urlscan.io logo urlscan.io
SecurityTrails logo

nor.vitality.club Open in urlscan Pro
18.195.72.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sopux.com/link.php?M=156946&N=140&L=80&F=H
Effective URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Submission: On November 07 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 7 countries across 32 domains to perform 66 HTTP transactions. The main IP is 18.195.72.121, located in Cambridge, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is nor.vitality.club.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 18th 2018. Valid for: 3 months.
This is the only time nor.vitality.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.231.231.80 205045 (NBI)
21 23.97.195.129 8075 (MICROSOFT...)
1 1 52.30.114.194 16509 (AMAZON-02)
1 4 2606:4700:30:... 13335 (CLOUDFLAR...)
1 18.195.72.121 16509 (AMAZON-02)
7 13.35.253.25 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.35.254.6 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
9 13.35.254.29 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 217.16.184.198 43541 (VSHOSTING)
3 185.59.220.23 60068 (CDN77)
1 185.14.253.101 43541 (VSHOSTING)
1 195.181.170.16 60068 (CDN77)
66 14
1    185.231.231.80 (None, )

ASN205045 (NBI, LV)
PTR: sopux.com
sopux.com
21    23.97.195.129 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ntrk7.com
ninjalink1.com
ninjalink2.com
ninjalink3.com
ninjalink4.com
nnjatrck1.com
nnjatrck2.com
ninz1.com
ninz2.com
ntrk4.com
ntrk5.com
ntrk6.com
ntrk8.com
ntrk9.com
ntrk10.com
ntrk11.com
ntrk12.com
ntrk13.com
ntrk14.com
ntrk15.com
1    52.30.114.194 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-114-194.eu-west-1.compute.amazonaws.com
no.hallonketoner.com
4    2606:4700:30::6812:3af2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
you.vitaelife.com
1    18.195.72.121 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-72-121.eu-central-1.compute.amazonaws.com
nor.vitality.club
7    13.35.253.25 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-25.fra6.r.cloudfront.net
builder-assets.unbounce.com
3    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    13.35.254.6 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-6.fra6.r.cloudfront.net
d2xxq4ijfwetlm.cloudfront.net
5    2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
9    13.35.254.29 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-29.fra6.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
8    2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    217.16.184.198 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: smartsupp.vshosting.cz
www.smartsuppchat.com
bootstrap.smartsuppchat.com
3    185.59.220.23 (Frankfurt, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
smartsupp-widget-161959.c.cdn77.org
1    185.14.253.101 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: s15.smartsupp.com
s15.smartsupp.com
1    195.181.170.16 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-15.cdn77.com
smartsupp-widget-161959.c.cdn77.org
Domain Requested by
9 d9hhrg4mnvzow.cloudfront.net nor.vitality.club
ajax.googleapis.com
8 fonts.gstatic.com nor.vitality.club
ajax.googleapis.com
7 builder-assets.unbounce.com nor.vitality.club
5 fonts.googleapis.com nor.vitality.club
ajax.googleapis.com
4 smartsupp-widget-161959.c.cdn77.org www.smartsuppchat.com
smartsupp-widget-161959.c.cdn77.org
nor.vitality.club
4 you.vitaelife.com 1 redirects nor.vitality.club
3 ajax.googleapis.com nor.vitality.club
2 ntrk7.com ntrk7.com
1 s15.smartsupp.com smartsupp-widget-161959.c.cdn77.org
1 bootstrap.smartsuppchat.com www.smartsuppchat.com
1 www.smartsuppchat.com nor.vitality.club
1 d2xxq4ijfwetlm.cloudfront.net nor.vitality.club
1 nor.vitality.club ntrk7.com
1 no.hallonketoner.com 1 redirects
1 ntrk15.com ntrk7.com
1 ntrk14.com ntrk7.com
1 ntrk13.com ntrk7.com
1 ntrk12.com ntrk7.com
1 ntrk11.com ntrk7.com
1 ntrk10.com ntrk7.com
1 ntrk9.com ntrk7.com
1 ntrk8.com ntrk7.com
1 ntrk6.com ntrk7.com
1 ntrk5.com ntrk7.com
1 ntrk4.com ntrk7.com
1 ninz2.com ntrk7.com
1 ninz1.com ntrk7.com
1 nnjatrck2.com ntrk7.com
1 nnjatrck1.com ntrk7.com
1 ninjalink4.com ntrk7.com
1 ninjalink3.com ntrk7.com
1 ninjalink2.com ntrk7.com
1 ninjalink1.com ntrk7.com
1 sopux.com 1 redirects
0 ajax.aspnetcdn.com Failed nor.vitality.club
66 35

This site contains no links.

Subject Issuer Validity Valid
ntrk7.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ninjalink1.com
COMODO RSA Domain Validation Secure Server CA		 2017-09-09 -
2020-09-08		 3 years crt.sh
nnjatrck1.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-17 -
2019-12-17		 2 years crt.sh
nnjatrck2.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-10 -
2021-02-09		 3 years crt.sh
ninz1.com
COMODO RSA Domain Validation Secure Server CA		 2018-06-18 -
2020-06-17		 2 years crt.sh
ninz2.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-24 -
2019-08-24		 a year crt.sh
ntrk4.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk5.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk6.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk8.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk9.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk10.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk11.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk12.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk13.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk14.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
ntrk15.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-19 -
2019-09-19		 a year crt.sh
nor.vitality.club
Let's Encrypt Authority X3		 2018-10-18 -
2019-01-16		 3 months crt.sh
*.unbounce.com
COMODO RSA Domain Validation Secure Server CA		 2017-03-20 -
2019-04-11		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-10-16 -
2019-01-08		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-10-16 -
2019-01-08		 3 months crt.sh
sni59276.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-18 -
2019-04-26		 6 months crt.sh
*.smartsuppchat.com
RapidSSL TLS RSA CA G1		 2018-02-01 -
2019-05-03		 a year crt.sh
1360792427.rsc.cdn77.org
Let's Encrypt Authority X3		 2018-10-03 -
2019-01-01		 3 months crt.sh
*.smartsupp.com
RapidSSL TLS RSA CA G1		 2018-02-01 -
2019-05-03		 a year crt.sh

