urlscan.io logo urlscan.io
SecurityTrails logo

xn--allelnutensikkerhet-4wb.no Open in urlscan Pro Puny
allelÄnutensikkerhet.no IDN
91.201.60.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.xn--allelnutensikkerhet-4wb.no/
Effective URL: https://xn--allelnutensikkerhet-4wb.no/
Submission: On April 29 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 41 HTTP transactions. The main IP is 91.201.60.89, located in Sweden and belongs to ASODERLAND, SE. The main domain is xn--allelnutensikkerhet-4wb.no.
TLS certificate: Issued by R3 on April 29th 2021. Valid for: 3 months.
This is the only time xn--allelnutensikkerhet-4wb.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 91.201.60.89 44136 (ASODERLAND)
6 99.84.144.36 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 35.158.226.214 16509 (AMAZON-02)
4 13.49.130.1 16509 (AMAZON-02)
41 11
13    91.201.60.89 (Sweden)

ASN44136 (ASODERLAND, SE)
PTR: premium23.oderland.com
www.xn--allelnutensikkerhet-4wb.no
xn--allelnutensikkerhet-4wb.no
6    99.84.144.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-36.txl52.r.cloudfront.net
cdn.adtr-ct.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    35.158.226.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-226-214.eu-central-1.compute.amazonaws.com
api.adtraction.net
4    13.49.130.1 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-49-130-1.eu-north-1.compute.amazonaws.com
secure.adtraction.com
Domain Requested by
12 xn--allelnutensikkerhet-4wb.no xn--allelnutensikkerhet-4wb.no
10 fonts.gstatic.com fonts.googleapis.com
6 cdn.adtr-ct.com xn--allelnutensikkerhet-4wb.no
cdn.adtr-ct.com
code.jquery.com
4 secure.adtraction.com
4 api.adtraction.net code.jquery.com
2 stackpath.bootstrapcdn.com cdn.adtr-ct.com
2 fonts.googleapis.com xn--allelnutensikkerhet-4wb.no
cdn.adtr-ct.com
1 code.jquery.com cdn.adtr-ct.com
1 www.xn--allelnutensikkerhet-4wb.no 1 redirects
41 9

This site contains no links.

Subject Issuer Validity Valid
xn--allelnutensikkerhet-4wb.no
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh
adtr-ct.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
adtraction.net
R3		 2021-03-05 -
2021-06-03		 3 months crt.sh
*.adtraction.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-09-14 -
2021-10-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://xn--allelnutensikkerhet-4wb.no/
Frame ID: 3B8CCF04D680E01788D273037DD31959
Requests: 21 HTTP requests in this frame

Frame: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Frame ID: 0B5AF99F2E0A918D40E064DF36946938
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.xn--allelnutensikkerhet-4wb.no/ HTTP 301
    https://xn--allelnutensikkerhet-4wb.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

41
Requests

100 %
HTTPS

60 %
IPv6

8
Domains

9
Subdomains

11
IPs

4
Countries

979 kB
Transfer

1574 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.xn--allelnutensikkerhet-4wb.no/ HTTP 301
    https://xn--allelnutensikkerhet-4wb.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--allelnutensikkerhet-4wb.no/
Redirect Chain
  • https://www.xn--allelnutensikkerhet-4wb.no/
  • https://xn--allelnutensikkerhet-4wb.no/
38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed / PHP/7.4.16
Resource Hash
f624828e19da00297784ff4a353cdad272cf852eec5064a76c03500fd6c5b589

Request headers

:method
GET
:authority
xn--allelnutensikkerhet-4wb.no
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by
PHP/7.4.16
content-type
text/html; charset=UTF-8
link
<https://xn--allelnutensikkerhet-4wb.no/wp-json/>; rel="https://api.w.org/" <https://xn--allelnutensikkerhet-4wb.no/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://xn--allelnutensikkerhet-4wb.no/>; rel=shortlink </wp-content/litespeed/cssjs/0597a.css?364ca>; rel=preload; as=style,</wp-includes/js/jquery/jquery.min.js>; rel=preload; as=script,</wp-content/litespeed/cssjs/c8a44.js?268ef>; rel=preload; as=script,</wp-content/litespeed/cssjs/e2900.js?de5e1>; rel=preload; as=script,</wp-content/litespeed/cssjs/8164a.js?53f1d>; rel=preload; as=script,</wp-content/litespeed/cssjs/3b81f.js?a050b>; rel=preload; as=script,</wp-content/litespeed/cssjs/43b32.js?db46c>; rel=preload; as=script,</wp-content/litespeed/cssjs/ce7da.js?a867d>; rel=preload; as=script,</wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js>; rel=preload; as=script
etag
"5191-1619509054;br"
x-litespeed-cache
hit
content-encoding
br
vary
Accept-Encoding
date
Thu, 29 Apr 2021 22:23:29 GMT
server
LiteSpeed
set-cookie
ls_smartpush=1ff; path=/; expires=Mon, 28 Jun 2021 22:23:29 GMT; secure; SameSite=Strict

