www.noregon.com Open in urlscan Pro
162.159.134.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.noregon.com/acton/ct/42948/s-0135-2109/Bct/q-000e/l-000c:12e82/ct2_0/1/lu?sid=TV2%3AeYQ0misLi
Effective URL:
https://www.noregon.com/jpro/software-update/
Submission: On September 22 via manual (September 22nd 2021, 5:11:22 pm UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 16 domains to perform 77 HTTP transactions. The main IP is 162.159.134.42, located in and belongs to CLOUDFLARENET, US. The main domain is www.noregon.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2021. Valid for: a year.

This is the only time www.noregon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	207.189.124.9 207.189.124.9	13649 (ASN-VINS) (ASN-VINS)
1	162.159.134.42 162.159.134.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	18.66.97.122 18.66.97.122	16509 (AMAZON-02) (AMAZON-02)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	130.211.30.48 130.211.30.48	15169 (GOOGLE) (GOOGLE)
1	34.255.166.68 34.255.166.68	16509 (AMAZON-02) (AMAZON-02)
1	34.252.183.11 34.252.183.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
77	22

7 207.189.124.9 (United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: forpci11.actonsoftware.com

go.noregon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.134.42 (None, )

ASN13335 (CLOUDFLARENET, US)

www.noregon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

mk0noregon3jonoq4h4v.kinstacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.122 (United States)

ASN16509 (AMAZON-02, US)

cdn.leadmanagerfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.30.48 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 48.30.211.130.bc.googleusercontent.com

t.leadmanagerfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.166.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.183.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-183-11.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	kinstacdn.com mk0noregon3jonoq4h4v.kinstacdn.com	736 KB
8	noregon.com 1 redirects go.noregon.com www.noregon.com	44 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	206 KB
5	crazyegg.com script.crazyegg.com tracking.crazyegg.com	43 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	10 KB
3	bing.com bat.bing.com	10 KB
3	leadmanagerfx.com cdn.leadmanagerfx.com t.leadmanagerfx.com	20 KB
2	google.com www.google.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	websitepolicies.io cdn.websitepolicies.io	8 KB
1	google.de www.google.de	522 B
1	doubleclick.net stats.g.doubleclick.net	463 B
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	54 KB
77	16

	Domain	Requested by
36	mk0noregon3jonoq4h4v.kinstacdn.com	www.noregon.com mk0noregon3jonoq4h4v.kinstacdn.com
7	go.noregon.com	1 redirects www.noregon.com go.noregon.com
5	fonts.gstatic.com	fonts.googleapis.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.noregon.com
3	fonts.googleapis.com	www.noregon.com
2	www.google.com	www.noregon.com go.noregon.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	cdn.leadmanagerfx.com	www.noregon.com
2	cdn.websitepolicies.io	www.noregon.com cdn.websitepolicies.io
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	go.noregon.com
1	insight.adsrvr.org	js.adsrvr.org
1	tracking.crazyegg.com	script.crazyegg.com
1	t.leadmanagerfx.com	cdn.leadmanagerfx.com
1	www.google.de	www.noregon.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.noregon.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.noregon.com
1	www.googletagmanager.com	www.noregon.com
1	js.adsrvr.org	www.noregon.com
1	www.noregon.com
77	24

This site contains links to these domains. Also see Links.

Domain
support.noregon.com
www.youtube.com
s3.amazonaws.com
www.facebook.com
www.linkedin.com
mk0noregon3jonoq4h4v.kinstacdn.com
shop.noregon.com

Subject Issuer	Validity	Valid
noregon.com Cloudflare Inc ECC CA-3	`2021-04-22` - `2022-04-21`	a year	crt.sh
*.kinstacdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-08` - `2022-03-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.websitepolicies.io R3	`2021-09-18` - `2021-12-17`	3 months	crt.sh
cdn.leadmanagerfx.com Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
go.noregon.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
t.leadmanagerfx.com GTS CA 1D4	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.noregon.com/jpro/software-update/
Frame ID: 7C17EE4638B9DDC4CEDD75C81D6048F2
Requests: 76 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=qmwiwcp&ref=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&upid=c464dos&upv=1.1.0
Frame ID: 329214AE294E100201381F014A95DA18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JPRO Software Update | Noregon

Page URL History Show full URLs

https://go.noregon.com/acton/ct/42948/s-0135-2109/Bct/q-000e/l-000c:12e82/ct2_0/1/lu?sid=TV2%3AeYQ0... HTTP 302
https://www.noregon.com/jpro/software-update/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

77
Requests

100 %
HTTPS

63 %
IPv6

16
Domains

24
Subdomains

22
IPs

6
Countries

1158 kB
Transfer

4248 kB
Size

21
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://support.noregon.com/
Title: JPRO Support Ticket

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=QbxVGrag0t4
Title: IWHAT'S NEW IN 2021 v2

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/JPROUpdate/JPRO+Fleet+Diagnostics/JproSetup.exe
Title: click here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NoregonSystems/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/noregon-systems/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbtfEc3tjH2l6hZCx01v9Aw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/76375/
Title: Follow

Search URL Search Domain Scan URL

URL: https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/03/Noregon-Standard-Terms-and-Conditions.pdf
Title: PO Terms & Conditions

Search URL Search Domain Scan URL

URL: https://shop.noregon.com/collections/adapters-and-cables
Title: SAVE TODAY - CLICK HERE TO PURCHASE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.noregon.com/acton/ct/42948/s-0135-2109/Bct/q-000e/l-000c:12e82/ct2_0/1/lu?sid=TV2%3AeYQ0misLi HTTP 302
https://www.noregon.com/jpro/software-update/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D657601%26time%3D1632330676344%26url%3Dhttps%253A%252F%252Fwww.noregon.com%252Fjpro%252Fsoftware-update%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&liSync=true&e_ipv6=AQLGmESmVPoDGwAAAXwOfXrlTrdFeQGHCVdns27Ia_yOMlND-fHHpPaSoqMAriqCWUi0whbt-9mj