This page contains 5 frames:

Primary Page: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Frame ID: 04C9145D171DF2D686FCA9D4B2CBC3AE
Requests: 57 HTTP requests in this frame

Frame: https://you.vitaelife.com/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
Frame ID: 10B4054DFF766A40BF6062779E668447
Requests: 1 HTTP requests in this frame

Frame: https://you.vitaelife.com/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
Frame ID: 3086DEEFF387376922B3167CCA5BC0A4
Requests: 1 HTTP requests in this frame

Frame: https://you.vitaelife.com/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
Frame ID: 7F3592A2090801A330A15D6C809D5F9B
Requests: 1 HTTP requests in this frame

Frame: https://smartsupp-widget-161959.c.cdn77.org/build/smartchat-2.2.7.min.css
Frame ID: B737AC8D0D41DB7CDD0267AA360FF8C6
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sopux.com/link.php?M=156946&N=140&L=80&F=H HTTP 302
    https://ntrk7.com/tr/l/5439/3755 Page URL
  2. http://no.hallonketoner.com//?utm_source=NO_adsninja_no_no_hallon&pid=4653&clickid=9904152 HTTP 302
    https://you.vitaelife.com/?form=58&utm_source=NO_adsninja_no_no_hallon&clickid=9904152&pid=4653 HTTP 302
    https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inia... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

66
Requests

98 %
HTTPS

27 %
IPv6

32
Domains

35
Subdomains

14
IPs

7
Countries

908 kB
Transfer

1482 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sopux.com/link.php?M=156946&N=140&L=80&F=H HTTP 302
    https://ntrk7.com/tr/l/5439/3755 Page URL
  2. http://no.hallonketoner.com//?utm_source=NO_adsninja_no_no_hallon&pid=4653&clickid=9904152 HTTP 302
    https://you.vitaelife.com/?form=58&utm_source=NO_adsninja_no_no_hallon&clickid=9904152&pid=4653 HTTP 302
    https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sopux.com/link.php?M=156946&N=140&L=80&F=H HTTP 302
  • https://ntrk7.com/tr/l/5439/3755

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 3755
ntrk7.com/tr/l/5439/
Redirect Chain
  • http://sopux.com/link.php?M=156946&N=140&L=80&F=H
  • https://ntrk7.com/tr/l/5439/3755
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b493feea099dee3865d4ad6d0deb48a7397235aa96b4a22ac24481c44eaa15f4

Request headers

Host
ntrk7.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Length
651
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
P3P
CP="AdsNinja does not have P3P policy."
Set-Cookie
_nnjatrck=eyJVaW4iOiI5NmMwNTg3Mi02ZTBmLTQ4ZDMtOTA0NC1lNWI0MmZlMTdjNzUiLCJDYW1wYWlnbnMiOnsiODgwMSI6OTkwNDE1Mn19; domain=ntrk7.com; expires=Fri, 07-Dec-2018 06:25:43 GMT; path=/ ARRAffinity=8b9f78d3936bec33a0cb4bc680dd2fb04a7804a355b4cd39e05cdd735a56c353;Path=/;HttpOnly;Domain=ntrk7.com
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Wed, 07 Nov 2018 06:25:43 GMT

