1X92fn58ZvLgGwkBPwxACA4oCS92wiGUzUdg&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-lL1X92fn58ZvLgGwkBPwxACA4oCS92wiGUzUdg&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash a2dfb44f1016fb3a6bec735a928a6cd2
a86ebae4010a7fc51ec544d1541bcd5ca5150a43
ffa0656f87a8426eb3c295239326457cc14217c940bd4889726d79cfbc457674
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1903
Cache-Control: max-age=87570
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Etag: "64183d0e-1d7"
Expires: Wed, 22 Mar 2023 11:33:17 GMT
Last-Modified: Mon, 20 Mar 2023 11:01:34 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5FN22Wfn58ZvLgGwkBPwxACA4oAzYw6nzOx56g&expires=30
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5FN22Wfn58ZvLgGwkBPwxACA4oAzYw6nzOx56g&expires=30
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-5FN22Wfn58ZvLgGwkBPwxACA4oAzYw6nzOx56g&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash 9ce86fbf4606b2e8f0d32de6c6aa924a
373e097c8d2a4801b740f0276b1a9319f4d86480
217946ac054e7b56420cf2a4d99f89e7a1a1fcfec5f52c6779bcded1bd05991c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5620
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Etag: "64193190-138"
Last-Modified: Tue, 21 Mar 2023 09:40:07 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 312
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-f8_392fn58ZvLgGwkBPwxACA4oB0rVCdu5epmg
3.71.149.231302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-f8_392fn58ZvLgGwkBPwxACA4oB0rVCdu5epmg
IP 3.71.149.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-f8_392fn58ZvLgGwkBPwxACA4oB0rVCdu5epmg HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 11:13:47 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-f8_392fn58ZvLgGwkBPwxACA4oB0rVCdu5epmg&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGuRGWQCEFckvOxu0EdMdvjsDZ8XCfQFEgEBAQHiGmQjZAAAAAAA_eMAAA&S=AQAAAp2aftamYpqhwza0CJPuWNY; Expires=Wed, 20 Mar 2024 17:13:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.210.82302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 21 Mar 2023 11:13:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 10313bb8-367f-47f6-9678-72f4c76010b3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 757d018cb3865bfdbf076c5dfe75a2ca
e2c9e8a77bc7f01fcea91942e0c8c090c0b8a095
19d955a2697526fca2f9d41ac1ae692f6967f41b22e6a1c6bf9ed3768340c753
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 11:13:47 GMT
Last-Modified: Tue, 21 Mar 2023 09:35:05 GMT
Server: ECAcc (nya/788E)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cKpMF67RzSg3vBjXMgn_ke3jEXuCCmq6t6lDOFcMo34kDaiiKmawJQ==
Age: 5922
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b6179d7b7654b5569579d3eba8821d8f
ab4d9f98aba8e8b20e7f1ac962059d675a251438
8c9618abfb910332c26752ec52bf5df85b480b95a4e01c064f69ae12676f9a61
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 21 Mar 2023 11:13:47 GMT
Last-Modified: Tue, 21 Mar 2023 09:34:39 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QVvm6SmWvKKxBiiR1ISwKjRTEks6bikCzKODArRyIjVrlDmWthcztQ==
Age: 5949
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0ad80bb46f9f23ffd7579757a00fab18
226372075eb36b59faa70246dc12351d46e849e1
6df0c2f3b2272d1f02ecd1a650359e4e2d97b38ae3c6d106850e1e6449d3a003
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6DF0C2F3B2272D1F02ECD1A650359E4E2D97B38AE3C6D106850E1E6449D3A003"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9875
Expires: Tue, 21 Mar 2023 13:58:22 GMT
Date: Tue, 21 Mar 2023 11:13:47 GMT
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-f8_392fn58ZvLgGwkBPwxACA4oB0rVCdu5epmg&verify=true
3.71.149.231204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-f8_392fn58ZvLgGwkBPwxACA4oB0rVCdu5epmg&verify=true
IP 3.71.149.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-f8_392fn58ZvLgGwkBPwxACA4oB0rVCdu5epmg&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 21 Mar 2023 11:13:47 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGuRGWQCED2trH7bzgR9d_jdZl9t3UMFEgEBAQHiGmQjZAAAAAAA_eMAAA&S=AQAAAkf4ESwec3d4zdAgDy3Popo; Expires=Wed, 20 Mar 2024 17:13:47 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-HiJ9lGfn58ZvLgGwkBPwxACA4oBEqBXF5kPjAg
