www.color4care.no Open in urlscan Pro
94.246.97.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.color4care.no/
Submission: On November 07 via manual (November 7th 2022, 4:50:24 pm UTC) from NO — Scanned from NO

Summary HTTP 116 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 47 domains to perform 116 HTTP transactions. The main IP is 94.246.97.146, located in Sweden and belongs to IPO-EU, SE. The main domain is www.color4care.no.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 14th 2021. Valid for: a year.

This is the only time www.color4care.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	94.246.97.146 94.246.97.146	12552 (IPO-EU) (IPO-EU)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
23	185.172.148.128 185.172.148.128	44239 (PROINITY ...) (PROINITY PROINITY)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
1	52.92.19.65 52.92.19.65	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.107 99.86.4.107	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
4	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.123.68.182 3.123.68.182	16509 (AMAZON-02) (AMAZON-02)
16	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
3 5	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.251.5.154 142.251.5.154	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	13.32.27.15 13.32.27.15	16509 (AMAZON-02) (AMAZON-02)
1 6	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
3	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.31.243.194 52.31.243.194	16509 (AMAZON-02) (AMAZON-02)
1 1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.109 99.86.4.109	16509 (AMAZON-02) (AMAZON-02)
1 2	3.125.244.197 3.125.244.197	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.154.123.93 54.154.123.93	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.57.87.55 52.57.87.55	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	54.76.210.146 54.76.210.146	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.124.68.177 3.124.68.177	16509 (AMAZON-02) (AMAZON-02)
1	54.163.167.231 54.163.167.231	14618 (AMAZON-AES) (AMAZON-AES)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.229.162.197 54.229.162.197	16509 (AMAZON-02) (AMAZON-02)
1	52.58.186.193 52.58.186.193	16509 (AMAZON-02) (AMAZON-02)
1	31.13.72.12 31.13.72.12	32934 (FACEBOOK) (FACEBOOK)
1	52.208.54.255 52.208.54.255	16509 (AMAZON-02) (AMAZON-02)
1	3.93.95.179 3.93.95.179	14618 (AMAZON-AES) (AMAZON-AES)
1	3.23.184.187 3.23.184.187	16509 (AMAZON-02) (AMAZON-02)
116	55

4 94.246.97.146 (Sweden)

ASN12552 (IPO-EU, SE)
PTR: ded100386.vardvaskan.se

www.color4care.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.172.148.128 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

vardvaskan-132b9.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.19.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

mimgs.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-107.fra6.r.cloudfront.net

cdn.klarna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.68.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-68-182.eu-central-1.compute.amazonaws.com

cdn.clerk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.157 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-15.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.243.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-243-194.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-109.fra6.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.244.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-244-197.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.123.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-123-93.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.87.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-87-55.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.210.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-210-146.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.68.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-68-177.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.167.231 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-167-231.compute-1.amazonaws.com

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.162.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-162-197.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.186.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-186-193.eu-central-1.compute.amazonaws.com

api.clerk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.72.12 (Kista, Sweden)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-arn2.fbcdn.net

scontent-arn2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.54.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-54-255.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.95.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-95-179.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.23.184.187 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-184-187.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	kxcdn.com vardvaskan-132b9.kxcdn.com	760 KB
13	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 600 scontent-arn2-1.xx.fbcdn.net — Cisco Umbrella Rank: 45100 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 277	172 KB
8	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 481 sslwidget.criteo.com — Cisco Umbrella Rank: 1993 dis.criteo.com — Cisco Umbrella Rank: 941	12 KB
8	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 172 www.google.com — Cisco Umbrella Rank: 17	81 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97 region1.google-analytics.com — Cisco Umbrella Rank: 2041	23 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 889 script.hotjar.com — Cisco Umbrella Rank: 1168 vars.hotjar.com — Cisco Umbrella Rank: 1210 in.hotjar.com — Cisco Umbrella Rank: 2124	72 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	200 KB
4	color4care.no www.color4care.no	41 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 4898	201 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	17 KB
3	google.no www.google.no — Cisco Umbrella Rank: 20284	763 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 616	12 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 285	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 407	696 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 825	854 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1766	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 313	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 415	1 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 5727 api-iam.intercom.io — Cisco Umbrella Rank: 4913	3 KB
2	clerk.io cdn.clerk.io — Cisco Umbrella Rank: 53041 api.clerk.io — Cisco Umbrella Rank: 50720	27 KB
2	klarna.com cdn.klarna.com — Cisco Umbrella Rank: 50054	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	154 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2672	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 774	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2577	469 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3726	522 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2415	183 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1575	880 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2954	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 678	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1240	343 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 2023	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 571	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2260	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1438	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 805	688 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 756	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 483	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 979	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1062	145 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 809	786 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 156	2 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	amazonaws.com mimgs.s3.amazonaws.com	4 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	14 KB
116	47

