controllervest.no Open in urlscan Pro
35.197.246.158  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response controllervest.no/	54 KB 13 KB	265ms 56ms	Document text/html	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 7e860f722a02daa7b92a292d032bc3dd4817070c36c980bb0144985b8d561fb0 Request headers :method GET :authority controllervest.no :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Mon, 04 Oct 2021 11:27:12 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding Accept-Encoding,Cookie link <https://controllervest.no/wp-json/>; rel="https://api.w.org/" <https://controllervest.no/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json" <https://controllervest.no/>; rel=shortlink x-powered-by WP Engine x-cacheable SHORT cache-control max-age=600, must-revalidate x-cache HIT: 8 x-cache-group normal content-encoding br
GET H2	200	0407e4e45a79b8941354f6acac9c38e9.css controllervest.no/wp-content/cache/min/1/	910 KB 110 KB	40ms 40ms	Stylesheet text/css	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://controllervest.no/wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash ab8098d9619130508b8929b4152e2bb0cad6b27e4b2ad57ecdc53222d1af4baf Request headers :path /wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority controllervest.no referer https://controllervest.no/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:12 GMT content-encoding br last-modified Fri, 23 Apr 2021 07:34:30 GMT server nginx etag W/"60827886-e3702" vary Accept-Encoding Accept-Encoding Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	css2 fonts.googleapis.com/	3 KB 1 KB	43ms 21ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash 43a3c6b6833c09b3117dd30af4ef3d2d45e9cc575ab34515d96c44c44dd37e8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 04 Oct 2021 11:24:13 GMT server ESF date Mon, 04 Oct 2021 11:27:12 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Mon, 04 Oct 2021 11:27:12 GMT
GET H2	200	fa-light-300.woff2 controllervest.no/wp-content/plugins/bootstrap-font-awesome/fa/webfonts/	181 KB 182 KB	40ms 40ms	Font font/woff2	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://controllervest.no/wp-content/plugins/bootstrap-font-awesome/fa/webfonts/fa-light-300.woff2 Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash b1a5b8d96b8e8792ac50f6f4ad4d8051ade721c69a5fec310378155681d110b8 Request headers :path /wp-content/plugins/bootstrap-font-awesome/fa/webfonts/fa-light-300.woff2 pragma no-cache origin https://controllervest.no accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority controllervest.no referer https://controllervest.no/ :scheme https sec-fetch-site same-origin :method GET Referer https://controllervest.no/ Origin https://controllervest.no Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:12 GMT last-modified Fri, 25 Sep 2020 08:48:53 GMT server nginx etag "5f6daef5-2d570" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 185712
GET H2	200	jquery.min.js Show response controllervest.no/wp-includes/js/jquery/	87 KB 31 KB	77ms 76ms	Script application/javascript	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://controllervest.no/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers :path /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority controllervest.no referer https://controllervest.no/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:12 GMT content-encoding br last-modified Wed, 10 Mar 2021 15:07:24 GMT server nginx etag W/"6048e0ac-15db1" vary Accept-Encoding Accept-Encoding Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	shell.js Show response js.hsforms.net/forms/	562 KB 143 KB	66ms 37ms	Script application/javascript	104.17.184.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/shell.js Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.184.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c83ead4df620cfe935b691ddd20665037e1582cae7bb3440a9e439e6f144cd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:12 GMT via 1.1 20f0d9cf6610f77242f5c592d2ecfd1d.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 447 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 20 Sep 2021 03:06:45 UTC server cloudflare etag W/"630c4058cadb3fc715f112d2cf6b796a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuz65Vytq%2FkwUHpM8JyX%2BPD7%2FHD9Mwf1aKlpTFPoFKSn3WbfQZhAAsOu%2FSOwKzx3%2FglEKYLI9HBOiVo04ViQNhpxBsTuu9Y1QYCQ077bRsgqzK%2F1sltt4v%2F0%2FqpThREa"}],"group":"cf-nel","max_age":604800} x-amz-version-id DXYshb3V7aEOuJ9zF5pU.Zf9sZWNVJnH access-control-allow-origin * cache-control s-maxage=600, max-age=0 x-hs-cache-status HIT x-amz-cf-pop IAD89-C3 cf-ray 698e0f48989b177a-FRA x-amz-cf-id 6k-IH8kxTTI3BOMQczrLvotLLe8AKrJqSmabje1MoTu7RLu_ME9XVw== x-hs-target-asset FormsNext/static-5.375/bundles/project_with_deps.js