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.noregon.com/jpro/software-update/
Redirect Chain

https://go.noregon.com/acton/ct/42948/s-0135-2109/Bct/q-000e/l-000c:12e82/ct2_0/1/lu?sid=TV2%3AeYQ0misLi
https://www.noregon.com/jpro/software-update/

85 KB
19 KB

571ms
463ms

Document
text/html

162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

010642b65fe2cb0c36914fbd60593aa97362a826fce709ea355e1caa0a7af897

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.noregon.com
:scheme: https
:path: /jpro/software-update/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: wp42948="XVCXBDs-TTTJ:UVLBVDtlnDl-TUWY-VUTCDDDTALJXWDgNssDDLFl-TUWY-VUTCFJmV_T^UZWVWWTZAY"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 692d26c16edb4a85-FRA
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ki-edge: v=16.4
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Set-Cookie: wp42948="XVCXBDs-TTTJ:UVLBVDtlnDl-TUWY-VUTCDDDTALJXWDgNssDDLFl-TUWY-VUTCFJmV_T^UZWVWWTZAY"; Max-Age=31536000; SameSite=None; Secure; Domain=.noregon.com; Version=1; Path=/
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://www.noregon.com/jpro/software-update/
Content-Length: 0
Date: Wed, 22 Sep 2021 17:11:14 GMT
Keep-Alive: timeout=10
Connection: keep-alive
Strict-Transport-Security: max-age=16070400

GET
H2 200 modules.ttf
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/core/admin/fonts/ 90 KB
38 KB 92ms
14ms Font
application/x-font-ttf 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.noregon.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=14
x-edge-location: defr
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99b765a500004dd626963000000001
last-modified: Fri, 16 Apr 2021 14:55:17 GMT
server: keycdn-engine
etag: W/"6079a555-168f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 65d6281c3c3c4dd6-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 ET-Bloom.woff
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/fonts/ 6 KB
4 KB 109ms
31ms Font
application/font-woff 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/fonts/ET-Bloom.woff

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

89b6fc20e99da6c304c84e47abe126d4f7eb31e5366e97b451a9aca07181ddb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.noregon.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.2
x-edge-location: defr
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 13:35:38 GMT
server: keycdn-engine
etag: W/"606c63aa-172c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 681d90cb3f5c4de8-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 style.min.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 86ms
9ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 16 Apr 2021 12:12:38 GMT
server: keycdn-engine
etag: W/"60797f36-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 68e77d50db27074a-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 vendors-style.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 3 KB
2 KB 87ms
10ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=5.3.2

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:09:58 GMT
server: keycdn-engine
etag: W/"60f041b6-ccc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 691b12148bea4aa9-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 style.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 177 KB
20 KB 87ms
11ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=5.3.2

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

52c73f771b2dbffa8a73db2bb3279672244d2a28e4bdff33a11d59cac9402875

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:09:58 GMT
server: keycdn-engine
etag: W/"60f041b6-2c44d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 691b1214883f5b4a-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 swiper.min.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/styles/ 19 KB
4 KB 91ms
14ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/styles/swiper.min.css?ver=5.7.3

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

46bbc7b22b8c58dc664cd4b31da0906636b96c8d64b839b1671d3eff081f6c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 02 Dec 2020 18:11:11 GMT
server: keycdn-engine
etag: W/"5fc7d8bf-4d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 68e5b08ede914a56-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05b0fb671e95dcedffe88e42c9a4cf46c97d4070f789183ee507ceef254cfee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:58:24 GMT
server: ESF
date: Wed, 22 Sep 2021 17:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 17:11:15 GMT

GET
H2 200 style.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/ 805 KB
85 KB 92ms
16ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/style.css?ver=4.9.9

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

aea978f63bf8b072b3fd3dc4bf46c0acbfad2d11c84ec1c5d546063768e8ae21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.4
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:10:39 GMT
server: keycdn-engine
etag: W/"60f041df-c958f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 6926c2015c94175a-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 style.min.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/styles/ 11 KB
2 KB 99ms
23ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/styles/style.min.css?ver=1.0.12

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

4edf92544c1bd1432b517c7014646632bcd4731bebc32350574dd2a3f45c0c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=14
x-edge-location: defr
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a99b7661d0000bec45f18c000000001
last-modified: Wed, 02 Dec 2020 18:11:11 GMT
server: keycdn-engine
etag: W/"5fc7d8bf-2a11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 65d6281cfed9bec4-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 style.min.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-module/styles/ 16 KB
3 KB 98ms
22ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-module/styles/style.min.css?ver=1.0.9

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

8a5b20917f186c9ddd1997fee322a8043455c3b2effeea80d7690e6d3f1478c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 18 May 2021 15:59:12 GMT
server: keycdn-engine
etag: W/"60a3e450-40fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 68e5b08edc555c4a-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 style.min.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/supreme-modules-pro-for-divi/styles/ 347 KB
35 KB 98ms
22ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.5.91

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

72d211900bff1305dcc2e510f7f946a108243b31ca02ab2b332b0757e048afec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:10:28 GMT
server: keycdn-engine
etag: W/"60f041d4-56dfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 68e5b08edcad695e-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&subset=latin,latin-ext&display=swap

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05b0fb671e95dcedffe88e42c9a4cf46c97d4070f789183ee507ceef254cfee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:54:52 GMT
server: ESF
date: Wed, 22 Sep 2021 17:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 17:11:15 GMT