	Domain	Requested by
23	vardvaskan-132b9.kxcdn.com	www.color4care.no vardvaskan-132b9.kxcdn.com
11	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
6	www.google.com	1 redirects apis.google.com www.color4care.no www.google.com
5	gum.criteo.com	3 redirects static.criteo.net gum.criteo.com
4	connect.facebook.net	www.color4care.no connect.facebook.net
4	www.google-analytics.com	www.color4care.no www.google-analytics.com
4	www.color4care.no	www.color4care.no
3	js.intercomcdn.com	widget.intercom.io
3	www.facebook.com	www.color4care.no connect.facebook.net
3	www.google.no	www.color4care.no
3	bat.bing.com	www.color4care.no bat.bing.com
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	apis.google.com	www.color4care.no apis.google.com
2	cdn.klarna.com	www.color4care.no
2	www.googletagmanager.com	www.color4care.no www.googletagmanager.com
2	fonts.googleapis.com	www.color4care.no
1	s.thebrighttag.com
1	api-iam.intercom.io	js.intercomcdn.com
1	beacon.krxd.net
1	scontent.xx.fbcdn.net	www.facebook.com
1	scontent-arn2-1.xx.fbcdn.net	www.facebook.com
1	api.clerk.io	cdn.clerk.io
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.intercom.io	1 redirects
1	in.hotjar.com	script.hotjar.com
1	sslwidget.criteo.com	static.criteo.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.color4care.no
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.clerk.io	www.color4care.no
1	mimgs.s3.amazonaws.com	www.color4care.no
1	static.criteo.net	www.color4care.no
116	60

This site contains links to these domains. Also see Links.

Domain
intercom.help
www.vardvaskan.se
www.color4care.dk
www.color4care.co.uk
www.color4care.fi
b2b.color4care.no
www.instagram.com

Subject Issuer	Validity	Valid
www.color4care.no Sectigo RSA Domain Validation Secure Server CA	`2021-12-14` - `2023-01-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
cdn.klarna.com Amazon	`2022-02-28` - `2023-03-29`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.clerk.io Amazon	`2022-08-29` - `2023-09-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.no GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
itm.ivitrack.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.color4care.no/
Frame ID: 64257FA9F1907597D6559BDB18D9CD69
Requests: 75 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.color4care.no&origin=onetag
Frame ID: E4CDA385263DEC64FA5FFFF8D002A053
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=-2859&position=BOTTOM_RIGHT&origin=https%3A%2F%2Fwww.color4care.no&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.no.hX_ZsJkz6VM.O%2Fd%3D1%2Frs%3DAHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ%2Fm%3D__features__
Frame ID: B14EE02D29689B2F6EB06878C2D4506B
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: DFAB8D5EA58414E23B5D3B03DE82E14C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BF7428AE1059621BFF451196D98080C8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ef776cfc92d6c%26domain%3Dwww.color4care.no%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.color4care.no%252Ff20c617fd806af%26relation%3Dparent.parent&container_width=1130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcolor4carenorge&locale=nn_NO&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=500
Frame ID: DE54869D7B79F75B2D8C0530168A6BD2
Requests: 14 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-B73FoGPgIF4qrDBe8fh4D1xvSRSOt8lbNWXbmg&expires=30
Frame ID: BDF12F54F406C7263B5900B21DF53EC7
Requests: 26 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.519578b1.js
Frame ID: 6AF889DF595992763675EF8DFCD7A4D7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arbeidsklær, arbeidssko og støttestrømper for helsepersonell

Detected technologies

Clerk.io (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.clerk\.io/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