Redirect headers

x-powered-by
PHP/7.4.16
content-type
text/html; charset=UTF-8
x-redirect-by
WordPress
location
https://xn--allelnutensikkerhet-4wb.no/
x-litespeed-cache
hit
content-length
0
date
Thu, 29 Apr 2021 22:23:29 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
0597a.css
xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ 		256 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/0597a.css?364ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
b450cb845bd67d834c9831695b15549fe5c031c83b16a66bf8a9082e2a6064a5

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 02:20:25 GMT
server
LiteSpeed
etag
"3ff6f-6084d1e9-1c7c55c114e80543;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
47142
expires
Thu, 06 May 2021 22:23:29 GMT
jquery.min.js
xn--allelnutensikkerhet-4wb.no/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sat, 12 Dec 2020 11:47:15 GMT
server
LiteSpeed
etag
"15d98-5fd4adc3-f6c4dc0fb88250b7;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30287
expires
Thu, 06 May 2021 22:23:29 GMT
c8a44.js
xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/c8a44.js?268ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
c722134998707613b600c594df30d4d159cd2eb6ed8efebb9e63a644fd5e26cc

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 02:20:25 GMT
server
LiteSpeed
etag
"84ff-6084d1e9-3a038811498feab;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10811
expires
Thu, 06 May 2021 22:23:29 GMT
e2900.js
xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/e2900.js?de5e1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
2b5f4f75baa3e2e2826110e5ee4a78cca53b1aaf03c8227570149ca7aaeb24c0

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 02:20:25 GMT
server
LiteSpeed
etag
"2bd9-6084d1e9-df7d16fd4490a2b4;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3996
expires
Thu, 06 May 2021 22:23:29 GMT
8164a.js
xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ 		702 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/8164a.js?53f1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
63bdc8f59b8754bf92e0d7f9269eaba1b3648bc838f54a602ecf9edbee657f58

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 02:20:25 GMT
server
LiteSpeed
etag
"2be-6084d1e9-10c484a5385e7c16;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
312
expires
Thu, 06 May 2021 22:23:29 GMT
3b81f.js
xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ 		590 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/3b81f.js?a050b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
138a730f424c41b018bced2b1050fc2789b1c8bcdac82799abbcf68930490fcc

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 02:20:25 GMT
server
LiteSpeed
etag
"24e-6084d1e9-5554fa0865c5ca82;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
245
expires
Thu, 06 May 2021 22:23:29 GMT
43b32.js
xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ 		3 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/43b32.js?db46c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
5759b4ed2908241e8b5caeed00506192568b42edc052cee9de76aa9cb5d25753

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 02:20:25 GMT
server
LiteSpeed
etag
"d9c-6084d1e9-15dd3f3c66050146;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
907
expires
Thu, 06 May 2021 22:23:29 GMT
ce7da.js
xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ 		1 KB
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/ce7da.js?a867d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
7837f5167ad849e90616b2dc2f11eaadc31648be54533d7cd61836e119378fa7

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Sun, 25 Apr 2021 02:20:25 GMT
server
LiteSpeed
etag
"594-6084d1e9-6a55dce86781cf13;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
665
expires
Thu, 06 May 2021 22:23:29 GMT
webfontloader.min.js
xn--allelnutensikkerhet-4wb.no/wp-content/plugins/litespeed-cache/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:27:52 GMT
server
LiteSpeed
etag
"2f42-60538d98-32505e307c7f05ab;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4649
expires
Thu, 06 May 2021 22:23:29 GMT
allelanlogo.svg
xn--allelnutensikkerhet-4wb.no/wp-content/uploads/2020/09/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/uploads/2020/09/allelanlogo.svg
Requested by
Host: xn--allelnutensikkerhet-4wb.no
URL: https://xn--allelnutensikkerhet-4wb.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
f21f9c130528dd6d2886928738c19477cb0065b0f7f5a901f87c8c28d868273a