GET
H2 200 jquery.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/jquery/ 87 KB
31 KB 98ms
23ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.4
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 19 Jan 2021 15:08:22 GMT
server: keycdn-engine
etag: W/"6006f5e6-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 692bb83e7bd142db-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/jquery/ 11 KB
5 KB 98ms
23ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 19 Jan 2021 15:08:22 GMT
server: keycdn-engine
etag: W/"6006f5e6-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 690e0776fd5c5c38-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 NoregonLogoWeb.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/03/ 22 KB
23 KB 26ms
24ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/03/NoregonLogoWeb.png

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c51d91212073b06630024361849c5a3840623679c6565c2605b3e468257f4fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23010
last-modified: Thu, 04 Mar 2021 22:20:48 GMT
server: keycdn-engine
etag: "60415d40-59e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 690e0fc9edafc2db-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 Facebook.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/ 1022 B
2 KB 26ms
24ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/Facebook.png

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

12f7f7e4c97cfc87af1c4b2184fa8c84310eeb81bc75c256acb799fe6c0e59a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1022
last-modified: Wed, 13 Jan 2021 23:34:17 GMT
server: keycdn-engine
etag: "5fff8379-3fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 691507439ce76993-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 LinkedIn.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/ 1007 B
1 KB 26ms
25ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/LinkedIn.png

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c4d434b04115c556426cd6c473714c0a22dc07d789e8ff9a73f2693aa6c4b793

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1007
last-modified: Wed, 13 Jan 2021 23:34:14 GMT
server: keycdn-engine
etag: "5fff8376-3ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 6915074359b54d8a-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 YouTube.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/ 691 B
1 KB 27ms
25ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/YouTube.png

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

d526af1678c42c45d7bf90f45f8b69938953014ebbabed059088ed19d67962d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 691
last-modified: Wed, 13 Jan 2021 23:34:16 GMT
server: keycdn-engine
etag: "5fff8378-2b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 6915074359615b26-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 MSGoldPartner-300x80.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2020/12/ 15 KB
15 KB 27ms
25ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2020/12/MSGoldPartner-300x80.png

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

f9ba346abf2c05355597adbe3499dbceece6735f94a065220d4c2b454faa67c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15043
last-modified: Wed, 02 Dec 2020 17:30:35 GMT
server: keycdn-engine
etag: "5fc7cf3b-3ac3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 691507443d622c22-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 CMMIDev3Logo-WHITE-e1546890374930.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2020/12/ 3 KB
4 KB 27ms
25ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2020/12/CMMIDev3Logo-WHITE-e1546890374930.png

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

378eaac8edb0b258bad9da4fcf54111180d5fd8782d33a1b567b659bd9ffccfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3102
last-modified: Wed, 02 Dec 2020 17:34:02 GMT
server: keycdn-engine
etag: "5fc7d00a-c1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 69150743dbc12c19-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 cookieconsent.min.js Show response
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 11 KB
6 KB 156ms
86ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/22/2021 19:11:16
cdn-pullzone: 403741
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
expires: Fri, 22 Oct 2021 17:11:16 GMT
last-modified: Mon, 31 May 2021 16:10:23 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, must-revalidate, proxy-revalidate, no-cache, max-age=2592000
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 54557f22d00b32f8d0789c78004ad684
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 NoregonEmblem.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/ 28 KB
28 KB 28ms
26ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/01/NoregonEmblem.png

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

04b1cb0da9d1a274cfe83b908b812ac4a9b1173f979fe405ca66cce036915d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28367
last-modified: Thu, 14 Jan 2021 00:37:15 GMT
server: keycdn-engine
etag: "5fff923b-6ecf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 690e0fe85ae8698f-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 Sep_2021_Promo_Bloom-610x201.jpg
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/08/ 29 KB
30 KB 28ms
26ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/08/Sep_2021_Promo_Bloom-610x201.jpg

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

7af63e35e834a2e157b9574893d55c9ec07680863e14ab1e50ef791cf076172e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29705
last-modified: Tue, 31 Aug 2021 11:48:41 GMT
server: keycdn-engine
etag: "612e1719-7409"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 690e101189e65c74-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H/1.1 200
OK 2476 Show response
cdn.leadmanagerfx.com/js/mcfx/ 44 KB
11 KB 514ms
426ms Script
text/javascript 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leadmanagerfx.com/js/mcfx/2476
Requested by: Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5a0f693a19cb9e94494d8e0e9aa647e613179a6b77040afddc9d0063765fedaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:16 GMT
Content-Encoding: gzip
X-Edge-Origin-Shield-Skipped: 0
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Pragma: no-cache
Access-Control-Allow-Origin: *
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Via: 1.1 3a3c1dcacd115187f53f40028ae4bd25.cloudfront.net (CloudFront)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: -PgW4l_hgSTHbqrmTUTeCVOx_0EmX7dx59nX00oBaI6Ko7oAjKhDmQ==
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 2476 Show response
cdn.leadmanagerfx.com/phone/js/ 25 KB
8 KB 532ms
444ms Script
text/javascript 18.66.97.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leadmanagerfx.com/phone/js/2476
Requested by: Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ab1a66028d285358a94a6512903a93bf91af222547c8bcfe8e145b48502bc479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:16 GMT
Content-Encoding: gzip
X-Edge-Origin-Shield-Skipped: 0
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Pragma: no-cache
Access-Control-Allow-Origin: *
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS, PATCH, HEAD
Content-Type: text/javascript;charset=UTF-8
Via: 1.1 9015971351bc982a04ee209a022bb1f9.cloudfront.net (CloudFront)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Amz-Cf-Pop: FRA56-P2
Access-Control-Allow-Headers: Authorization, Content-Type
X-Amz-Cf-Id: lhe9UVEVvpGAx3Agm03BMrtugD6r5XtoYSuyGKgWFg6BXkLsz8kddw==
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 47ms
15ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 02:51:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 51570
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/x-javascript
Via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: Bc0PhkwauCyZfyy800Gj9g0fibvH7SLb6Dnv_oODr9cfcwEPWg5afg==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
705 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&ver=1.3.12