116
Requests

91 %
HTTPS

0 %
IPv6

47
Domains

60
Subdomains

55
IPs

10
Countries

1857 kB
Transfer

5509 kB
Size

63
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://intercom.help/vardvaskan-color4care/nb/
Title: Vanlige spørsmål

Search URL Search Domain Scan URL

URL: https://www.vardvaskan.se/

Search URL Search Domain Scan URL

URL: https://www.color4care.dk/

Search URL Search Domain Scan URL

URL: https://www.color4care.co.uk/

Search URL Search Domain Scan URL

URL: https://www.color4care.fi/

Search URL Search Domain Scan URL

URL: https://b2b.color4care.no/
Title: Bedrifter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/color4care/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/Chz1P8bqQbh/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/ChsG_YCK9bH/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/ChXkLPQq8Ij/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/ChU_zmFolXX/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/ChSbNwoqYWh/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/ChP8rKUoukW/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/ChIOQ68IAGX/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Ckagho6Iu7x/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CiiRJM4qRx0/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cifjkl9I37q/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CifUvTxqT9I/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CiQNqZ9I7gz/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CiNek2Rosnp/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CiLEEXEt9a9/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CiKP4yJq8_Z/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CiIYnkBqBli/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CiHrySpBykY/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CiF6e7HtGDm/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CiAw8S-obAO/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Ch6072aqtLB/

Search URL Search Domain Scan URL

URL: https://b2b.color4care.no/?pw_cl=1
Title: Bedrift

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&value=0&auid=1884912812.1667839818&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=SjdpY_TMItaq1gaC1p7wDA&sscte=1&crd=&eitems=ChAIgPaimwYQueLZjISAqo0-Eh0AdPWUFvVTYGgO1Zf8lJ81LdCMjCYWFJqTcEhwBQ&pscrd=Ek9DaEVJZ1BhaW13WVFrYkxoc0xMZV92M0ZBUkltQU1jWnRHTUhKY2d0bkpxTDEzcC1fQlRTM1M4em5DMVFFeGpVSjNhbUJwS1BTYkVYeHpJGlpDaEVJZ1BhaW13WVExNVQ2MWZLRXVmYWJBUkl1QUlUenFwX252Mm05VlVSRmctcE8ySjhGQ21xTHp3S3JGU0ZLWXZ0dS1SX3NTbTdHeVV5SWxGUlZUUzRFU0E HTTP 302
https://www.google.com/pagead/1p-conversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&value=0&auid=1884912812.1667839818&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BhaW13WVFrYkxoc0xMZV92M0ZBUkltQU1jWnRHTUhKY2d0bkpxTDEzcC1fQlRTM1M4em5DMVFFeGpVSjNhbUJwS1BTYkVYeHpJGlpDaEVJZ1BhaW13WVExNVQ2MWZLRXVmYWJBUkl1QUlUenFwX252Mm05VlVSRmctcE8ySjhGQ21xTHp3S3JGU0ZLWXZ0dS1SX3NTbTdHeVV5SWxGUlZUUzRFU0E&is_vtc=1&ocp_id=SjdpY_TMItaq1gaC1p7wDA&eitems=ChAIgPaimwYQueLZjISAqo0-Eh0AdPWUFlewwOBS7sdd_XkONxkpP0Exr-bCNWCBvQ&random=2600323998 HTTP 302
https://www.google.no/pagead/1p-conversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&value=0&auid=1884912812.1667839818&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BhaW13WVFrYkxoc0xMZV92M0ZBUkltQU1jWnRHTUhKY2d0bkpxTDEzcC1fQlRTM1M4em5DMVFFeGpVSjNhbUJwS1BTYkVYeHpJGlpDaEVJZ1BhaW13WVExNVQ2MWZLRXVmYWJBUkl1QUlUenFwX252Mm05VlVSRmctcE8ySjhGQ21xTHp3S3JGU0ZLWXZ0dS1SX3NTbTdHeVV5SWxGUlZUUzRFU0E&is_vtc=1&ocp_id=SjdpY_TMItaq1gaC1p7wDA&eitems=ChAIgPaimwYQueLZjISAqo0-Eh0AdPWUFlewwOBS7sdd_XkONxkpP0Exr-bCNWCBvQ&random=2600323998&ipr=y&prhg=0