18.196.251.66204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-HiJ9lGfn58ZvLgGwkBPwxACA4oBEqBXF5kPjAg
IP 18.196.251.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-HiJ9lGfn58ZvLgGwkBPwxACA4oBEqBXF5kPjAg HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Mar 2023 11:13:47 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f012cdd7cf0de250dad5fe3f278cb616
cb16e7ba2d5b470c7ae19546e0b51ce5f2019af7
9e4071dcc60e43a82f4a24c60c8be0eecc25dcf39682c3bbf7d4ac50d6d1f5d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash bd6dd1e4145b102be0605c7bf73510de
aea2d5be6f1da68a4ecf30d18742ec2105576bfb
dd3903d5020665dc5e85aa0dcce1da29f7ab6cf796be44759e07795e53c2987b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Last-Modified: Tue, 21 Mar 2023 10:06:06 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ad.yieldlab.net/m?dt_id=8664&ext_id=k-ywKvImfn58ZvLgGwkBPwxACA4oBEBkhUmUTYOg
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-ywKvImfn58ZvLgGwkBPwxACA4oBEBkhUmUTYOg
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-ywKvImfn58ZvLgGwkBPwxACA4oBEBkhUmUTYOg HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-application-context: application
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Mon, 20 Mar 2023 11:13:47 GMT
Date: Tue, 21 Mar 2023 11:13:47 GMT
Connection: keep-alive
Set-Cookie: id=f1be2ba3-88c7-4ea6-a21a-676b4620f589; Path=/; Domain=prod.svc.y6b.de; Expires=Wed, 20-Mar-2024 11:13:47 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 8985a972c00f9f53b82336f5eba2a27d
a3b08130ee04b846718f40c6fe5222cc38a84c92
e687a038ca84c19c9346b0c5a66d17453d343b11265843739939c08d136027fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4896
Cache-Control: max-age=155698
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Etag: "64193b7d-1d7"
Expires: Thu, 23 Mar 2023 06:28:45 GMT
Last-Modified: Tue, 21 Mar 2023 05:07:09 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ac6e734bd85624156a1512ab7a8e1b4d
ec3bbd801b4fc49db898268dc9daa9782fb6a4cf
612d8a40f3b521e828cea72ffb73fdf856cd985cc67b3dd2f5cf4aabc206a1f5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1416
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Last-Modified: Tue, 21 Mar 2023 10:50:11 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-s75LOWfn58ZvLgGwkBPwxACA4oDDNf0gqdkIbg
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-s75LOWfn58ZvLgGwkBPwxACA4oDDNf0gqdkIbg
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-s75LOWfn58ZvLgGwkBPwxACA4oDDNf0gqdkIbg HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-s75LOWfn58ZvLgGwkBPwxACA4oDDNf0gqdkIbg&KRTB&23144-uid:k-s75LOWfn58ZvLgGwkBPwxACA4oDDNf0gqdkIbg&KRTB&23286-uid:k-s75LOWfn58ZvLgGwkBPwxACA4oDDNf0gqdkIbg&KRTB&23287-uid:k-s75LOWfn58ZvLgGwkBPwxACA4oDDNf0gqdkIbg; domain=pubmatic.com; secure; expires=Thu, 20-Apr-2023 11:13:47 GMT; path=/
PugT=1679397227; domain=pubmatic.com; secure; expires=Thu, 20-Apr-2023 11:13:47 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 599 B IP 178.250.0.157:0
Hash 5d10d21b10cd0a2237fee0e954fc3b74
e88f293ace88c99ab436515b74406069b6f8244e
eb3a5e33c3a008d5e14dc48099bfc9cfc0bc4590b86a30ba2acf1fae7635148e
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=73yv0l80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQkdYdFNCaTUzYkFLbjRNOVJDV0xyTzhYV0JsNDklMkJ0Mk1HbUtObUREMFY2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:45 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=kULz7V80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQkdYdFNCaTUzYkFLbjRNOVJDV0xyTW5aTUVGakNaWkxUWHN3Y2Q0JTJCclR5; expires=Sun, 14 Apr 2024 11:13:46 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 198101
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-u7xzJGfn58ZvLgGwkBPwxACA4oDcW1-Gml-U6g
141.95.33.111200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-u7xzJGfn58ZvLgGwkBPwxACA4oDcW1-Gml-U6g
IP 141.95.33.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-u7xzJGfn58ZvLgGwkBPwxACA4oDcW1-Gml-U6g HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Tue, 21-Mar-2023 11:18:47 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Tue, 21-Mar-2023 11:18:47 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Tue, 21-Mar-2023 11:18:47 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Tue, 21-Mar-2023 11:18:47 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Tue, 21-Mar-2023 11:18:47 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Tue, 21-Mar-2023 11:18:47 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Tue, 21 Mar 2023 11:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