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a3fdc40352c38d67dc1ca75dd2acc8280c0ef1b6402d81fe45e8afd528cb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:49:53 GMT
server: ESF
date: Wed, 22 Sep 2021 17:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 17:11:15 GMT

GET
H2 200 style.css
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/ 93 KB
12 KB 23ms
21ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/style.css?ver=1.3.12

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

846190311422b8501d25e7fa82a6f03640979882b59b875da0c038877bd15151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 13:35:38 GMT
server: keycdn-engine
etag: W/"606c63aa-1756f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 691b1214ed7a4e26-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 swiper.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/scripts/ 135 KB
35 KB 24ms
21ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/scripts/swiper.min.js?ver=5.2.1

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

0a75aa5bab9865958cd01d39856dc37e96491296ef55f5d2fdce2915b1ea1c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 02 Dec 2020 18:11:11 GMT
server: keycdn-engine
etag: W/"5fc7d8bf-21cea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 690e07797fb86901-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 custom.unified.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/js/ 606 KB
160 KB 24ms
21ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/js/custom.unified.js?ver=4.9.9

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

00f110b686e92d6aa3bed351112fb05074547961b22c0fc5994b203a7dca3c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:10:39 GMT
server: keycdn-engine
etag: W/"60f041df-97620"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 691b1214ec2a6993-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 frontend-bundle.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/scripts/ 4 KB
2 KB 24ms
22ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-carousel/scripts/frontend-bundle.min.js?ver=1.0.12

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

bfebe0f52ced8bc7062d12767d5e3df778ab0f93e1cf05147e08aaf9e62205f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 02 Dec 2020 18:11:11 GMT
server: keycdn-engine
etag: W/"5fc7d8bf-f6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 690e0779a92542f1-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 frontend-bundle.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-module/scripts/ 5 KB
2 KB 24ms
22ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/dg-blog-module/scripts/frontend-bundle.min.js?ver=1.0.9

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

82ed6b34774e4dbc026c4fb6d8143de96fec7a28743cb324ee1662230a5375c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.4
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 18 May 2021 15:59:12 GMT
server: keycdn-engine
etag: W/"60a3e450-1525"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 692bb83ebbf85b8c-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 frontend-bundle.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/supreme-modules-pro-for-divi/scripts/ 2 KB
1 KB 24ms
22ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/supreme-modules-pro-for-divi/scripts/frontend-bundle.min.js?ver=4.5.91

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

217daece9229cbf8910740951a40a59ee2a647e8a4767af4076657a93e9aed24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.4
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:10:28 GMT
server: keycdn-engine
etag: W/"60f041d4-8be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 692bb83ebeaec2ea-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:15 GMT

GET
H2 200 common.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/core/admin/js/ 1 KB
1 KB 25ms
22ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.9.9

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:10:39 GMT
server: keycdn-engine
etag: W/"60f041df-53f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 691b1214ef4b690d-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 wp-embed.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/ 1 KB
1 KB 25ms
23ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/wp-embed.min.js?ver=5.7.3

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Feb 2021 13:05:43 GMT
server: keycdn-engine
etag: W/"601bf127-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 690e077c4b5f6987-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 frontend.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/supreme-modules-pro-for-divi/includes/extensions/Popup/ 23 KB
3 KB 25ms
23ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/supreme-modules-pro-for-divi/includes/extensions/Popup/frontend.min.js?ver=4.5.91

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

d0b80c4222beaf6fe47ec73a9f222dbdc861e51a99d2608aa386d2c1448edcf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.4
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Jul 2021 14:10:29 GMT
server: keycdn-engine
etag: W/"60f041d5-5db4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 692bb83ebe71c2bd-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 jquery.uniform.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/js/ 8 KB
3 KB 25ms
23ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/js/jquery.uniform.min.js?ver=1.3.12

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

8a41d60f7762f2db0792fd909c3c09725f93d8fe1e94efcb2ca04293921e277a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 13:35:38 GMT
server: keycdn-engine
etag: W/"606c63aa-2074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 690e077c2ed24e86-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 custom.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/js/ 28 KB
7 KB 26ms
24ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/js/custom.js?ver=1.3.12

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

279f6b481748c18d498dd5ad4cb01aee8aaab9fe2845094491f2632d4b99b686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 13:35:38 GMT
server: keycdn-engine
etag: W/"606c63aa-7187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 691b1214ea695ba4-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 idle-timer.min.js Show response
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/js/ 2 KB
1 KB 26ms
24ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/js/idle-timer.min.js?ver=1.3.12

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 13:35:38 GMT
server: keycdn-engine
etag: W/"606c63aa-9d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 690e0779ac07694b-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
54 KB 63ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FXJKLF

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f45b3662e7adc9d2e409566d0cd14da7e15ce9e17dbc86fc2041d861abb5d7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54446
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:32:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Sep 2021 17:11:16 GMT

GET
H/1.1 200
OK 42948 Show response
go.noregon.com/cdnr/d11/acton/bn/tracker/ 5 KB
5 KB 175ms
175ms Script
application/javascript 207.189.124.9
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.noregon.com/cdnr/d11/acton/bn/tracker/42948

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.9 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci11.actonsoftware.com