Request Chain 79

https://widget.intercom.io/widget/x6t63uob HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 81

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-B73FoGPgIF4qrDBe8fh4D1xvSRSOt8lbNWXbmg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-B73FoGPgIF4qrDBe8fh4D1xvSRSOt8lbNWXbmg&expires=30

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-2HIYI2PgIF4qrDBe8fh4D1xvSRSrjdtAQtYvaQ&google_cm&google_hm=ay0ySElZSTJQZ0lGNHFyREJlOGZoNEQxeHZTUlNyamR0QVF0WXZhUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-2HIYI2PgIF4qrDBe8fh4D1xvSRSrjdtAQtYvaQ&google_gid=CAESECctlFGk7yfpzG2sLzoABLg&google_cver=1&google_ula=913071,0

Request Chain 83

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2012336483727893333

Request Chain 84

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lp2ZAWPgIF4qrDBe8fh4D1xvSRQP1AjJmOLfkA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lp2ZAWPgIF4qrDBe8fh4D1xvSRQP1AjJmOLfkA&C=1

Request Chain 85

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Mpi_y2PgIF4qrDBe8fh4D1xvSRTpxePdMtJG-w HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Mpi_y2PgIF4qrDBe8fh4D1xvSRTpxePdMtJG-w

Request Chain 95

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DjCbgWPgIF4qrDBe8fh4D1xvSRSrLEAJQLAeoQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DjCbgWPgIF4qrDBe8fh4D1xvSRSrLEAJQLAeoQ&verify=true

Request Chain 98

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=E-CPFx5y_ZYiDmeuo4BDUmIvSumF3OSP HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E-CPFx5y_ZYiDmeuo4BDUmIvSumF3OSP

Request Chain 121

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wE3-54yJlSU_Z22FFnth3p50JOuwSYVD

Request Chain 123

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ozgXSpkpYV71ATSzYWhWpfkRjZN1nyAH

116 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.color4care.no/ 200 KB
35 KB 429ms
293ms Document
text/html 94.246.97.146
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://www.color4care.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.246.97.146 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: ded100386.vardvaskan.se
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32 / PHP/5.6.32
Resource Hash: bfe353a28f7572ce856d4e9aa0b76c88867690358c69ea1693a473a0a68e6ace

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 35533
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 16:50:16 GMT
Keep-Alive: timeout=5, max=100
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32
Vary: Host,Accept-Encoding
X-Powered-By: PHP/5.6.32

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 531ms
78ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Open+Sans:400,400i,600,600i,700,700i

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

a5a2c34d58b2eece003f84368840b07a7a86a53e9ea46ac3e8c60d5cd61083bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:50:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Nov 2022 16:50:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
795 B 533ms
81ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Open+Sans:wght@600;700&display=swap

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

21a0c213161247827727312aaff4098c436d11121415532ee9428e1c351c3563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:50:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Nov 2022 16:50:17 GMT

GET
H2 200 v_765_47bf2b047493f15df772dc60e61f4d12_all.css
vardvaskan-132b9.kxcdn.com/themes/transformer/cache/ 447 KB
72 KB 495ms
58ms Stylesheet
text/css 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ca615ca30ede3bf34619342f65c45762c429b40a06335b5d9efca8896d3bdb9f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 09:06:23 GMT
server: keycdn-engine
x-edge-location: defr
etag: "6fc5e-5e11440a6f884-gzip"
vary: Host,Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
link: <https://www.vardvaskan.se/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101>; rel="canonical"
x-shield: active
expires: Mon, 23 Oct 2023 07:08:34 GMT

GET
H/1.1 200
OK customer-s2.css
www.color4care.no/modules/stthemeeditor/views/css/ 11 KB
3 KB 63ms
40ms Stylesheet
text/css 94.246.97.146
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://www.color4care.no/modules/stthemeeditor/views/css/customer-s2.css?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.246.97.146 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: ded100386.vardvaskan.se
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32 /
Resource Hash: a7d614b61505cfdc6406d3867d47cf91db40ca859197c048e5443028bd32ed02

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:50:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Oct 2022 10:22:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32
ETag: "2d03-5ea32d7f9d1cb-gzip"
Vary: Host,Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2163
Expires: Tue, 07 Nov 2023 16:50:16 GMT