dpm.demdex.net/ibs:dpid=28645&dpuuid=
52.17.35.147302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 52.17.35.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v046-0decf6b17.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=35339869851589206920153202704112530186; Max-Age=15552000; Expires=Sun, 17 Sep 2023 11:13:47 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Dezo6uZ2SIE=
Content-Length: 0
Connection: keep-alive
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JGIH-Gfn58ZvLgGwkBPwxACA4oDpbK77ilgfZw
52.28.36.16302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JGIH-Gfn58ZvLgGwkBPwxACA4oDpbK77ilgfZw
IP 52.28.36.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-JGIH-Gfn58ZvLgGwkBPwxACA4oDpbK77ilgfZw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JGIH-Gfn58ZvLgGwkBPwxACA4oDpbK77ilgfZw
set-cookie: tuuid=477a1ee8-8d1c-402e-8522-1c4c9b614bc5; Expires=Mon, 19 Jun 2023 11:13:47 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1679397227; Expires=Mon, 19 Jun 2023 11:13:47 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JGIH-Gfn58ZvLgGwkBPwxACA4oDpbK77ilgfZw
52.28.36.16200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JGIH-Gfn58ZvLgGwkBPwxACA4oDpbK77ilgfZw
IP 52.28.36.16:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-JGIH-Gfn58ZvLgGwkBPwxACA4oDpbK77ilgfZw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
52.17.35.147200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 52.17.35.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v046-06ec06aa6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: B3ubkdV5SD4=
Content-Length: 59
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 058684d43af08f9db3c4e5c565b765c8
71e73fe47a679ae253fd57de9ca958167550054a
2803d33dc555a3a6f52da6eee5b2507b81f80a5e02df033bc44b970eee251914
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 11:13:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 15:11:56 GMT
Expires: Sat, 25 Mar 2023 15:11:55 GMT
Etag: "71e73fe47a679ae253fd57de9ca958167550054a"
Cache-Control: max-age=359287,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ab5c47e5c17b4fa-OSL
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 3b7e00d3365427eac621f1aea7e8539b
1ad3108bb6b40e9695f5277c6959bf151e5dcf1a
78a5728289113e31896141c358045c9dee0b3fc3697702b9b8eca5584cbf2ece
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121223
Date: Tue, 21 Mar 2023 11:13:47 GMT
Etag: "6418b328-1d7"
Expires: Wed, 22 Mar 2023 20:54:10 GMT
Last-Modified: Mon, 20 Mar 2023 19:25:28 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D_roR-nV88d3DqoGzB7QuU-EJoQinoMZmETIxCDRWs9Vpc-Fz2iBxA==
Age: 5322
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.1.11302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 21 Mar 2023 11:13:46 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 479208
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-emy4CGfn58ZvLgGwkBPwxACA4oCCXukD4VA6lQ&initiator=partner
64.202.112.255200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-emy4CGfn58ZvLgGwkBPwxACA4oCCXukD4VA6lQ&initiator=partner
IP 64.202.112.255:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-emy4CGfn58ZvLgGwkBPwxACA4oCCXukD4VA6lQ&initiator=partner HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 11:13:47 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: bf480dddcedc78339590a781db3590b4
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 4cdb361203728ad14e834b1067a14a31
f3efa54f73671a48a7293c89bc06afae4492ed45
46e1c58081d4456a896e14b5f7b6f8fa3c4c297f9f0d0dfc4c96204c07653621
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126909
Date: Tue, 21 Mar 2023 11:13:47 GMT
Etag: "6418cdcb-1d7"
Expires: Wed, 22 Mar 2023 22:28:56 GMT
Last-Modified: Mon, 20 Mar 2023 21:19:07 GMT
Server: ECAcc (nya/788E)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pF7ziwZgeVB9BlX0Kn_2co6PO6Q5SSj45U9vRfmn3tX9tZWf00neMw==