Software

Apache-Coyote/1.1 /

Resource Hash

7e69acb6d6f3130d1365a3735e4ccfa3664d272c8e31d9481e4f133b6257acab

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:15 GMT
X-Cnection: close
Server: Apache-Coyote/1.1
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"
Content-Length: 4811
Strict-Transport-Security: max-age=16070400
Content-Type: application/javascript;charset=utf-8

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 31ms
8ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13604
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v25/ 14 KB
15 KB 54ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v25/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:44 GMT
x-content-type-options: nosniff
age: 2372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:44 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v25/ 15 KB
15 KB 53ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v25/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:32:34 GMT
x-content-type-options: nosniff
age: 2322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:32:34 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v25/ 15 KB
15 KB 54ms
12ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v25/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:44 GMT
x-content-type-options: nosniff
age: 2372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:44 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2
fonts.gstatic.com/s/opensans/v25/ 13 KB
14 KB 58ms
17ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v25/memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:44 GMT
x-content-type-options: nosniff
age: 2372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:44 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v25/ 13 KB
14 KB 55ms
15ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v25/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:44 GMT
x-content-type-options: nosniff
age: 2372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:44 GMT

GET
H/1.1 200 form_embed.js Show response
go.noregon.com/acton/content/ 47 KB
14 KB 248ms
176ms Script
text/javascript 207.189.124.9
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.noregon.com/acton/content/form_embed.js

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.9 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci11.actonsoftware.com

Software

Resource Hash

b0d9f34fc44b34c469a6de180472f24ecbc25de5db98126d2bdad5e7b9b9d713

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 17:22:32 GMT
ETag: W/"47727-1631899352000"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=16070400
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 13591

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D657601%26time%3D1632330676344%26url%3Dhttps%253A%252F%252Fwww.noregon.com%252Fjpr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&liSync=true&e_ipv6=AQLGmESmVPoDGwAAAXwOfXrlTrdFeQGHCVdns2...

0
370 B

324ms
120ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&liSync=true&e_ipv6=AQLGmESmVPoDGwAAAXwOfXrlTrdFeQGHCVdns27Ia_yOMlND-fHHpPaSoqMAriqCWUi0whbt-9mj
Requested by: Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:17 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: rYd4Sho0pxagj82cRisAAA==

Redirect headers

date: Wed, 22 Sep 2021 17:11:16 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=657601&time=1632330676344&url=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&liSync=true&e_ipv6=AQLGmESmVPoDGwAAAXwOfXrlTrdFeQGHCVdns27Ia_yOMlND-fHHpPaSoqMAriqCWUi0whbt-9mj
x-li-proto: http/2
x-li-pop: prod-edc2
content-length: 0
x-li-uuid: 3168Kxo0pxbA/Iyc1CoAAA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXJKLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1459
date: Wed, 22 Sep 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 22 Sep 2021 18:46:57 GMT

GET
H2 200 7620.js Show response
script.crazyegg.com/pages/scripts/0011/ 5 KB
2 KB 47ms
22ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0011/7620.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXJKLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12eef6601fa46d3f325eaf16a16033a19a757608dd5f9f7e75504e172f19e237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13016
cf-polished: origSize=4899
cf-ray: 692d26c779be4ed4-FRA
ce-version: 11.1.331
last-modified: Wed, 22 Sep 2021 13:34:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 95ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXJKLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:15 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref: Ref A: 92CD32917ECD435CBFBBE5A344C7760D Ref B: FRAEDGE1520 Ref C: 2021-09-22T17:11:16Z
etag: "80386a5f63aad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9827

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=832666242&t=pageview&_s=1&dl=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&ul=en-us&de=UTF-8&dt=JPRO%20Software%20Update%20%7C%20Noregon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1402417571&gjid=2055711024&cid=1282878431.1632330676&tid=UA-47512019-4&_gid=1025568753.1632330676&_r=1&gtm=2wg9k05FXJKLF&z=2126669604

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.noregon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.noregon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7620.json Show response
script.crazyegg.com/pages/data-scripts/0011/ 388 KB
14 KB 38ms
22ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0011/7620.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/7620.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54167b4e134d4016fe38cb753f7e135ee81d36f22a147b6951ba6402ad5b2fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13007
ce-version: 11.1.331
content-length: 13774
timing-allow-origin: *
last-modified: Wed, 22 Sep 2021 13:34:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 692d26c7d89f5c44-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
463 B 47ms
15ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-47512019-4&cid=1282878431.1632330676&jid=1402417571&gjid=2055711024&_gid=1025568753.1632330676&_u=YEBAAEAAAAAAAC~&z=272339826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.noregon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Sep 2021 17:11:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.noregon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 26001387.js Show response
bat.bing.com/p/action/ 0
131 B 185ms
185ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26001387.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Sep 2021 17:11:16 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 1239AF21405B439E89D25577133E29CE Ref B: FRAEDGE1520 Ref C: 2021-09-22T17:11:16Z
x-cache: CONFIG_NOCACHE

GET
H2 200 11.1.331.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 24ms
23ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/7620.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 14:00:21 GMT
server: cloudflare
age: 438844
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 692d26c81b244ed4-FRA
content-length: 21512

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 54ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-47512019-4&cid=1282878431.1632330676&jid=1402417571&_u=YEBAAEAAAAAAAC~&z=1138431826

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 54ms
31ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-47512019-4&cid=1282878431.1632330676&jid=1402417571&_u=YEBAAEAAAAAAAC~&z=1138431826