Redirect headers

Date
Wed, 07 Nov 2018 05:25:05 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.6.33
X-Powered-By
PHP/5.6.33
Location
https://ntrk7.com/tr/l/5439/3755
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
image.gif
ninjalink1.com/tr/img/8801/9904152/ 		70 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninjalink1.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ninjalink2.com/tr/img/8801/9904152/ 		70 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninjalink2.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ninjalink3.com/tr/img/8801/9904152/ 		70 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninjalink3.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ninjalink4.com/tr/img/8801/9904152/ 		70 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninjalink4.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
nnjatrck1.com/tr/img/8801/9904152/ 		70 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nnjatrck1.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
nnjatrck2.com/tr/img/8801/9904152/ 		70 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nnjatrck2.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ninz1.com/tr/img/8801/9904152/ 		70 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninz1.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ninz2.com/tr/img/8801/9904152/ 		70 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninz2.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk4.com/tr/img/8801/9904152/ 		70 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk4.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk5.com/tr/img/8801/9904152/ 		70 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk5.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk6.com/tr/img/8801/9904152/ 		70 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk6.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
Cookie set image.gif
ntrk7.com/tr/img/8801/9904152/ 		70 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk7.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ntrk7.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://ntrk7.com/tr/l/5439/3755
Cookie
_nnjatrck=eyJVaW4iOiI5NmMwNTg3Mi02ZTBmLTQ4ZDMtOTA0NC1lNWI0MmZlMTdjNzUiLCJDYW1wYWlnbnMiOnsiODgwMSI6OTkwNDE1Mn19; ARRAffinity=8b9f78d3936bec33a0cb4bc680dd2fb04a7804a355b4cd39e05cdd735a56c353
Connection
keep-alive
Cache-Control
no-cache
Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Set-Cookie
_nnjatrck=eyJVaW4iOiI5NmMwNTg3Mi02ZTBmLTQ4ZDMtOTA0NC1lNWI0MmZlMTdjNzUiLCJDYW1wYWlnbnMiOnsiODgwMSI6OTkwNDE1Mn19; domain=ntrk7.com; expires=Fri, 07-Dec-2018 06:25:43 GMT; path=/
Content-Type
image/gif
Content-Length
70
image.gif
ntrk8.com/tr/img/8801/9904152/ 		70 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk8.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk9.com/tr/img/8801/9904152/ 		70 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk9.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk10.com/tr/img/8801/9904152/ 		70 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk10.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk11.com/tr/img/8801/9904152/ 		70 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk11.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk12.com/tr/img/8801/9904152/ 		70 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk12.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk13.com/tr/img/8801/9904152/ 		70 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk13.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk14.com/tr/img/8801/9904152/ 		70 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk14.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
image.gif
ntrk15.com/tr/img/8801/9904152/ 		70 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntrk15.com/tr/img/8801/9904152/image.gif
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.195.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
https://ntrk7.com/tr/l/5439/3755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="AdsNinja does not have P3P policy."
Cache-Control
private
Content-Type
image/gif
Content-Length
70
Primary Request Cookie set /
nor.vitality.club/hallonketoner/
Redirect Chain
  • http://no.hallonketoner.com//?utm_source=NO_adsninja_no_no_hallon&pid=4653&clickid=9904152
  • https://you.vitaelife.com/?form=58&utm_source=NO_adsninja_no_no_hallon&clickid=9904152&pid=4653
  • https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
114 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Requested by
Host: ntrk7.com
URL: https://ntrk7.com/tr/l/5439/3755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.195.72.121 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-72-121.eu-central-1.compute.amazonaws.com
Software
/ Page Server II 2.1.144 4190adc
Resource Hash
600616b96bcce81bd56054a44a8263cb17cf7762b4952d24cba4c1652de84e59

Request headers

Host
nor.vitality.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
close
X-Powered-By
Page Server II 2.1.144 4190adc
X-Server-Instance
ps2-0bad396eff.eu-central-1.unbounce.net
P3P
CP="This is not a privacy policy."
Date
Wed, 07 Nov 2018 06:25:44 GMT
ETag
b2f83b9d30604d96ce32397b964f103c
Link
<https://nor.vitality.club/hallonketoner/>; rel="canonical"
X-Unbounce-Variant
f
Content-Location
https://nor.vitality.club/hallonketoner/
Last-Modified
Mon, 21 May 2018 12:37:56 GMT
X-Unbounce-PageId
ed5588fb-8b6c-45bf-b730-9d06bc54aa43
Content-Type
text/html; charset=UTF-8
X-Unbounce-VisitorID
148.251.45.2541542745699332020
Set-Cookie
ubpv=f%2Ced5588fb-8b6c-45bf-b730-9d06bc54aa43; Max-Age=15897600; Expires=Fri, 10 May 2019 06:25:44 GMT; Path=/hallonketoner/ ubvt=148.251.45.2541542745699332020; Max-Age=259200; Expires=Sat, 10 Nov 2018 06:25:44 GMT; Path=/; Domain=vitality.club ubvs=148.251.45.2541542745699332020; Max-Age=15552000; Expires=Mon, 06 May 2019 06:25:44 GMT; Path=/
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Proxy-Backend
ps2

Redirect headers

status
302
date
Wed, 07 Nov 2018 06:25:44 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8a56d67ec2594bdf8f0219da6fc78b821541571944; expires=Thu, 07-Nov-19 06:25:44 GMT; path=/; domain=.vitaelife.com; HttpOnly PHPSESSID=3a0bhgp3mopgvvssv4fm90qrf7; path=/
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
location
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
475db96c5cf263d9-FRA
page-defaults-b3a2f21.z.css
builder-assets.unbounce.com/published/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/page-defaults-b3a2f21.z.css
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3a2f210f3ae42b81e6b1c7f26dfe76214735ab427bcce1aaca7c37aa6f8e0bb

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:46:03 GMT
content-encoding
gzip
last-modified
Wed, 30 May 2018 16:12:50 GMT
server
AmazonS3
age
391183
etag
"3d53758747081df5fb15ef7a01404331"
x-cache
Hit from cloudfront
x-amz-version-id
OzxGAUEAx_hYQLBU7EtYh4Pp61biXWTO
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
content-length
3229
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
nJIwXAZ9XB91drVEl2BX7GTvXKw9_MF52AyINawIg3QnAr5-nCunmQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 03 Nov 2018 10:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329489
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
24715
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2019 10:54:16 GMT
unbounce.js
d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/api/ 		641 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/api/unbounce.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-6.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb23e74443fd3afd6f6a57e70cc0cd49afca31cb61c6224df8036dc7a11f555a

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:45:04 GMT
via
1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
last-modified
Tue, 07 Jan 2014 17:53:15 GMT
server
AmazonS3
age
45620
etag
"550bf4d55f148aa3459eafa64f3eb6a3"
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
accept-ranges
bytes
content-type
application/javascript
content-length
641
x-amz-cf-id
fX7ndXsnRa8egwCNQnf9RHRLH-fXjiIwmEkFAX00_ONvSZRF-uSQsA==
main-90cd9cc.z.js
builder-assets.unbounce.com/modules/lp-block/public/ 		1020 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-block/public/main-90cd9cc.z.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90cd9cc3f3648004b94945176c5331b6cbaf477e541623caf80d580933d0cb02