Request headers

:path
/wp-content/uploads/2020/09/allelanlogo.svg
pragma
no-cache
cookie
ls_smartpush=1ff
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xn--allelnutensikkerhet-4wb.no
referer
https://xn--allelnutensikkerhet-4wb.no/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
content-encoding
br
last-modified
Tue, 22 Sep 2020 07:47:22 GMT
server
LiteSpeed
etag
"3e3a-5f69ac0a-de5879cedebaac31;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6422
expires
Thu, 06 May 2021 22:23:29 GMT
widget.client.min.js
cdn.adtr-ct.com/widgets/compare-loans/js/client/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtr-ct.com/widgets/compare-loans/js/client/widget.client.min.js
Requested by
Host: xn--allelnutensikkerhet-4wb.no
URL: https://xn--allelnutensikkerhet-4wb.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-36.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de6277f2baeeaed55b0343c310cfe2ef933ce7cef3ab261b16dfe76f02833bde

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:30 GMT
via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
last-modified
Thu, 04 Mar 2021 14:38:14 GMT
server
AmazonS3
x-amz-cf-pop
TXL52-C1
etag
"9cabe2fef8b46d57984e1cffbb56d190"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=0,no-cache,no-store,must-revalidate
accept-ranges
bytes
content-length
15181
x-amz-cf-id
755zSxd5OiErxPFbM-CmZQiE35C11O2_FKTU2PN3ZQXsMbEKHqXarg==
norge.jpg
xn--allelnutensikkerhet-4wb.no/wp-content/uploads/2020/09/ 		373 KB
373 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--allelnutensikkerhet-4wb.no/wp-content/uploads/2020/09/norge.jpg
Requested by
Host: xn--allelnutensikkerhet-4wb.no
URL: https://xn--allelnutensikkerhet-4wb.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.89 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
premium23.oderland.com
Software
LiteSpeed /
Resource Hash
1395311906acc56b06b14fcf2774a7db9bdb7436c9feee2064774d2d08c871a8

Request headers

:path
/wp-content/uploads/2020/09/norge.jpg
pragma
no-cache
cookie
ls_smartpush=1ff
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xn--allelnutensikkerhet-4wb.no
referer
https://xn--allelnutensikkerhet-4wb.no/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:29 GMT
last-modified
Thu, 17 Sep 2020 08:01:01 GMT
server
LiteSpeed
etag
"5d2a1-5f6317bd-cb86822a7159ba47;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
381601
expires
Thu, 06 May 2021 22:23:29 GMT
css
fonts.googleapis.com/ 		7 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Requested by
Host: xn--allelnutensikkerhet-4wb.no
URL: https://xn--allelnutensikkerhet-4wb.no/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f201f971ae492716ad056753adb852b8bbe23cdd32ec9a6c1fde5a36223d6c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xn--allelnutensikkerhet-4wb.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 22:23:29 GMT
server
ESF
date
Thu, 29 Apr 2021 22:23:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 22:23:29 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--allelnutensikkerhet-4wb.no
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 00:07:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
80131
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 29 Apr 2022 00:07:58 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--allelnutensikkerhet-4wb.no
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
73227
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 29 Apr 2022 02:03:02 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--allelnutensikkerhet-4wb.no
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 06:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
age
229735
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Wed, 27 Apr 2022 06:34:34 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--allelnutensikkerhet-4wb.no
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:43:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
age
23985
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:43:44 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v17/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--allelnutensikkerhet-4wb.no
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:44:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:06 GMT
server
sffe
age
23956
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24440
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:44:13 GMT
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v17/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--allelnutensikkerhet-4wb.no
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 02:03:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:34 GMT
server
sffe
age
73221
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24428
x-xss-protection
0
expires
Fri, 29 Apr 2022 02:03:08 GMT
QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2
fonts.gstatic.com/s/inconsolata/v21/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inconsolata/v21/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700%7CLato:400,700,400italic,700italic%7CInconsolata:400,700&subset=latin,latin-ext,latin,latin-ext,latin,latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be6e83ef241f060e8fca55002f6994af05bf2360ebc74c9b6165721ffea6bfc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--allelnutensikkerhet-4wb.no
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:35:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:36:07 GMT
server
sffe
age
24461
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31716
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:35:48 GMT
index-4d265a59b2.html
cdn.adtr-ct.com/widgets/compare-loans/ Frame 0B5A 		24 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/js/client/widget.client.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-36.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59ee1b8ed94febbc66c3f054616abca3a16e04ed7ed3e893732d656be92d5601