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 2476 Show response
t.leadmanagerfx.com/visit/add/ 17 B
172 B 229ms
187ms XHR
text/plain 130.211.30.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.leadmanagerfx.com/visit/add/2476
Requested by: Host: cdn.leadmanagerfx.com
URL: https://cdn.leadmanagerfx.com/js/mcfx/2476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.30.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 48.30.211.130.bc.googleusercontent.com
Software: Apache /
Resource Hash: f6d4d2bc529ae54543db99aeb2e4d063dc5f6cd4c0ae4a405e02fc91d2c9d143

Request headers

Referer: https://www.noregon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
via: 1.1 google
server: Apache
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.noregon.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 17

GET
H2 200 cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 4 KB
2 KB 91ms
91ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.css

Requested by

Host: cdn.websitepolicies.io
URL: https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/22/2021 19:11:16
cdn-pullzone: 403741
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
expires: Fri, 22 Oct 2021 17:11:16 GMT
last-modified: Fri, 21 May 2021 16:48:45 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, must-revalidate, proxy-revalidate, no-cache, max-age=2592000
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 962e821c0f84ba158ce99bcd83494f48
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7620.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0011/ 30 KB
6 KB 24ms
24ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0011/7620.json?t=453425
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a63506394b9b9dbbec60f7e69591393fe301df575d5b6d7ba6d15abf377b3e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 954
ce-version: 11.1.331
content-length: 5878
timing-allow-origin: *
last-modified: Wed, 22 Sep 2021 16:55:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 692d26ca78455c44-FRA

GET
H2 200 NOR-BKG-Texture-1-BW.jpg
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2020/12/ 117 KB
117 KB 9ms
8ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2020/12/NOR-BKG-Texture-1-BW.jpg

Requested by

Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ac1ae5c7d45d4b7a69527231324f5b9b0db365eda8c68523fef05cc4c44062e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 119592
last-modified: Wed, 02 Dec 2020 21:02:21 GMT
server: keycdn-engine
etag: "5fc800dd-1d328"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 691507435f7e05d4-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:16 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26001387&tm=gtm002&Ver=2&mid=e0438a25-f741-4b32-96ef-4aef0eb11061&sid=190c62e01bc811ecaada836e656acbe7&vid=190c86901bc811ecbfe761bc3528506e&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=JPRO%20Software%20Update%20%7C%20Noregon&p=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&r=&lt=2146&evt=pageLoad&msclkid=N&sv=1&rn=236195
Requested by: Host: www.noregon.com
URL: https://www.noregon.com/jpro/software-update/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 22 Sep 2021 17:11:16 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0862E4D4C3C348E0875277D694970B28 Ref B: FRAEDGE1520 Ref C: 2021-09-22T17:11:16Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 26 B
133 B 101ms
39ms XHR
text/plain 34.255.166.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1632330677197
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 31a8e5d18afbe0a3da5e589bd36adff009da84dfc5680da03d76b1f75daf885e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Sep 2021 17:11:17 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

GET
H2 200 ET-Bloom.woff
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/fonts/ 6 KB
4 KB 14ms
14ms Font
application/font-woff 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/fonts/ET-Bloom.woff?gd6mr8

Requested by

Host: mk0noregon3jonoq4h4v.kinstacdn.com
URL: https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/style.css?ver=1.3.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

89b6fc20e99da6c304c84e47abe126d4f7eb31e5366e97b451a9aca07181ddb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/style.css?ver=1.3.12
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 13:35:38 GMT
server: keycdn-engine
etag: W/"606c63aa-172c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 691b123aaf99430f-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:17 GMT

GET
H/1.1 200 form_flattener.css
go.noregon.com/acton/content/ 8 KB
2 KB 175ms
175ms Stylesheet
text/css 207.189.124.9
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.noregon.com/acton/content/form_flattener.css

Requested by

Host: go.noregon.com
URL: https://go.noregon.com/acton/content/form_embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.9 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci11.actonsoftware.com

Software

Resource Hash

d8654bb4dce6dcc5993a7604141dab13d86c061ea7441897426d4f61e9d13c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Sep 2021 17:27:20 GMT
ETag: W/"8569-1631899640000"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=16070400
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1762

GET
H/1.1 200 8085848f-75ab-48da-ad40-5e71fdfefa8a:d-0001 Show response
go.noregon.com/acton/openapi/form/v1/42948/ 5 KB
2 KB 193ms
193ms XHR
application/json 207.189.124.9
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.noregon.com/acton/openapi/form/v1/42948/8085848f-75ab-48da-ad40-5e71fdfefa8a:d-0001?ts=1632330677538

Requested by

Host: go.noregon.com
URL: https://go.noregon.com/acton/content/form_embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.9 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci11.actonsoftware.com

Software

Resource Hash

0569b6397bdc3f627d0758e51f39dff40a2e84258cb45511dd070d4e5d3f02d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.noregon.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=16070400
Keep-Alive: timeout=10
Content-Length: 1585
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 9e7a80fc-126f-4190-a048-580f29a7b44c:d-0001 Show response
go.noregon.com/acton/openapi/form/v1/42948/ 5 KB
2 KB 356ms
183ms XHR
application/json 207.189.124.9
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.noregon.com/acton/openapi/form/v1/42948/9e7a80fc-126f-4190-a048-580f29a7b44c:d-0001?ts=1632330677541

Requested by

Host: go.noregon.com
URL: https://go.noregon.com/acton/content/form_embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.9 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci11.actonsoftware.com

Software

Resource Hash

20bb053d848822ad7fea03a475099efc13ba110adff813817c3c9285c888b1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.noregon.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=16070400
Keep-Alive: timeout=10
Content-Length: 1544
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 42948
go.noregon.com/acton/bn/ 43 B
548 B 372ms
182ms Image
image/gif 207.189.124.9
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.noregon.com/acton/bn/42948?target=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&ref=&v=2&ts=1632330676171&nc=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.9 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci11.actonsoftware.com