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:44:31 GMT
content-encoding
gzip
last-modified
Wed, 26 Sep 2018 23:30:31 GMT
server
AmazonS3
age
391275
etag
"d842560f2f4cfe39a294c0f146f407b4"
x-cache
Hit from cloudfront
x-amz-version-id
w1fSbW._ZH40Sbo1PoSNI.QohsaGb0Cq
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
423
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
r97Dg4HeZwYvDM8tZqpW5Sski45-0OQV3chafUCea64f2DELRX9rXw==
matchMedia-ba7af92.z.js
builder-assets.unbounce.com/published/ 		925 B
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/matchMedia-ba7af92.z.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba7af92cb3ffbf763257405d2bd170cca3fc4a68906b000f4f0b4a615bb0e9a0

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:45:03 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 23:35:23 GMT
server
AmazonS3
age
391243
etag
"8a3d44556a9fc8bb91dc41c3257f7ed7"
x-cache
Hit from cloudfront
x-amz-version-id
g.GoVUMSvf6WvcM6YYncLMIfUOararmI
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
562
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
AvlpdTlKkQ0FpHsu3sc9j3kdin8TZ2iRX1Dg8e5i_1nZB3W1XGToyg==
main-e1f2690.z.js
builder-assets.unbounce.com/modules/lp-text/public/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-text/public/main-e1f2690.z.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1f2690d533e7fc39b81cd43978faea779532bb4ab600f0f45566c737e03c874

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:45:03 GMT
content-encoding
gzip
last-modified
Fri, 06 Jul 2018 19:20:34 GMT
server
AmazonS3
age
391243
etag
"67645e1696f8a12286fb11a0edf2d9bd"
x-cache
Hit from cloudfront
x-amz-version-id
uodl5dNhHyS8c5ktZy.dPgqm6H1iWPxN
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
3508
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
Ss8YdvY4NrGnzr_9qZGZC0l8xk1A_E0PgUQ7Iyimj3ZiBE5wppAOFA==
main-b5aeb46.z.js
builder-assets.unbounce.com/modules/lp-image/public/ 		2 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-image/public/main-b5aeb46.z.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5aeb46f3d28a79f680502ed35f8485de7a7fe8621c369423802be802384122f

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:45:03 GMT
content-encoding
gzip
last-modified
Tue, 19 Jun 2018 23:30:08 GMT
server
AmazonS3
age
391242
etag
"5cdca77effde1d18d0fe9f485faf6d81"
x-cache
Hit from cloudfront
x-amz-version-id
m7F_nv1yK_vh_qGI6OkAfp9x6Qpus27r
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
604
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
oqeGaFynuedKcnkmGN770XtJAu7_IkxaOqBemjEapaVacjWSQO489g==
main-2fabf90.z.js
builder-assets.unbounce.com/modules/lp-button/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-button/public/main-2fabf90.z.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fabf90865a5fa61fb28c54d33ea19829678cbcffbf9c4e686589f5bc57aecdb

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:45:03 GMT
content-encoding
gzip
last-modified
Fri, 06 Jul 2018 19:20:34 GMT
server
AmazonS3
age
391242
etag
"45b6ed1a48ae14b17966070865a508d0"
x-cache
Hit from cloudfront
x-amz-version-id
0Alizy0SkKyOEhhEG0Xk7rIBDzW9Hk_c
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
1296
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
FhQ43kyIDCtPWtsmg-5nEF3G9uEy8jLr4y5dKtIBih_SVbJ56fGG3w==
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
734371ae3281d7a36957ab5d66796041b7cfa199ecc0a58c51cad5322587cc3e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 07 Nov 2018 06:25:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 07 Nov 2018 06:25:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 07 Nov 2018 06:25:45 GMT
css
fonts.googleapis.com/ 		4 KB
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:300,400,700
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
dae61547d8d6ca63cb693d3f0b8f682bdfd1ce13ba64b2c85b55fb983aca0198
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 07 Nov 2018 06:25:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 07 Nov 2018 06:25:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 07 Nov 2018 06:25:45 GMT
css
fonts.googleapis.com/ 		8 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
956f9dcf3625212b10bbe3eb4512f7f8d53504901779b34cb48b099c35caccdb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 07 Nov 2018 06:25:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 07 Nov 2018 06:25:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 07 Nov 2018 06:25:45 GMT
css
fonts.googleapis.com/ 		2 KB
555 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
6b9b545628d08b67786d5eafa38e922aab7df68cccda68fe27ed609670f28edf
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 07 Nov 2018 06:25:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 07 Nov 2018 06:25:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 07 Nov 2018 06:25:45 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 06 Nov 2018 17:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46345
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
6756
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2019 17:33:20 GMT
ub-browser-879f873.z.js
builder-assets.unbounce.com/published/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/ub-browser-879f873.z.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-25.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
879f8736fc247740b8907a12dd85183f9d50a26f3eeb2a9982e49f769d8e9099