Age: 4189
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Cd2XUGfn58ZvLgGwkBPwxACA4oCHRw33OBKn1A
185.255.84.153200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Cd2XUGfn58ZvLgGwkBPwxACA4oCHRw33OBKn1A
IP 185.255.84.153:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Cd2XUGfn58ZvLgGwkBPwxACA4oCHRw33OBKn1A HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=116db0c1e20a54bede4d9713709a9215; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 11:13:47 GMT
content-length: 49
x-envoy-upstream-service-time: 42
server: ayl-lb-fra02
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-aborPWfn58ZvLgGwkBPwxACA4oDZlAywfdWYMA&pn_id=criteo&ext=1
63.32.242.157200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-aborPWfn58ZvLgGwkBPwxACA4oDZlAywfdWYMA&pn_id=criteo&ext=1
IP 63.32.242.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-aborPWfn58ZvLgGwkBPwxACA4oDZlAywfdWYMA&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gf8a86e4aaa68d5f6b8d%7C1679397227530%7C0%7C; Domain=.yieldmo.com; Expires=Wed, 20-Mar-2024 11:13:47 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-aborPWfn58ZvLgGwkBPwxACA4oDZlAywfdWYMA; Domain=ads.yieldmo.com; Expires=Wed, 20-Mar-2024 11:13:47 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash aa376176080625d9de098842c0435599
4feaa1cc55de1761f3a1752d0ce7c43656c2ffdf
df8e740fa3c5c9eccc9b5deb2736215d18d386924277d4e448efa3908b56586c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4094
Cache-Control: max-age=128235
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 11:13:47 GMT
Etag: "6418d358-1d7"
Expires: Wed, 22 Mar 2023 22:51:02 GMT
Last-Modified: Mon, 20 Mar 2023 21:42:48 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
54.171.92.63204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 54.171.92.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 21 Mar 2023 11:13:47 GMT
set-cookie: _kuid_=PcpzCrVI; Expires=Sun, 17-Sep-23 11:13:47 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n003-dub-prod.krxd.net
x-request-time: D=33 t=1679397227
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 108 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0afc8703453cc5657f4d39c66ab436d6
9a8e57a6379d9df2861ec2ecbc4565e4e30d553d
8294405a0978b08e5765d0b0036be7302ab9a857d4ea42de45f3343bea64e129
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 108
date: Tue, 21 Mar 2023 11:13:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.1.9200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.1.9:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 348805
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-22aI9Gfn58ZvLgGwkBPwxACA4oCRIEUC2do_QQ
52.7.244.27200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-22aI9Gfn58ZvLgGwkBPwxACA4oCRIEUC2do_QQ
IP 52.7.244.27:0
GET /sync?UICR=k-22aI9Gfn58ZvLgGwkBPwxACA4oCRIEUC2do_QQ HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:47 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
set-cookie: tvid=c0db95cd9c5946a9968cb575f21a190b; Domain=.tremorhub.com; Expires=Wed, 20-Mar-2024 17:02:07 GMT; Path=/; Secure; SameSite=None
tv_UICR=k-22aI9Gfn58ZvLgGwkBPwxACA4oCRIEUC2do_QQ; Domain=.tremorhub.com; Expires=Thu, 20-Apr-2023 11:13:47 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed/embed.156ba9b6.js
151.101.246.251200 OK 0 B URL HTTP/2 open.spotifycdn.com/cdn/build/embed/embed.156ba9b6.js
IP 151.101.246.251:0
GET /cdn/build/embed/embed.156ba9b6.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 10:57:31 GMT
etag: "9cb3c393f52e1bd75063b712435d0940"
x-goog-generation: 1679396251807349
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 52617
content-type: application/javascript
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 11:13:44 GMT
age: 786
x-served-by: cache-chi-klot8100055-CHI, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 27, 227
access-control-allow-origin: https://open.spotify.com
cache-control: public, max-age=31536000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 52617
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.7200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.7:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 77415