Request headers

:method
GET
:authority
cdn.adtr-ct.com
:scheme
https
:path
/widgets/compare-loans/index-4d265a59b2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xn--allelnutensikkerhet-4wb.no/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://xn--allelnutensikkerhet-4wb.no/

Response headers

content-type
text/html
content-length
24289
date
Thu, 29 Apr 2021 04:32:59 GMT
last-modified
Thu, 04 Mar 2021 14:38:13 GMT
etag
"962091ced430d0ea6e0757bb510c2225"
cache-control
public, max-age=86400
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
VJNe8EZ3xGgEn3tf-80HTor3MT_ZzkveO9Lq5Z3IYQlYWNnhCK0Pzw==
age
64232
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame 0B5A 		152 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://cdn.adtr-ct.com
Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
577760
cdn-cachedat
2021-04-23 07:23:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09c153f31300003250f41e9000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0da7fb57e32390cdc8494ba9144fcf4c
cf-ray
647bef64ed2a3250-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 0B5A 		8 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 22:11:18 GMT
server
ESF
date
Thu, 29 Apr 2021 22:23:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 22:23:30 GMT
main-41acff51ab.min.css
cdn.adtr-ct.com/widgets/compare-loans/css/ Frame 0B5A 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adtr-ct.com/widgets/compare-loans/css/main-41acff51ab.min.css
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-36.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89389492a1baf4c0ba9ffa54c31acd18c213655abb14683b0c931b90e368b750

Request headers

Referer
https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 04:32:59 GMT
via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
last-modified
Thu, 04 Mar 2021 14:38:12 GMT
server
AmazonS3
age
64232
etag
"41acff51ab541761fa5df2a6e15cd9ce"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
13004
x-amz-cf-id
seTaNY6I6tt4QwQjWkr7SVBivUrg4iViLyAoUNTnDI2c0WR3VMhdtQ==
jquery-3.4.1.min.js
code.jquery.com/ Frame 0B5A 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
https://cdn.adtr-ct.com
Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:30 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1619735010.dop224.fr8.t,1619735010.cds290.fr8.hc,1619735010.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame 0B5A 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://cdn.adtr-ct.com
Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 22:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
542510
cdn-cachedat
2021-04-23 16:56:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09c153f31400003250cc18a000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3c5219dd42071627a1bf1e85370e6f98
cf-ray
647bef64ed2b3250-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
vendors-c0c1d7eb8b.min.js
cdn.adtr-ct.com/widgets/compare-loans/js/ Frame 0B5A 		117 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtr-ct.com/widgets/compare-loans/js/vendors-c0c1d7eb8b.min.js
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-36.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9202fc85e133b2eb60b3fdf35af531b195f1da5c751bb4dd6035d22f024a99a0

Request headers

Referer
https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 00:39:37 GMT
via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
last-modified
Mon, 14 Dec 2020 17:07:44 GMT
server
AmazonS3
age
78234
etag
"c0c1d7eb8b3cefa2bf15d26421ddd502"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
119591
x-amz-cf-id
pZms29N_BlN2ZGHAoKeM9lCMfoy0LoUD6w-Y8_7II6NemM-cjhJ77A==
main-d2be0d3741.min.js
cdn.adtr-ct.com/widgets/compare-loans/js/ Frame 0B5A 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtr-ct.com/widgets/compare-loans/js/main-d2be0d3741.min.js
Requested by
Host: cdn.adtr-ct.com
URL: https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-36.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a8a292c0de206bc61465da5b3d2972c4dd99ae2a2743182ef4e6f7e7cc4f6e