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 02 Nov 2018 17:45:03 GMT
content-encoding
gzip
last-modified
Fri, 06 Jul 2018 19:20:38 GMT
server
AmazonS3
age
391243
etag
"1239a51817ae12d8fa9588f05da935ca"
x-cache
Hit from cloudfront
x-amz-version-id
UvdW10DCH7N0kCZKImqqkxULDTEqs.Jl
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
1091
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
1Hrz_gRpO5pFljjK4rE1ytd2BON1QaFeiu2qpBDKzP_K3zPO_3GtOw==
transparent.gif
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		42 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/transparent.gif
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:56 GMT
server
AmazonS3
etag
"d89746888da2d9510b64a9f031eaecd5"
x-cache
Miss from cloudfront
x-amz-version-id
rXuNrVK3J3dXVAmxvppynzyITiuCxBYI
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/gif
content-length
42
x-amz-cf-id
Ln7LAe3_N44eXBxsGeyL0TMurzyPNIqIjK9TtjqnAUI5CfdzEdMPRg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 06 Nov 2018 10:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73285
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
19926
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2019 10:04:20 GMT
css
fonts.googleapis.com/ 		9 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700%7CLato:700,regular,900,900italic,300,italic%7COpen+Sans:300
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c8be13b1a266b1ad799b1d869e9340c2c9658bb8e94e5745fdbe95fbfd1e7722
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 07 Nov 2018 06:25:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 07 Nov 2018 06:25:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 07 Nov 2018 06:25:45 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Origin
https://nor.vitality.club

Response headers

date
Tue, 02 Oct 2018 10:29:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
3095760
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14076
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 10:29:45 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Origin
https://nor.vitality.club

Response headers

date
Wed, 31 Oct 2018 19:01:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
559426
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13944
x-xss-protection
1; mode=block
expires
Thu, 31 Oct 2019 19:01:59 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Origin
https://nor.vitality.club

Response headers

date
Mon, 05 Nov 2018 03:37:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:56 GMT
server
sffe
age
182895
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13828
x-xss-protection
1; mode=block
expires
Tue, 05 Nov 2019 03:37:30 GMT
S6u_w4BMUTPHjxsI3wi_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u_w4BMUTPHjxsI3wi_Gwftx9897g.woff2
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6d072ab5325cb197e85ed32d785c129febc14d58c4c1c89c824611df72571769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Origin
https://nor.vitality.club

Response headers

date
Sat, 03 Nov 2018 10:35:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
330644
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14452
x-xss-protection
1; mode=block
expires
Sun, 03 Nov 2019 10:35:01 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Origin
https://nor.vitality.club

Response headers

date
Mon, 05 Nov 2018 03:03:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:58 GMT
server
sffe
age
184946
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13604
x-xss-protection
1; mode=block
expires
Tue, 05 Nov 2019 03:03:19 GMT
order_form
you.vitaelife.com/api_v2/ Frame 10B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://you.vitaelife.com/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3af2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash

Request headers

:method
GET
:authority
you.vitaelife.com
:scheme
https
:path
/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised

Response headers

status
200
date
Wed, 07 Nov 2018 06:25:45 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddc9683de9f8953c4dc69b7f6dc0c9c691541571945; expires=Thu, 07-Nov-19 06:25:45 GMT; path=/; domain=.vitaelife.com; HttpOnly
content-location
order_form.php
vary
negotiate
tcn
choice
x-powered-by
PHP/5.4.45
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
475db972382863d9-FRA
content-encoding
gzip
order_form
you.vitaelife.com/api_v2/ Frame 3086 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://you.vitaelife.com/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3af2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash

Request headers

:method
GET
:authority
you.vitaelife.com
:scheme
https
:path
/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised

Response headers

status
200
date
Wed, 07 Nov 2018 06:25:45 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddc9683de9f8953c4dc69b7f6dc0c9c691541571945; expires=Thu, 07-Nov-19 06:25:45 GMT; path=/; domain=.vitaelife.com; HttpOnly
content-location
order_form.php
vary
negotiate
tcn
choice
x-powered-by
PHP/5.4.45
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
475db972382963d9-FRA
content-encoding
gzip
order_form
you.vitaelife.com/api_v2/ Frame 7F35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://you.vitaelife.com/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::6812:3af2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash

Request headers

:method
GET
:authority
you.vitaelife.com
:scheme
https
:path
/api_v2/order_form?Order_Form=58&utm_source=NO_adsninja_no_no_hallon&aid=3033704
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised

Response headers

status
200
date
Wed, 07 Nov 2018 06:25:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddc9683de9f8953c4dc69b7f6dc0c9c691541571945; expires=Thu, 07-Nov-19 06:25:45 GMT; path=/; domain=.vitaelife.com; HttpOnly
content-location
order_form.php
vary
negotiate
tcn
choice
x-powered-by
PHP/5.4.45
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
475db972583b63d9-FRA
content-encoding
gzip
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
155ef7601d4af029d8b6f3efa4ed4984748ea0a36c85f038f129ffdc6fb83b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Origin
https://nor.vitality.club

Response headers

date
Mon, 05 Nov 2018 21:53:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:01 GMT
server
sffe
age
117156
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14824
x-xss-protection
1; mode=block
expires
Tue, 05 Nov 2019 21:53:09 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Origin
https://nor.vitality.club

Response headers

date
Tue, 16 Oct 2018 00:44:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:38 GMT
server
sffe
age
1921272
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8732
x-xss-protection
1; mode=block
expires
Wed, 16 Oct 2019 00:44:33 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff817f9993de055634774310a26061f2feafbccfaad8aaa6bfb9e4d6fe5ce94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:700%7CLato:700,regular,900,900italic,300,italic%7COpen+Sans:300
Origin
https://nor.vitality.club