GET
H2 200 pw.css
vardvaskan-132b9.kxcdn.com/themes/transformer/css/ 293 KB
36 KB 647ms
212ms Stylesheet
text/css 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/css/pw.css?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 74c7e59b09809f21d1df60efe71a505721ac699851dd03452369c5c9052c27ae

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT
content-length: 36486
last-modified: Tue, 30 Nov 2021 07:42:31 GMT
server: keycdn-engine
etag: "49599-5d1fcb32e2ab0-gzip"
vary: Host,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/css/pw.css?version=101>; rel="canonical"
x-shield: active
expires: Tue, 07 Feb 2023 09:01:04 GMT

GET
H2 200 bootstrap_v4_custom.css
vardvaskan-132b9.kxcdn.com/themes/transformer/css/ 54 KB
8 KB 647ms
212ms Stylesheet
text/css 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/css/bootstrap_v4_custom.css?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 9ea86969c1769d80d5ba09445a99a28e1c0ab5669bec04a1aaefddc2f5961e98

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT
content-length: 7967
last-modified: Thu, 26 Jul 2018 07:30:47 GMT
server: keycdn-engine
etag: "d6a9-571e1f94237c0-gzip"
vary: Host,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/css/bootstrap_v4_custom.css?version=101>; rel="canonical"
x-shield: active
expires: Tue, 07 Feb 2023 09:01:04 GMT

GET
H2 200 productpage_18.css
vardvaskan-132b9.kxcdn.com/themes/transformer/css/ 28 KB
7 KB 646ms
213ms Stylesheet
text/css 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/css/productpage_18.css?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 25b705094aefeda7f1b40a7cd572d93450274cc48ce628e25fbafdb23e8bf4a0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT
content-length: 6924
last-modified: Thu, 03 Feb 2022 09:40:51 GMT
server: keycdn-engine
etag: "70fd-5d719ee1051ec-gzip"
vary: Host,Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/css/productpage_18.css?version=101>; rel="canonical"
x-shield: active
expires: Tue, 07 Feb 2023 09:01:04 GMT

GET
H2 200 v_701_91c53e963fdcfed51cbf831da65a9643.js Show response
vardvaskan-132b9.kxcdn.com/themes/transformer/cache/ 690 KB
195 KB 645ms
213ms Script
application/x-javascript 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_701_91c53e963fdcfed51cbf831da65a9643.js?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 128033f5ea6e01b78394a1cc1e3c3927c3951be5e22080785d53a0ef3ca536e5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 13:06:05 GMT
server: keycdn-engine
x-edge-location: defr
etag: "ac96b-5ec03cdd60e6e-gzip"
vary: Host,Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
link: <https://www.vardvaskan.se/themes/transformer/cache/v_701_91c53e963fdcfed51cbf831da65a9643.js?version=101>; rel="canonical"
x-shield: active
expires: Mon, 30 Oct 2023 07:28:39 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 538ms
116ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 16:50:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
79 KB 544ms
92ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TF3GL4

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

717e73f3ebbeada2dbc758c99fa6ef92600909e4bae93e1e9e6c583c0764ef17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80882
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Nov 2022 16:50:18 GMT

GET
H/1.1 200
OK async Show response
www.color4care.no/module/cdc_googletagmanager/ 106 B
535 B 157ms
141ms XHR
text/html 94.246.97.146
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://www.color4care.no/module/cdc_googletagmanager/async?action=user
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.246.97.146 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: ded100386.vardvaskan.se
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32 / PHP/5.6.32
Resource Hash: 35ce83fd6fd4eed8c44e402217c637445c0bde581a41ee75ce4cac57835f89db

Request headers

Referer: https://www.color4care.no/
X-Requested-With: XMLHttpRequest
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:50:16 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32
X-Powered-By: PHP/5.6.32
Vary: Host,Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type: text/html; charset=utf-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 112

GET
H2 200 merged_all.js Show response
vardvaskan-132b9.kxcdn.com/themes/transformer/js/ 57 KB
13 KB 601ms
214ms Script
application/x-javascript 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/js/merged_all.js?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 4a01100e5515ea2b9e1f1b55de1ba4d8c98a3d244c5df22a6e12ba56f98d885e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT
content-length: 12768
last-modified: Mon, 20 Nov 2017 15:09:20 GMT
server: keycdn-engine
etag: "e5a2-55e6b78844800-gzip"
vary: Host,Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/js/merged_all.js?version=101>; rel="canonical"
x-shield: active
expires: Tue, 07 Feb 2023 09:01:04 GMT