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_error=3
178.250.1.9200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_error=3
IP 178.250.1.9:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-840ER2fn58ZvLgGwkBPwxACA4oAhfO92bhtXUw&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:46 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 95980
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.fjellsport.no&origin=onetag
IP 178.250.1.11:0
GET /syncframe?topUrl=www.fjellsport.no&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 11:13:45 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=784f924f-8308-4b18-a300-ff580d17c15b; expires=Sun, 14 Apr 2024 11:13:45 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 322004
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-U_VLcmfn58ZvLgGwkBPwxACA4oA58KunyXWL3Q
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-U_VLcmfn58ZvLgGwkBPwxACA4oA58KunyXWL3Q
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-U_VLcmfn58ZvLgGwkBPwxACA4oA58KunyXWL3Q HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 11:13:47 GMT
x-fastly-to-nlb-rtt: 21827
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-v33PmGfn58ZvLgGwkBPwxACA4oA3qDr4dEiwGA
185.86.139.102200 OK 0 B URL HTTP/2 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-v33PmGfn58ZvLgGwkBPwxACA4oA3qDr4dEiwGA
IP 185.86.139.102:0
ASN #201081 SmartAdServer SAS
GET /redir/?partnerid=79&partneruserid=k-v33PmGfn58ZvLgGwkBPwxACA4oA3qDr4dEiwGA HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 21 Mar 2023 11:13:46 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=7938671293838393723; expires=Sun, 21 Apr 2024 11:13:47 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 21 Apr 2024 11:13:47 GMT; domain=smartadserver.com; path=/
csync=79:k-v33PmGfn58ZvLgGwkBPwxACA4oA3qDr4dEiwGA; expires=Thu, 21 Mar 2024 11:13:47 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Firefox-Spdy: h2
api.yadore.com/v2/r/deeplink?e=YmxTalRiTXg1TS9CeThlT1VudFRTd3FVOWRrNVFybVFybVQrWUtsdzNodkw5RldNTHFydXBidDhYQitrWWtUbnYyN1lNQzdlRGZXYXFsVURGeFdGUW5UVWdPQ3dlMFRRM0pBZms1ZnRYd3pEeHBiWTJoUzlQMEpMZWVOYnpnWlRheUJ0SnRpallQamE0bFJpWGp0ckprcnY5bUhOdjA4NzZMWHkxU3FKdWtMUjVtOD0=&i=JVVPMvAYFMecxBaC&placementId=1b0dc15c8df4f15d19b2092e8da0fafb
88.99.112.2302 Found 0 B URL HTTP/2 api.yadore.com/v2/r/deeplink?e=YmxTalRiTXg1TS9CeThlT1VudFRTd3FVOWRrNVFybVFybVQrWUtsdzNodkw5RldNTHFydXBidDhYQitrWWtUbnYyN1lNQzdlRGZXYXFsVURGeFdGUW5UVWdPQ3dlMFRRM0pBZms1ZnRYd3pEeHBiWTJoUzlQMEpMZWVOYnpnWlRheUJ0SnRpallQamE0bFJpWGp0ckprcnY5bUhOdjA4NzZMWHkxU3FKdWtMUjVtOD0=&i=JVVPMvAYFMecxBaC&placementId=1b0dc15c8df4f15d19b2092e8da0fafb
IP 88.99.112.2:0
ASN #24940 Hetzner Online GmbH
GET /v2/r/deeplink?e=YmxTalRiTXg1TS9CeThlT1VudFRTd3FVOWRrNVFybVFybVQrWUtsdzNodkw5RldNTHFydXBidDhYQitrWWtUbnYyN1lNQzdlRGZXYXFsVURGeFdGUW5UVWdPQ3dlMFRRM0pBZms1ZnRYd3pEeHBiWTJoUzlQMEpMZWVOYnpnWlRheUJ0SnRpallQamE0bFJpWGp0ckprcnY5bUhOdjA4NzZMWHkxU3FKdWtMUjVtOD0=&i=JVVPMvAYFMecxBaC&placementId=1b0dc15c8df4f15d19b2092e8da0fafb HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lookandfind.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 11:13:41 GMT
location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffjellsport.no%2F&custom1=a7fef098f9fc1f00e1a5cc88675d757304919b0aaee67da8f15eefb5b3b1c905&custom2=SRdytlITOR16&custom3=false
server: nginx
x-powered-by: PHP/8.0.26
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-75470.js?sv=7
54.230.111.66200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-75470.js?sv=7
IP 54.230.111.66:0
GET /c/hotjar-75470.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Mar 2023 11:13:11 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/3c4d85b6d406371732d90d31b709f735
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MMrhtpXCadnneZXCqovEe6Uj8_NyVAgeC964NmuJRH391ijrY2cFfw==
age: 32
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.0.130:0
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fjellsport.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 11:13:45 GMT
content-type: text/javascript
last-modified: Tue, 07 Mar 2023 15:05:20 GMT
etag: W/"640752b0-ae53"
expires: Wed, 22 Mar 2023 11:13:45 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2