Response headers

date
Fri, 02 Nov 2018 01:13:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:25:39 GMT
server
sffe
age
450749
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13064
x-xss-protection
1; mode=block
expires
Sat, 02 Nov 2019 01:13:16 GMT
loader.js
www.smartsuppchat.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.smartsuppchat.com/loader.js?
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.16.184.198 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
smartsupp.vshosting.cz
Software
nginx /
Resource Hash
4aa67f82d44c744fe920c27194fa0452d97272176a5fb01b129fc6d82dc78684

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 06:25:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Jul 2018 15:39:34 GMT
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Wed, 07 Nov 2018 06:25:44 GMT
aa895128-3.jpg
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/aa895128-3.jpg
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b59210ff8104e84930203f59c725e5c5ad874f53f51e8f3f1e83d9e69115173d

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:57 GMT
server
AmazonS3
etag
"101cad73bc2048685fdbb3992ba66616"
x-cache
Miss from cloudfront
x-amz-version-id
f77gmngaO8TzBlCmUNlb1tixt12Kuukn
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
110876
x-amz-cf-id
q5AqCN6GBZSLQw8S0iY6Hl5OA86W3OXOwzYQpQdDDbo83HsQ40itJA==
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/ 		0
0
30a37509-ketoni-nainen-uusi-norjakuva.png
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/30a37509-ketoni-nainen-uusi-norjakuva.png
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19ecdb1f908d390a8b47c9483e6171fb30148f20aa31e54cf3fef9de18dff368

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:57 GMT
server
AmazonS3
etag
"4044033504bce29df0ff38ba81799571"
x-cache
Miss from cloudfront
x-amz-version-id
p4PzIiyOJ0jkj6PGbqC.nJz_MohqQL61
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
121892
x-amz-cf-id
wg-Qdl5K6T8UiAot8ZdExh4Enl8ZowAQbtsGNriJYrjZR2ig29lEqw==
1cb256e8-image.png
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/1cb256e8-image.png
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
082510f7b9af8240037b211d9033103088cf86acbb03e9f2992a3a8990ba7a02

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:58 GMT
server
AmazonS3
etag
"66a86cecbb273defbd2f3c8051089462"
x-cache
Miss from cloudfront
x-amz-version-id
oYK9U3BRlYoANUqk9LlcOeBiPjPo8eZa
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
194085
x-amz-cf-id
FCfZojQutZDLDFxyRyrULGHk8wB2CfTzG6yghFJPBYoymyTm4YiaBg==
e61e99e1-arrow-right_01s00e01s00e000000.jpg
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		735 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/e61e99e1-arrow-right_01s00e01s00e000000.jpg
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55ffecac4707aeef2a15123a39b7af8daeb044c97d2d87f069e5606fbc26bb5b

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:57 GMT
server
AmazonS3
etag
"2b4d7adf1faf18bed714c73a87509306"
x-cache
Miss from cloudfront
x-amz-version-id
p6c9QeXjCYnXEtT_eH7VuyamH_BqGcKB
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
735
x-amz-cf-id
v87XcJApKwoe-zUHMqpOEfk2LnLBB_1vMJXJtS3FHAa3-hQyK1UwzQ==
24cf9634-lose-inn-tilbudet.png
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/24cf9634-lose-inn-tilbudet.png
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7cca8ab9eb975273b88b0aabc31be251e06a855e57ca515b5be87d2b135e014

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:57 GMT
server
AmazonS3
etag
"d55429fb30414169ede4f1bf5ddb41d0"
x-cache
Miss from cloudfront
x-amz-version-id
Aed3HEJ4u6BdL4S097uI4jWYWt.9HOQN
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
63311
x-amz-cf-id
VVhPKvc4jJFjLpu9W2HnE203Y_YmcRPVnaFCEoy9cwf34iRvgbiGjA==
e04019b4-nayttokuva-2016_0ag01p0ag01p000000.png
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/e04019b4-nayttokuva-2016_0ag01p0ag01p000000.png
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
694bfc8c1f4df6894bc23c29f8c7933268a231e8935e64b834abd92832eb1b10

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:57 GMT
server
AmazonS3
etag
"e907d6bdd1e6136c5a660db285145d79"
x-cache
Miss from cloudfront
x-amz-version-id
hLpTHTnqpJCGhnEohluSWLnwdI0x8rlg
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
21477
x-amz-cf-id
bIFTrbjXUMVtH18--et_UdjLlAJcr0F5OMEm7WEbIQZOjbKZXjIrig==
ff1e61ef-couple-image.jpg
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ff1e61ef-couple-image.jpg
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
306602688baf04598e2d3a0e2f029fe3ace8bb6021ef18580c0377de6566be7a

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:57 GMT
server
AmazonS3
etag
"6bd818285a33b0ae8907869025e94ee3"
x-cache
Miss from cloudfront
x-amz-version-id
.hWGVhTg7Yfa_y4VMsiKuDKFMo6Vpy3F
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/jpeg
content-length
37210
x-amz-cf-id
3nEsDNTV8Yji3_MsZUD-vn6TIMiKTERZjOlH1DteWgg2C1AB882_HQ==
3cd6012a-raspberry.png
d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/nor.vitality.club/hallonketoner/3cd6012a-raspberry.png
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97ab0e0369f8093cde2b5b9f319ffaa46d5248eb5485d490b02c5dfcfa7b2813