Software

Apache-Coyote/1.1 /

Resource Hash

2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 17:11:17 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"
X-Cnection: close
Strict-Transport-Security: max-age=16070400
Content-Type: image/gif
Content-Length: 43

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 3292 0
182 B 128ms
38ms Document
text/html 34.252.183.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=qmwiwcp&ref=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&upid=c464dos&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.183.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-183-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=qmwiwcp&ref=https%3A%2F%2Fwww.noregon.com%2Fjpro%2Fsoftware-update%2F&upid=c464dos&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.noregon.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/

Response headers

date: Wed, 22 Sep 2021 17:11:17 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 NoregonLogoWeb.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/03/ 22 KB
23 KB 7ms
6ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/03/NoregonLogoWeb.png

Requested by

Host: mk0noregon3jonoq4h4v.kinstacdn.com
URL: https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c51d91212073b06630024361849c5a3840623679c6565c2605b3e468257f4fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23010
last-modified: Thu, 04 Mar 2021 22:20:48 GMT
server: keycdn-engine
etag: "60415d40-59e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 690e0fc9edafc2db-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:17 GMT

GET
H2 200 NoregonLogoWeb.png
mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/03/ 22 KB
23 KB 7ms
6ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/uploads/2021/03/NoregonLogoWeb.png

Requested by

Host: mk0noregon3jonoq4h4v.kinstacdn.com
URL: https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c51d91212073b06630024361849c5a3840623679c6565c2605b3e468257f4fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.3
x-edge-location: defr
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23010
last-modified: Thu, 04 Mar 2021 22:20:48 GMT
server: keycdn-engine
etag: "60415d40-59e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 690e0fc9edafc2db-FRA
x-edge-location-klb: 1
expires: Thu, 22 Sep 2022 23:00:17 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 62ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: go.noregon.com
URL: https://go.noregon.com/acton/content/form_embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 17:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 21 Sep 2022 17:57:48 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
761 B 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: go.noregon.com
URL: https://go.noregon.com/acton/content/form_embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.noregon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 17:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 17:11:17 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.noregon.com/
Origin: https://www.noregon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 22 Sep 2022 16:57:27 GMT