Request headers

Referer
https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:25:23 GMT
via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
last-modified
Thu, 04 Mar 2021 14:38:13 GMT
server
AmazonS3
age
25088
etag
"bb1e5896e153fbe92c555b8f10b5c416"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
14128
x-amz-cf-id
ATyYuB8ea3J04B2_SCKsO0-Ufh6q9cat9Bl6uiEpMXFvUuSyHKwpbg==
truncated
/ Frame 0B5A 		503 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
078e18f103e72a65f77c1ef929b94af2671191603b1f6c0a8ec28dd57862cce4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0B5A 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
931f75872f209ab21373c4392f4bc4074ccd9014e571c4f2901a23435c591330

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 0B5A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cdn.adtr-ct.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 05:52:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
age
59457
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
expires
Fri, 29 Apr 2022 05:52:33 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 0B5A 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cdn.adtr-ct.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:50:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
246773
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Wed, 27 Apr 2022 01:50:37 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 0B5A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cdn.adtr-ct.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:40:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
178972
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:40:38 GMT
no-14a547fa5d.json
cdn.adtr-ct.com/widgets/compare-loans/locales/ Frame 0B5A 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adtr-ct.com/widgets/compare-loans/locales/no-14a547fa5d.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-36.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
202a445c9f3fa5281ed39e69c72171be1323d835e55b70b7274cdbb7890781de

Request headers

Accept
*/*
Referer
https://cdn.adtr-ct.com/widgets/compare-loans/index-4d265a59b2.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 09:49:27 GMT
via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
last-modified
Mon, 14 Dec 2020 17:07:44 GMT
server
AmazonS3
age
45244
etag
"14a547fa5d25df43759f4a4ca988b796"
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
1254
x-amz-cf-id
MRQ02MrSiIvNh498MPDigy7XuyBR5Mlo3sGhaAGobeVT0EPAg7_qmA==
paydayloans
api.adtraction.net/v2/public/compare/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.adtraction.net/v2/public/compare/paydayloans
Protocol
HTTP/1.1
Server
35.158.226.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-226-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.adtr-ct.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Headers
content-type
Access-Control-Max-Age
1800
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Frame-Options
DENY
Content-Length
0
Date
Thu, 29 Apr 2021 22:23:30 GMT
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Access-Control-Expose-Headers
count
loans
api.adtraction.net/v2/public/compare/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.adtraction.net/v2/public/compare/loans
Protocol
HTTP/1.1
Server
35.158.226.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-226-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.adtr-ct.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Access-Control-Allow-Headers
content-type
Access-Control-Max-Age
1800
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Frame-Options
DENY
Content-Length
0
Date
Thu, 29 Apr 2021 22:23:30 GMT
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, OPTIONS, POST
Access-Control-Expose-Headers
count
paydayloans
api.adtraction.net/v2/public/compare/ Frame 0B5A 		2 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.adtraction.net/v2/public/compare/paydayloans
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.226.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-226-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 29 Apr 2021 22:23:30 GMT
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, OPTIONS, POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
count
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
close
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-XSS-Protection
1; mode=block
Expires
0
loans
api.adtraction.net/v2/public/compare/ Frame 0B5A 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.adtraction.net/v2/public/compare/loans
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.226.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-226-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
05704eb3e5ab4f9d4ee8b8544f1cb6e26feb7d28599aba641fe9d98d08f8b33e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 29 Apr 2021 22:23:30 GMT
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, OPTIONS, POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
count
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
close
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-XSS-Protection
1; mode=block
Expires
0
image.htm
secure.adtraction.com/ Frame 0B5A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adtraction.com/image.htm?imgId=1081817783
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.130.1 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-130-1.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
d9d97cbe2446d9c1bb1378fdbfa0c1c4f14395909a122ff8dcf1298236c8ee5c

Request headers

Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 22:23:31 GMT
Cache-Control
no-store
Content-Type
image/png;charset=UTF-8
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
image.htm
secure.adtraction.com/ Frame 0B5A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adtraction.com/image.htm?imgId=1044259246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.130.1 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-130-1.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
3376768e7df18977d6556b3275eb83e05d791e54d8d187fcf47b1cf5f7c8e936

Request headers

Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 22:23:30 GMT
Cache-Control
no-store
Content-Type
image/png;charset=UTF-8
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
image.htm
secure.adtraction.com/ Frame 0B5A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adtraction.com/image.htm?imgId=1061611450
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.130.1 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-130-1.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
9a83a4a172fdb5872ad3055958b98bd789be4ec24122e7541d0b2d134de4d31c