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 1017 B	63ms 28ms	Script text/javascript	142.250.184.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&ver=3.0 Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f4.1e100.net Software GSE / Resource Hash 8f5bd42094a7eb105db442f16ea504cce19eedd70d322dc8b206b5bd225366cd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:12 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 583 x-xss-protection 1; mode=block expires Mon, 04 Oct 2021 11:27:12 GMT
GET H2	200	lazyload.min.js Show response controllervest.no/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/	8 KB 3 KB	32ms 32ms	Script application/javascript	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://controllervest.no/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41 Request headers :path /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority controllervest.no referer https://controllervest.no/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:12 GMT content-encoding br last-modified Thu, 29 Oct 2020 10:05:07 GMT server nginx etag W/"5f9a93d3-1ed2" vary Accept-Encoding Accept-Encoding Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	a683c6311a972a5b2b6b1abb95ca496a.js Show response controllervest.no/wp-content/cache/min/1/	234 KB 67 KB	35ms 34ms	Script application/javascript	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://controllervest.no/wp-content/cache/min/1/a683c6311a972a5b2b6b1abb95ca496a.js Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash 70d273e2ca0210ec586c03f478e2bed6379546c00981f8be3cff75da1c12031e Request headers :path /wp-content/cache/min/1/a683c6311a972a5b2b6b1abb95ca496a.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority controllervest.no referer https://controllervest.no/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:12 GMT content-encoding br last-modified Fri, 23 Apr 2021 07:34:30 GMT server nginx etag W/"60827886-3a967" vary Accept-Encoding Accept-Encoding Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9df80a2cd5a2474db677cdaff774a3e8b1fe22148e4ab83e441c4315229dbce2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6edfae253fc9f5c60d5fdc2cc3ae2ea7066594c539de28dd6212c632ee3acd66 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v20/	23 KB 23 KB	30ms 8ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://controllervest.no Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 15:11:30 GMT x-content-type-options nosniff age 591342 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:19:01 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Sep 2022 15:11:30 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v20/	22 KB 23 KB	36ms 15ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://controllervest.no Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 08:57:05 GMT x-content-type-options nosniff age 441007 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22992 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:18:57 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 29 Sep 2022 08:57:05 GMT
GET H2	200	b1a63776-0ba6-45bf-9e2a-b96a66b550a7 Show response forms.hsforms.com/embed/v3/form/8223962/	11 KB 4 KB	181ms 154ms	Script application/javascript	104.16.86.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/8223962/b1a63776-0ba6-45bf-9e2a-b96a66b550a7?callback=hs_reqwest_0&hutk= Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/shell.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76f3ad682aff1a328e183810cbe6608dcc4ffb6d1b75a0c3a4751d4a656f6ec5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-hubspot-correlation-id 1d8bb23f-3b59-49d3-8ec6-09364db32605 cf-ray 698e0f4a2d8997d8-FRA content-disposition attachment; filename=no-rfd.txt alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare x-trace 2BE887B60044F6AF4D17DE42C5B5C1A20CA9FD2EBA000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript;charset=utf-8 vary Accept-Encoding cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2d83c2882f0012bd6f98cf72817fc94fc8eda28c1d2b0e6209657b8f77cfb679 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash df8cdf791206cc701aa7ee9ca17303f7d4e2ddf0815ae4a0d6ea9f8369c5682f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d26e11be99a90989b06adc266f74b4933320c03449ffd9746ddc5f8faec2923a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/	346 KB 136 KB	32ms 7ms	Script text/javascript	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://controllervest.no/ Origin https://controllervest.no Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 10:29:21 GMT content-encoding gzip x-content-type-options nosniff age 3472 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138353 x-xss-protection 0 last-modified Mon, 27 Sep 2021 04:02:11 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Tue, 04 Oct 2022 10:29:21 GMT