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 12:37:58 GMT
server
AmazonS3
etag
"6e93803dd1cf4b53a9a6651b7be2cd34"
x-cache
Miss from cloudfront
x-amz-version-id
t4G6ReZfon_fpMSQgL81N5_zBvlHtX9K
status
200
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
17146
x-amz-cf-id
v7eg9M42f_ThGRv-Y-e3YDTy3B74u-DT4eEfX14wA51cGyVj3A79cA==
smartchat-2.2.7.min.css
smartsupp-widget-161959.c.cdn77.org/build/ Frame B737 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smartsupp-widget-161959.c.cdn77.org/build/smartchat-2.2.7.min.css
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.59.220.23 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a0dabfac4b3bab27e968164d16a0842d9fcca2b14b0e78ed1e8ed454937f8da0

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:45 GMT
content-encoding
gzip
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
149729
last-modified
Mon, 02 Jul 2018 15:25:35 GMT
server
CDN77-Turbo
etag
W/"5b3a43ef-550c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
true
x-edge-ip
185.59.220.20
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Sep 2018 12:50:13 GMT
smartchat-2.2.7.min.js
smartsupp-widget-161959.c.cdn77.org/build/ Frame B737 		443 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartsupp-widget-161959.c.cdn77.org/build/smartchat-2.2.7.min.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.59.220.23 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d6c2b949430cc865fedbc63a2355fc4c7ff1dce904050150050e972728088a02

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:45 GMT
content-encoding
gzip
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
149729
last-modified
Mon, 02 Jul 2018 15:25:34 GMT
server
CDN77-Turbo
etag
W/"5b3a43ee-6ec5c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
true
x-edge-ip
185.59.220.20
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Sep 2018 12:50:13 GMT
bootstrap.php
bootstrap.smartsuppchat.com/ Frame B737 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bootstrap.smartsuppchat.com/bootstrap.php?chatKey=00fead5f702cc2d26f89c080fb56dfc4e377f856&t=1541571945508
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.16.184.198 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
smartsupp.vshosting.cz
Software
nginx /
Resource Hash
ded3e049accf609c17b9a01977fd231134d8aa75734c50ef455658057d2e1aab

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 07 Nov 2018 06:25:45 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
info
s15.smartsupp.com/chat/ Frame B737 		79 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s15.smartsupp.com/chat/info
Requested by
Host: smartsupp-widget-161959.c.cdn77.org
URL: https://smartsupp-widget-161959.c.cdn77.org/build/smartchat-2.2.7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.14.253.101 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
s15.smartsupp.com
Software
nginx/1.6.2 /
Resource Hash
82e9d3f1687d48367db9521b0be18ef4d9bac7debcb0717175380da40a37ce5b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Origin
https://nor.vitality.club

Response headers

Date
Wed, 07 Nov 2018 06:25:45 GMT
Content-Encoding
gzip
Server
nginx/1.6.2
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nor.vitality.club
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
icons.woff
smartsupp-widget-161959.c.cdn77.org/build/font/ Frame B737 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://smartsupp-widget-161959.c.cdn77.org/build/font/icons.woff?95305887
Requested by
Host: smartsupp-widget-161959.c.cdn77.org
URL: https://smartsupp-widget-161959.c.cdn77.org/build/smartchat-2.2.7.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.181.170.16 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-15.cdn77.com
Software
CDN77-Turbo /
Resource Hash
7f737d34933a9960fcc3e8f8ef3a74a8c41d5eded6b3b2ae9abdc309a5ce017f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://smartsupp-widget-161959.c.cdn77.org/build/smartchat-2.2.7.min.css
Origin
https://nor.vitality.club

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
579655
content-length
4476
last-modified
Mon, 02 Jul 2018 15:25:35 GMT
server
CDN77-Turbo
etag
"5b3a43ef-117c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
true
x-edge-ip
195.181.170.15
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Sep 2018 13:24:48 GMT
avatar.png
smartsupp-widget-161959.c.cdn77.org/assets/ Frame B737 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartsupp-widget-161959.c.cdn77.org/assets/avatar.png
Requested by
Host: nor.vitality.club
URL: https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.59.220.23 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5fc766f5f50d7a067f5ea3d0622fd7cb86f86a1f9b072c87b55049d7dbcfe4fc

Request headers

Referer
https://nor.vitality.club/hallonketoner/?utm_source=NO_adsninja_no_no_hallon&aid=3033704&pid=4653&inialised
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 07 Nov 2018 06:25:46 GMT
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
149068
content-length
2047
last-modified
Mon, 02 Jul 2018 15:24:33 GMT
server
CDN77-Turbo
etag
"5b3a43b1-7ff"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
true
x-edge-ip
185.59.220.20
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Sep 2018 13:01:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.aspnetcdn.com
URL
http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| ub object| lp boolean| Ba object| webfont object| WebFont object| $_GET object| query object| aux string| alku string| aid string| loppu object| _smartsupp function| smartsupp function| updateViewport undefined| value undefined| counter undefined| interval object| Smartsupp function| $smartsupp boolean| SMARTSUPP_LOADED