GET
H2 200 pwresizer.js Show response
vardvaskan-132b9.kxcdn.com/themes/transformer/js/ 35 KB
9 KB 601ms
214ms Script
application/x-javascript 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/js/pwresizer.js?version=101
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 52388ec201350d286c8e37c14f17117edeff94754f70996320e93cc1ad8f0446

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT
content-length: 8441
last-modified: Wed, 22 Jul 2020 08:42:04 GMT
server: keycdn-engine
etag: "8afc-5ab03b6d67cb0-gzip"
vary: Host,Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/js/pwresizer.js?version=101>; rel="canonical"
x-shield: active
expires: Tue, 07 Feb 2023 09:01:04 GMT

GET
H/1.1 200
OK carma.roi.js Show response
mimgs.s3.amazonaws.com/scripts/roi/ 3 KB
4 KB 221ms
85ms Script
application/javascript 52.92.19.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mimgs.s3.amazonaws.com/scripts/roi/carma.roi.js
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.19.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 50fb7d4f219d3a5a974ff4e3bb78f9d0c6daa1d6e5f1af2cd6d726532888ad89

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:50:18 GMT
x-amz-version-id: krtw0BA4XvLtpeiq2o6md8eBJ2rZidk7
Last-Modified: Fri, 29 Jan 2016 08:45:52 GMT
Server: AmazonS3
x-amz-request-id: CQ01NEGZN2Y7S6XK
ETag: "a8fbbbe14c147ff57b7f28df534de0fa"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3581
x-amz-id-2: lYofzWyi57kHKBTYnbSlsJVArlXnOdmh7HTIo8dkI4EYfje6PVq3YoLePergAmi9+5lp9t+uGjw=

GET
H/1.1 200
OK 10f7799c7337aa6723f1732e9cc94571b.png
www.color4care.no/modules/flagsblock/flags/ 2 KB
2 KB 42ms
40ms Image
image/png 94.246.97.146
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.color4care.no/modules/flagsblock/flags/10f7799c7337aa6723f1732e9cc94571b.png
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.246.97.146 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS: ded100386.vardvaskan.se
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32 /
Resource Hash: 73157d96343bfbcd9ffff538487b843b7d20cef45c8464ba49c80ec6493b537d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:50:17 GMT
Last-Modified: Mon, 20 Nov 2017 15:00:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.32
ETag: "6ee-55e6b579d6e00"
Vary: Host
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1774
Expires: Tue, 07 Nov 2023 16:50:17 GMT

GET
H2 200 logo-mobile-2.png
vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/ 4 KB
4 KB 59ms
57ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/logo-mobile-2.png
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 28f93372a58bc369c2461ca7152a887cde9540e529fd90c467d800a8485b9409

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=4094 odim=518x90 ofmt=webp
content-length: 4094
last-modified: Mon, 07 Oct 2019 09:42:49 GMT
server: keycdn-engine
etag: "22af-5944edff09840"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/img/pw/logo-mobile-2.png>; rel="canonical"
x-shield: active
expires: Thu, 19 Jan 2023 10:04:43 GMT

GET
H2 200 color4care-norge-1622042943-2.jpg
vardvaskan-132b9.kxcdn.com/img/ 8 KB
8 KB 59ms
57ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/img/color4care-norge-1622042943-2.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 731394b6e035991e7bf49f713c86d7d1e7e6d2c7d84b255a568c44af89044d6c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=8208 odim=716x168 ofmt=webp
content-length: 8208
last-modified: Wed, 26 May 2021 15:30:21 GMT
server: keycdn-engine
etag: "83a9-5c33d521e630c"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/img/color4care-norge-1622042943-2.jpg>; rel="canonical"
x-shield: active
expires: Mon, 20 Mar 2023 17:34:03 GMT