GET H2	200	cross.png controllervest.no/wp-content/plugins/Ultimate_VC_Addons/assets/img/	247 B 448 B	29ms 28ms	Image image/png	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://controllervest.no/wp-content/plugins/Ultimate_VC_Addons/assets/img/cross.png Requested by Host: controllervest.no URL: https://controllervest.no/wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash e62027e0c39df5b4b33c2cec351b2464375c5e4c077a6f2c4c72dcbf86150f00 Request headers :path /wp-content/plugins/Ultimate_VC_Addons/assets/img/cross.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority controllervest.no referer https://controllervest.no/wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT last-modified Wed, 10 Mar 2021 10:29:40 GMT server nginx etag "60489f94-f7" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 247
GET H2	200	refill Show response controllervest.no/wp-json/contact-form-7/v1/contact-forms/43/	2 B 447 B	31ms 30ms	XHR application/json	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://controllervest.no/wp-json/contact-form-7/v1/contact-forms/43/refill Requested by Host: controllervest.no URL: https://controllervest.no/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value X-Content-Type-Options nosniff Request headers :path /wp-json/contact-form-7/v1/contact-forms/43/refill pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept application/json, text/javascript, */*; q=0.01 cache-control no-cache sec-fetch-dest empty :authority controllervest.no x-requested-with XMLHttpRequest :scheme https sec-fetch-site same-origin referer https://controllervest.no/ :method GET Accept application/json, text/javascript, */*; q=0.01 Referer https://controllervest.no/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT x-content-type-options nosniff x-cacheable SHORT x-powered-by WP Engine x-cache HIT: 2 vary Accept-Encoding,Cookie content-length 2 x-cache-group normal access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type server nginx allow GET content-type application/json; charset=UTF-8 access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control max-age=600, must-revalidate accept-ranges bytes x-robots-tag noindex link <https://controllervest.no/wp-json/>; rel="https://api.w.org/"
GET H2	200	ajax-loader.gif controllervest.no/wp-content/plugins/contact-form-7/images/	847 B 1 KB	49ms 49ms	Image image/gif	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://controllervest.no/wp-content/plugins/contact-form-7/images/ajax-loader.gif Requested by Host: controllervest.no URL: https://controllervest.no/wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877 Request headers :path /wp-content/plugins/contact-form-7/images/ajax-loader.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority controllervest.no referer https://controllervest.no/wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/wp-content/cache/min/1/0407e4e45a79b8941354f6acac9c38e9.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT last-modified Thu, 08 Oct 2020 09:42:02 GMT server nginx etag "5f7edeea-34f" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 847
GET H2	200	logo-controller-vest-farge.png controllervest.no/wp-content/uploads/	8 KB 9 KB	29ms 29ms	Image image/png	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://controllervest.no/wp-content/uploads/logo-controller-vest-farge.png Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash 26a576986e372815c412ee261a3c06414abc135818350432e3dc13abc2f42ba4 Request headers :path /wp-content/uploads/logo-controller-vest-farge.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority controllervest.no referer https://controllervest.no/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT last-modified Fri, 25 Sep 2020 07:48:57 GMT server nginx etag "5f6da0e9-21a7" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 8615