Request headers

Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 22:23:31 GMT
Cache-Control
no-store
Content-Type
image/png;charset=UTF-8
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
image.htm
secure.adtraction.com/ Frame 0B5A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adtraction.com/image.htm?imgId=1437914817
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.130.1 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-130-1.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
d61bfb2c3677b8582754b8036319f8b97f715f13c956270500ff1f4112dd4570

Request headers

Referer
https://cdn.adtr-ct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 22:23:30 GMT
Cache-Control
no-store
Content-Type
image/png;charset=UTF-8
Transfer-Encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| WebFontConfig function| loadCSS object| stackable undefined| $ function| jQuery object| adtWidget object| stackableButtonTitle object| stackableScreenReaderText object| WebFont object| frontend_blocks function| Waypoint function| _typeof function| iFrameResize object| wp

1 Cookies

Domain/Path Name / Value
xn--allelnutensikkerhet-4wb.no/ Name: ls_smartpush
Value: 1ff

1 Console Messages

Source Level URL
Text
console-api log URL: https://xn--allelnutensikkerhet-4wb.no/wp-content/litespeed/cssjs/e2900.js?de5e1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.adtraction.net
cdn.adtr-ct.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
secure.adtraction.com
stackpath.bootstrapcdn.com
www.xn--allelnutensikkerhet-4wb.no
xn--allelnutensikkerhet-4wb.no
13.49.130.1
2001:4de0:ac18::1:a:3b
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
35.158.226.214
91.201.60.89
99.84.144.36
05704eb3e5ab4f9d4ee8b8544f1cb6e26feb7d28599aba641fe9d98d08f8b33e
078e18f103e72a65f77c1ef929b94af2671191603b1f6c0a8ec28dd57862cce4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
138a730f424c41b018bced2b1050fc2789b1c8bcdac82799abbcf68930490fcc
1395311906acc56b06b14fcf2774a7db9bdb7436c9feee2064774d2d08c871a8
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
202a445c9f3fa5281ed39e69c72171be1323d835e55b70b7274cdbb7890781de
2b5f4f75baa3e2e2826110e5ee4a78cca53b1aaf03c8227570149ca7aaeb24c0
3376768e7df18977d6556b3275eb83e05d791e54d8d187fcf47b1cf5f7c8e936
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4f201f971ae492716ad056753adb852b8bbe23cdd32ec9a6c1fde5a36223d6c0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5759b4ed2908241e8b5caeed00506192568b42edc052cee9de76aa9cb5d25753
59ee1b8ed94febbc66c3f054616abca3a16e04ed7ed3e893732d656be92d5601
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63bdc8f59b8754bf92e0d7f9269eaba1b3648bc838f54a602ecf9edbee657f58
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7837f5167ad849e90616b2dc2f11eaadc31648be54533d7cd61836e119378fa7
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
89389492a1baf4c0ba9ffa54c31acd18c213655abb14683b0c931b90e368b750
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9202fc85e133b2eb60b3fdf35af531b195f1da5c751bb4dd6035d22f024a99a0
931f75872f209ab21373c4392f4bc4074ccd9014e571c4f2901a23435c591330
9a83a4a172fdb5872ad3055958b98bd789be4ec24122e7541d0b2d134de4d31c
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b450cb845bd67d834c9831695b15549fe5c031c83b16a66bf8a9082e2a6064a5
be6e83ef241f060e8fca55002f6994af05bf2360ebc74c9b6165721ffea6bfc9
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5a8a292c0de206bc61465da5b3d2972c4dd99ae2a2743182ef4e6f7e7cc4f6e
c722134998707613b600c594df30d4d159cd2eb6ed8efebb9e63a644fd5e26cc
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
d61bfb2c3677b8582754b8036319f8b97f715f13c956270500ff1f4112dd4570
d9d97cbe2446d9c1bb1378fdbfa0c1c4f14395909a122ff8dcf1298236c8ee5c
de6277f2baeeaed55b0343c310cfe2ef933ce7cef3ab261b16dfe76f02833bde
f21f9c130528dd6d2886928738c19477cb0065b0f7f5a901f87c8c28d868273a
f624828e19da00297784ff4a353cdad272cf852eec5064a76c03500fd6c5b589
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2