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.noregon.com/	1970-01-20 14:56:42	Name: _ga Value: GA1.2.1282878431.1632330676
.noregon.com/	1970-01-19 21:26:57	Name: _gid Value: GA1.2.1025568753.1632330676
.noregon.com/	1970-01-19 21:25:30	Name: _gat_UA-47512019-4 Value: 1
.bing.com/	1970-01-20 06:47:06	Name: MUID Value: 1D0FE49F884B649336F3F42589206544
.linkedin.com/	1970-01-19 22:08:42	Name: UserMatchHistory Value: AQJ7NAj6F5rt-wAAAXwOfXmwg-kZeeQoF4GSEcHIpUHhGJCcNjtFbuLa0DuFTlEHPRCkpONDlORKbA
.linkedin.com/	1970-01-19 22:08:42	Name: AnalyticsSyncHistory Value: AQJ3rKRz-ieeKAAAAXwOfXmwororrjRY6efe2YpR9fsdJ9yjpZ6fsQyG4L7FdGwOCI1p_nwMnrGeNqxDZ_JLug
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:57:24	Name: bcookie Value: "v=2&7c2dc2ca-1eb1-4903-8260-596785f68de7"
.linkedin.com/	1970-01-19 21:26:57	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2316:u=1:x=1:i=1632330676:t=1632417076:v=2:sig=AQGnF5l6dnZr7tMGlOiiuYbW15oxvqqk"
.noregon.com/	1970-01-20 14:56:42	Name: mcfxCookiesVersion Value: 2
.noregon.com/	1970-01-19 21:35:35	Name: fx_referrer Value:
.noregon.com/	1969-12-31 23:59:59	Name: fx_document_title Value: JPRO%2520Software%2520Update%2520%257C%2520Noregon
.noregon.com/	1970-01-20 14:56:42	Name: fx_count Value: 1
.noregon.com/	1970-01-20 14:56:42	Name: fx_uuid Value: 2aecae1c-2d66-44af-890a-d65bed7e44f9
.noregon.com/	1970-01-19 21:25:31	Name: mcfxVSID Value: 3fba7471-21e1-46e4-bb2b-8fe5fe005e86
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:57:24	Name: bscookie Value: "v=1&2021092217111608726abb-2b89-4010-8401-bc7913fdc015AQEaMIJlYQxwLG9iCFVIk1URpK2pW0Ei"
.linkedin.com/	1970-01-20 14:39:39	Name: li_gc Value: MTswOzE2MzIzMzA2NzY7MjswMjEH5GmnmtN72rVzG4NHRWYC73iAc55OiEW3x9wMFEwiKg==
.noregon.com/	1970-01-19 21:26:57	Name: _uetsid Value: 190c62e01bc811ecaada836e656acbe7
.noregon.com/	1970-01-20 06:47:06	Name: _uetvid Value: 190c86901bc811ecbfe761bc3528506e
.noregon.com/	1970-01-20 06:11:06	Name: wp42948 Value: "XVCXBDs-TTTJ:UVLBVDtlnDl-TUWY-VUTCDDDTALJXWDYVAMLZLL-CKZC-XMTZ-BTTM-UJCUKHZAHCUWDghkLnhg_Jht"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.noregon.com/jpro/software-update/ Message: The resource https://mk0noregon3jonoq4h4v.kinstacdn.com/wp-content/plugins/bloom/css/fonts/ET-Bloom.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
cdn.leadmanagerfx.com
cdn.websitepolicies.io
fonts.googleapis.com
fonts.gstatic.com
go.noregon.com
insight.adsrvr.org
js.adsrvr.org
mk0noregon3jonoq4h4v.kinstacdn.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.crazyegg.com
snap.licdn.com
stats.g.doubleclick.net
t.leadmanagerfx.com
tracking.crazyegg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.noregon.com
108.174.10.14
130.211.30.48
162.159.134.42
18.66.96.113
18.66.97.122
207.189.124.9
2606:4700::6813:9408
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9c
2a02:26f0:6c00:296::25ea
2a0b:4d07:102::1
34.252.183.11
34.255.166.68
89.187.169.47
00f110b686e92d6aa3bed351112fb05074547961b22c0fc5994b203a7dca3c28
010642b65fe2cb0c36914fbd60593aa97362a826fce709ea355e1caa0a7af897
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04b1cb0da9d1a274cfe83b908b812ac4a9b1173f979fe405ca66cce036915d12
0569b6397bdc3f627d0758e51f39dff40a2e84258cb45511dd070d4e5d3f02d4
05b0fb671e95dcedffe88e42c9a4cf46c97d4070f789183ee507ceef254cfee9
0a75aa5bab9865958cd01d39856dc37e96491296ef55f5d2fdce2915b1ea1c58
12eef6601fa46d3f325eaf16a16033a19a757608dd5f9f7e75504e172f19e237
12f7f7e4c97cfc87af1c4b2184fa8c84310eeb81bc75c256acb799fe6c0e59a8
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641
1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
20bb053d848822ad7fea03a475099efc13ba110adff813817c3c9285c888b1d6
217daece9229cbf8910740951a40a59ee2a647e8a4767af4076657a93e9aed24
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
279f6b481748c18d498dd5ad4cb01aee8aaab9fe2845094491f2632d4b99b686
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178
31a8e5d18afbe0a3da5e589bd36adff009da84dfc5680da03d76b1f75daf885e
33a3fdc40352c38d67dc1ca75dd2acc8280c0ef1b6402d81fe45e8afd528cb65
378eaac8edb0b258bad9da4fcf54111180d5fd8782d33a1b567b659bd9ffccfd
3a63506394b9b9dbbec60f7e69591393fe301df575d5b6d7ba6d15abf377b3e1
444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0
46bbc7b22b8c58dc664cd4b31da0906636b96c8d64b839b1671d3eff081f6c1e
4edf92544c1bd1432b517c7014646632bcd4731bebc32350574dd2a3f45c0c88
52c73f771b2dbffa8a73db2bb3279672244d2a28e4bdff33a11d59cac9402875
54167b4e134d4016fe38cb753f7e135ee81d36f22a147b6951ba6402ad5b2fb2
5a0f693a19cb9e94494d8e0e9aa647e613179a6b77040afddc9d0063765fedaa
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
72d211900bff1305dcc2e510f7f946a108243b31ca02ab2b332b0757e048afec
7af63e35e834a2e157b9574893d55c9ec07680863e14ab1e50ef791cf076172e
7e69acb6d6f3130d1365a3735e4ccfa3664d272c8e31d9481e4f133b6257acab
82ed6b34774e4dbc026c4fb6d8143de96fec7a28743cb324ee1662230a5375c9
846190311422b8501d25e7fa82a6f03640979882b59b875da0c038877bd15151
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89b6fc20e99da6c304c84e47abe126d4f7eb31e5366e97b451a9aca07181ddb3
8a41d60f7762f2db0792fd909c3c09725f93d8fe1e94efcb2ca04293921e277a
8a5b20917f186c9ddd1997fee322a8043455c3b2effeea80d7690e6d3f1478c3
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
ab1a66028d285358a94a6512903a93bf91af222547c8bcfe8e145b48502bc479
ac1ae5c7d45d4b7a69527231324f5b9b0db365eda8c68523fef05cc4c44062e5
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a
aea978f63bf8b072b3fd3dc4bf46c0acbfad2d11c84ec1c5d546063768e8ae21
b0d9f34fc44b34c469a6de180472f24ecbc25de5db98126d2bdad5e7b9b9d713
b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
bfebe0f52ced8bc7062d12767d5e3df778ab0f93e1cf05147e08aaf9e62205f9
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c4d434b04115c556426cd6c473714c0a22dc07d789e8ff9a73f2693aa6c4b793
c51d91212073b06630024361849c5a3840623679c6565c2605b3e468257f4fc3
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d0b80c4222beaf6fe47ec73a9f222dbdc861e51a99d2608aa386d2c1448edcf4
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d526af1678c42c45d7bf90f45f8b69938953014ebbabed059088ed19d67962d5
d8654bb4dce6dcc5993a7604141dab13d86c061ea7441897426d4f61e9d13c85
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45b3662e7adc9d2e409566d0cd14da7e15ce9e17dbc86fc2041d861abb5d7b3
f6d4d2bc529ae54543db99aeb2e4d063dc5f6cd4c0ae4a405e02fc91d2c9d143
f9ba346abf2c05355597adbe3499dbceece6735f94a065220d4c2b454faa67c6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.noregon.com Open in urlscan Pro 162.159.134.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

63 %IPv6

16 Domains

24 Subdomains

22 IPs

6 Countries

1158 kBTransfer

4248 kBSize

21 Cookies

9 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.noregon.com Open in urlscan Pro
162.159.134.42 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

63 %
IPv6

16
Domains

24
Subdomains

22
IPs

6
Countries

1158 kB
Transfer

4248 kB
Size

21
Cookies

77 HTTP transactions
0 data transactions