GET
H2 200 1dfc3d6952ffc41ff7da4a0aa8412c56.jpg
vardvaskan-132b9.kxcdn.com/upload/stcameraslideshow/ 57 KB
58 KB 60ms
58ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stcameraslideshow/1dfc3d6952ffc41ff7da4a0aa8412c56.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e4675d689adccd74fb714db2a6f28cd4dacaf7cb24d3d1db508904787cd968ff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=58750 odim=2400x1000 ofmt=webp
content-length: 58750
last-modified: Tue, 01 Nov 2022 07:30:25 GMT
server: keycdn-engine
etag: "2bc6a-5ec63b29493e8"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stcameraslideshow/1dfc3d6952ffc41ff7da4a0aa8412c56.jpg>; rel="canonical"
x-shield: active
expires: Wed, 01 Nov 2023 07:30:32 GMT

GET
H2 200 short-white.png
cdn.klarna.com/1.0/shared/image/generic/badge/nb_no/checkout/ 4 KB
5 KB 189ms
60ms Image
image/png 99.86.4.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.klarna.com/1.0/shared/image/generic/badge/nb_no/checkout/short-white.png?width=240
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cedc21fbfa810a715602044fdfca15cdd06e412c2c2073336aa8b65093d71b52

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 17:29:45 GMT
x-amz-version-id: 7u2Bnl.EBzIentrxo2OFXK2l_A4IbFST
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 84033
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 4569
last-modified: Thu, 08 Apr 2021 13:28:25 GMT
server: AmazonS3
etag: "1148ddfdf4b1f5777a470e4a6272053a"
content-type: image/png
cache-control: max-age=
accept-ranges: bytes
x-amz-cf-id: Ri5_FEra3fN_TSMAq_2Z6fluzedMsfj8dMjTkzxtW4BeL1y_BA3C3g==

GET
H2 200 c4c.png
vardvaskan-132b9.kxcdn.com/modules/pw_shopswitch/views/img/ 3 KB
4 KB 60ms
58ms Image
image/png 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/modules/pw_shopswitch/views/img/c4c.png
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8eba388ccdb39e2074893b816bc16c12e029e14f981e2e1d3d27ff2956041667

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 0
x-ip-info: osz=5166
content-length: 3431
last-modified: Tue, 05 Nov 2019 09:36:50 GMT
server: keycdn-engine
etag: "d67-596962bf09080"
vary: accept
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/modules/pw_shopswitch/views/img/c4c.png>; rel="canonical"
x-shield: active
expires: Thu, 26 May 2022 11:59:50 GMT

GET
H2 404 all.js
cdn.klarna.com/1.0/code/client/ 0
0 293ms
165ms Script
text/html 99.86.4.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.klarna.com/1.0/code/client/all.js
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-107.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 540ms
72ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=renderBadge

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

4bbeba12e09dae7c87a5451fd4b61a5ddcbcaadd11dc0909378b4fe9df7bf90a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 16:50:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20990
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d1159df134b7c8a6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Nov 2022 16:50:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 520ms
69ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5129
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 07 Nov 2022 17:24:49 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 458ms
75ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 07 Nov 2022 16:50:17 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E2E0293F1F1448AB1E8EC36C9188C51 Ref B: OSL30EDGE0207 Ref C: 2022-11-07T16:50:18Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 clerk.js Show response
cdn.clerk.io/ 88 KB
27 KB 252ms
119ms Script
application/javascript 3.123.68.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clerk.io/clerk.js
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.68.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-68-182.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 34ad5bd3a512346bba28ed19e5a0ead936c8e7ee36baf269915c122d7d26cf3c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 09:42:55 GMT
server: nginx
etag: W/"635a529f-15f85"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Mon, 07 Nov 2022 17:50:17 GMT

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b4ff28d8f8b3cb7a72020673df1555379de0213dd0683f433cb6a776eaadb21

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 655454942cf5710e50b8da3b8bf52f25d58a9accbd917ed2ac404a0ce0b2b8de

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da74628cdc8b33a8077e45e8bbbaf51975754de256b4583af66282ba0bd6f8f3

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 263b61b1d0c63ee79ab1102a8e56064379b7fbc358b20d6fee91e35a87ee61c2

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46b134c5fab9b09c596d5c5125a10a5fbd4913163573774e3ea5b893e55706e6

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83a436dd4405ef0ca73c28b7438737e331911df3c152ee70efc8fc736c4b5f29