11 Cookies

Domain/Path Name / Value
.vitaelife.com/ Name: _gat
Value: 1
you.vitaelife.com/ Name: PHPSESSID
Value: pqmko57osfs5gsh0bc76s6nks2
nor.vitality.club/ Name: ssupp.chatid
Value: JfM1FR335qm0s0C3JLRl7t6EsWsmEjWk
nor.vitality.club/hallonketoner/ Name: ubpv
Value: f%2Ced5588fb-8b6c-45bf-b730-9d06bc54aa43
nor.vitality.club/ Name: ssupp.vid
Value: 00l6I5tmUYT4v65kvQvN0SUopsnydSSZd745250607112018
.vitaelife.com/ Name: __cfduid
Value: ddc9683de9f8953c4dc69b7f6dc0c9c691541571945
.vitality.club/ Name: ubvt
Value: 148.251.45.2541542745699332020
nor.vitality.club/ Name: ubvs
Value: 148.251.45.2541542745699332020
.vitaelife.com/ Name: _gid
Value: GA1.2.129723320.1541571948
.vitaelife.com/ Name: _ga
Value: GA1.2.825449033.1541571948
nor.vitality.club/ Name: ssupp.visits
Value: 1

40 Console Messages

Source Level URL
Text
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 34)
Message:
adding counters
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished
console-api log URL: https://ntrk7.com/tr/l/5439/3755(Line 40)
Message:
image loading finished

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
bootstrap.smartsuppchat.com
builder-assets.unbounce.com
d2xxq4ijfwetlm.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ninjalink1.com
ninjalink2.com
ninjalink3.com
ninjalink4.com
ninz1.com
ninz2.com
nnjatrck1.com
nnjatrck2.com
no.hallonketoner.com
nor.vitality.club
ntrk10.com
ntrk11.com
ntrk12.com
ntrk13.com
ntrk14.com
ntrk15.com
ntrk4.com
ntrk5.com
ntrk6.com
ntrk7.com
ntrk8.com
ntrk9.com
s15.smartsupp.com
smartsupp-widget-161959.c.cdn77.org
sopux.com
www.smartsuppchat.com
you.vitaelife.com
ajax.aspnetcdn.com
13.35.253.25
13.35.254.29
13.35.254.6
18.195.72.121
185.14.253.101
185.231.231.80
185.59.220.23
195.181.170.16
217.16.184.198
23.97.195.129
2606:4700:30::6812:3af2
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:819::200a
52.30.114.194
082510f7b9af8240037b211d9033103088cf86acbb03e9f2992a3a8990ba7a02
155ef7601d4af029d8b6f3efa4ed4984748ea0a36c85f038f129ffdc6fb83b66
19ecdb1f908d390a8b47c9483e6171fb30148f20aa31e54cf3fef9de18dff368
2fabf90865a5fa61fb28c54d33ea19829678cbcffbf9c4e686589f5bc57aecdb
306602688baf04598e2d3a0e2f029fe3ace8bb6021ef18580c0377de6566be7a
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
3ff817f9993de055634774310a26061f2feafbccfaad8aaa6bfb9e4d6fe5ce94
4aa67f82d44c744fe920c27194fa0452d97272176a5fb01b129fc6d82dc78684
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
55ffecac4707aeef2a15123a39b7af8daeb044c97d2d87f069e5606fbc26bb5b
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
5fc766f5f50d7a067f5ea3d0622fd7cb86f86a1f9b072c87b55049d7dbcfe4fc
600616b96bcce81bd56054a44a8263cb17cf7762b4952d24cba4c1652de84e59
694bfc8c1f4df6894bc23c29f8c7933268a231e8935e64b834abd92832eb1b10
6b9b545628d08b67786d5eafa38e922aab7df68cccda68fe27ed609670f28edf
6d072ab5325cb197e85ed32d785c129febc14d58c4c1c89c824611df72571769
734371ae3281d7a36957ab5d66796041b7cfa199ecc0a58c51cad5322587cc3e
7f737d34933a9960fcc3e8f8ef3a74a8c41d5eded6b3b2ae9abdc309a5ce017f
82e9d3f1687d48367db9521b0be18ef4d9bac7debcb0717175380da40a37ce5b
879f8736fc247740b8907a12dd85183f9d50a26f3eeb2a9982e49f769d8e9099
90cd9cc3f3648004b94945176c5331b6cbaf477e541623caf80d580933d0cb02
956f9dcf3625212b10bbe3eb4512f7f8d53504901779b34cb48b099c35caccdb
97ab0e0369f8093cde2b5b9f319ffaa46d5248eb5485d490b02c5dfcfa7b2813
a0dabfac4b3bab27e968164d16a0842d9fcca2b14b0e78ed1e8ed454937f8da0
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
b3a2f210f3ae42b81e6b1c7f26dfe76214735ab427bcce1aaca7c37aa6f8e0bb
b493feea099dee3865d4ad6d0deb48a7397235aa96b4a22ac24481c44eaa15f4
b59210ff8104e84930203f59c725e5c5ad874f53f51e8f3f1e83d9e69115173d
b5aeb46f3d28a79f680502ed35f8485de7a7fe8621c369423802be802384122f
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
ba7af92cb3ffbf763257405d2bd170cca3fc4a68906b000f4f0b4a615bb0e9a0
bb23e74443fd3afd6f6a57e70cc0cd49afca31cb61c6224df8036dc7a11f555a
c7cca8ab9eb975273b88b0aabc31be251e06a855e57ca515b5be87d2b135e014
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c8be13b1a266b1ad799b1d869e9340c2c9658bb8e94e5745fdbe95fbfd1e7722
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d6c2b949430cc865fedbc63a2355fc4c7ff1dce904050150050e972728088a02
dae61547d8d6ca63cb693d3f0b8f682bdfd1ce13ba64b2c85b55fb983aca0198
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
ded3e049accf609c17b9a01977fd231134d8aa75734c50ef455658057d2e1aab
e1f2690d533e7fc39b81cd43978faea779532bb4ab600f0f45566c737e03c874
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629