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 92AF	39 KB 20 KB	37ms 36ms	Document text/html	142.250.184.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f4.1e100.net Software GSE / Resource Hash 3a5976ca84a1036da11b2022690f56c899b7f6a295f8e24db4f2daefe29b0b15 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5EoJ4vveBbFQZJnPIgRtPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://controllervest.no/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Mon, 04 Oct 2021 11:27:13 GMT content-security-policy script-src 'report-sample' 'nonce-5EoJ4vveBbFQZJnPIgRtPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 20299 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	controller-vest-1-2048x1199.jpg controllervest.no/wp-content/uploads/	188 KB 189 KB	29ms 29ms	Image image/jpeg	35.197.246.158 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://controllervest.no/wp-content/uploads/controller-vest-1-2048x1199.jpg Requested by Host: controllervest.no URL: https://controllervest.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.197.246.158 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 158.246.197.35.bc.googleusercontent.com Software nginx / Resource Hash 0b922442b1ae93594049ef843712b03f3f248a5517133da37ddf7a7f664fd0db Request headers :path /wp-content/uploads/controller-vest-1-2048x1199.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority controllervest.no referer https://controllervest.no/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://controllervest.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT last-modified Wed, 28 Oct 2020 15:17:43 GMT server nginx etag "5f998b97-2f14c" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 192844
GET H3	200	shell.js Show response js.hsforms.net/forms/ Frame 13CA	562 KB 143 KB	47ms 36ms	Script application/javascript	104.17.184.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/shell.js Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/shell.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.184.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c83ead4df620cfe935b691ddd20665037e1582cae7bb3440a9e439e6f144cd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT via 1.1 20f0d9cf6610f77242f5c592d2ecfd1d.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 448 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 20 Sep 2021 03:06:45 UTC server cloudflare etag W/"630c4058cadb3fc715f112d2cf6b796a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ud5bQ%2Bnoal7PuPbVNo20E6QKIF7SHib21KBnCwLqIALKBMH3bud1goZbjsU0%2BBfA0ptHBUvKpoBHfCMkxy5QjMlKdBY42TB1kdiemTa6Y3lWa1oZegimAxyOlIe7pgt2"}],"group":"cf-nel","max_age":604800} x-amz-version-id DXYshb3V7aEOuJ9zF5pU.Zf9sZWNVJnH access-control-allow-origin * cache-control s-maxage=600, max-age=0 x-hs-cache-status HIT x-amz-cf-pop IAD89-C3 cf-ray 698e0f4b7b6e6921-FRA x-amz-cf-id 6k-IH8kxTTI3BOMQczrLvotLLe8AKrJqSmabje1MoTu7RLu_ME9XVw== x-hs-target-asset FormsNext/static-5.375/bundles/project_with_deps.js
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 92AF	52 KB 25 KB	24ms 9ms	Stylesheet text/css	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash 5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 10:38:18 GMT content-encoding gzip x-content-type-options nosniff age 2935 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25732 x-xss-protection 0 last-modified Mon, 27 Sep 2021 04:02:11 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Tue, 04 Oct 2022 10:38:18 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 92AF	346 KB 135 KB	21ms 7ms	Script text/javascript	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 10:29:21 GMT content-encoding gzip x-content-type-options nosniff age 3472 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138353 x-xss-protection 0 last-modified Mon, 27 Sep 2021 04:02:11 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Tue, 04 Oct 2022 10:29:21 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 92AF	2 KB 2 KB	7ms 6ms	Image image/png	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 01 Oct 2021 13:18:13 GMT x-content-type-options nosniff age 252540 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Fri, 08 Oct 2021 13:18:13 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 92AF	15 KB 15 KB	24ms 10ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:58:13 GMT x-content-type-options nosniff age 574140 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Sep 2022 19:58:13 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 92AF	15 KB 15 KB	21ms 7ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 01:35:26 GMT x-content-type-options nosniff age 553907 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 Sep 2022 01:35:26 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 92AF	102 B 134 B	18ms 17ms	Other text/javascript	142.250.184.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f4.1e100.net Software GSE / Resource Hash 28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 11:27:13 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Mon, 04 Oct 2021 11:27:13 GMT
GET H3	200	css fonts.googleapis.com/ Frame 13CA	664 B 356 B	50ms 26ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/shell.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 04 Oct 2021 10:29:10 GMT server ESF date Mon, 04 Oct 2021 11:27:13 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Mon, 04 Oct 2021 11:27:13 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 92AF	29 KB 16 KB	49ms 49ms	XHR application/json	142.250.184.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f4.1e100.net Software GSE / Resource Hash ce4cfe6a282733d31cd0bc90d849bbc4f556e5abb6bdf1ced071a4e4d0b73f70 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld0CIYaAAAAAL1ftAu8z01Cwk1uIKxpvPAjUgEj&co=aHR0cHM6Ly9jb250cm9sbGVydmVzdC5ubzo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=wsnkcrqmhve7 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-protobuffer Response headers date Mon, 04 Oct 2021 11:27:13 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16362 x-xss-protection 1; mode=block expires Mon, 04 Oct 2021 11:27:13 GMT

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster undefined| $ function| jQuery function| loadCSS function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq function| hs_reqwest_0 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| lazyLoadOptions function| wprRemoveCPCSS object| dtx_vars function| Froogaloop object| wpcf7 object| wpcf7r object| wpcf7_redirect object| wpcf7_recaptcha object| html5 object| bsfmodernizr function| yepnope object| classie function| $f function| eve function| mina function| Snap object| transEndEventNames string| transEndEventName object| support object| wp function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| VcWaypoint function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| overlay_pattern_attachment_css string| overlay_multi_color_html string| overlay_pattern_html string| overlay_color_html string| seperator_css string| seperator_border_line_css string| seperator_border_css string| seperator_class number| wh object| recaptcha object| closure_lm_233463 string| waypointContextKey

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 02:01:38	Name: _GRECAPTCHA Value: 09AHXV0NPFMImqiMKW36n_uW3zcc40l23LDDRuG0zJUIFLOPd3efHyIuAC0gN8KkswEJlzZOG3YlVLwlQ8qiggtgg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

controllervest.no
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
js.hsforms.net
www.google.com
www.gstatic.com
104.16.86.5
104.17.184.73
142.250.184.196
142.250.185.195
142.250.186.131
142.250.186.170
35.197.246.158
0b922442b1ae93594049ef843712b03f3f248a5517133da37ddf7a7f664fd0db
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
26a576986e372815c412ee261a3c06414abc135818350432e3dc13abc2f42ba4
28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505
2d83c2882f0012bd6f98cf72817fc94fc8eda28c1d2b0e6209657b8f77cfb679
3a5976ca84a1036da11b2022690f56c899b7f6a295f8e24db4f2daefe29b0b15
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43a3c6b6833c09b3117dd30af4ef3d2d45e9cc575ab34515d96c44c44dd37e8a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6edfae253fc9f5c60d5fdc2cc3ae2ea7066594c539de28dd6212c632ee3acd66
70d273e2ca0210ec586c03f478e2bed6379546c00981f8be3cff75da1c12031e
76f3ad682aff1a328e183810cbe6608dcc4ffb6d1b75a0c3a4751d4a656f6ec5
7e860f722a02daa7b92a292d032bc3dd4817070c36c980bb0144985b8d561fb0
8c83ead4df620cfe935b691ddd20665037e1582cae7bb3440a9e439e6f144cd9
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f5bd42094a7eb105db442f16ea504cce19eedd70d322dc8b206b5bd225366cd
9df80a2cd5a2474db677cdaff774a3e8b1fe22148e4ab83e441c4315229dbce2
ab8098d9619130508b8929b4152e2bb0cad6b27e4b2ad57ecdc53222d1af4baf
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
b1a5b8d96b8e8792ac50f6f4ad4d8051ade721c69a5fec310378155681d110b8
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
ce4cfe6a282733d31cd0bc90d849bbc4f556e5abb6bdf1ced071a4e4d0b73f70
d26e11be99a90989b06adc266f74b4933320c03449ffd9746ddc5f8faec2923a
df8cdf791206cc701aa7ee9ca17303f7d4e2ddf0815ae4a0d6ea9f8369c5682f
e62027e0c39df5b4b33c2cec351b2464375c5e4c077a6f2c4c72dcbf86150f00
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32