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16e69006ddfddecc4db7da78c7ad6b0caa7b75943880d8d3112c4c514dc3f957

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66faef23b2f292e0160fa946a0158a8dfbf3c67ba3608cdb4a58602dbad75f74

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 all.js Show response
connect.facebook.net/nn_NO/ 3 KB
2 KB 490ms
59ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/nn_NO/all.js

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

7a22e22eeb23c85bbf1d6328e1da9cf1c46ee1dc48fab94cac755da1c232d5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 16:50:18 GMT
content-md5: zTTs9Do2G51YytK4GMXJpw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1683
x-fb-rlafr: 0
x-fb-debug: ocuCzUKZhGS10cxXRP7JlJmEAGOSDs57MPqjGx9ngTu91sFMof2gxmO3JhorrVCC8Kr3HGhyy5gufbgc91jlcA==
x-fb-trip-id: 917726464
x-fb-content-md5: 220cd1a7244a734ff20023093583f2a5
cross-origin-opener-policy: same-origin-allow-popups
etag: "25add055f21a3c32be1ba589d062be9f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 07 Nov 2022 16:51:58 GMT

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fe01fcac771c5777ea2b5c844808b05c3b7d6d2502dd8970d4a48b2f3848446

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pattern_shopbycolor.png
vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/ 4 KB
5 KB 57ms
57ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/pattern_shopbycolor.png
Requested by: Host: vardvaskan-132b9.kxcdn.com
URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/css/pw.css?version=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b66142a01e5051588c3be52ba99c5b15478819cf1cf85a1efd84036e8a1e4599

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://vardvaskan-132b9.kxcdn.com/themes/transformer/css/pw.css?version=101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=4480 odim=130x87 ofmt=webp
content-length: 4480
last-modified: Mon, 20 Nov 2017 15:09:34 GMT
server: keycdn-engine
etag: "2588-55e6b7959e780"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/img/pw/pattern_shopbycolor.png>; rel="canonical"
x-shield: active
expires: Fri, 03 Feb 2023 15:31:52 GMT

GET
H2 200 floral_shopbycolor.png
vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/ 2 KB
2 KB 57ms
57ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/floral_shopbycolor.png
Requested by: Host: vardvaskan-132b9.kxcdn.com
URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/css/pw.css?version=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8b4bb2235a3f228e35ab4d3184118de9cd8b7369db6a03a75b15df85a9ea0ac5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://vardvaskan-132b9.kxcdn.com/themes/transformer/css/pw.css?version=101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=2078 odim=130x87 ofmt=webp
content-length: 2078
last-modified: Wed, 22 Apr 2020 12:44:31 GMT
server: keycdn-engine
etag: "29ab-5a3e07e5429c0"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/img/pw/floral_shopbycolor.png>; rel="canonical"
x-shield: active
expires: Fri, 03 Feb 2023 15:31:52 GMT

GET
H2 200 vvfbbg-r.png
vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/ 1 KB
2 KB 56ms
56ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/img/pw/vvfbbg-r.png
Requested by: Host: vardvaskan-132b9.kxcdn.com
URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fbccb89abc10c5fc4c2d3f77a3ec3fab1862c2323d181d761a2b7624eb032246

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=1234 odim=108x59 ofmt=webp
content-length: 1234
last-modified: Fri, 13 Sep 2019 13:58:17 GMT
server: keycdn-engine
etag: "ad2-5926fa55e5040"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/img/pw/vvfbbg-r.png>; rel="canonical"
x-shield: active
expires: Sat, 04 Feb 2023 20:55:12 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 519ms
69ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Open+Sans:400,400i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.color4care.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 597584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 18:50:34 GMT

GET
H2 200 fontello.woff
vardvaskan-132b9.kxcdn.com/themes/transformer/font/ 26 KB
26 KB 525ms
103ms Font
application/x-font-woff 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/font/fontello.woff?46453979
Requested by: Host: vardvaskan-132b9.kxcdn.com
URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 4e42fbcab7354575b2cd76056ea8d4de6520aec9a5675fc4d14a0167193a80b8

Request headers

Referer: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101
Origin: https://www.color4care.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:18 GMT
last-modified: Mon, 20 Nov 2017 15:09:16 GMT
server: keycdn-engine
x-edge-location: defr
etag: "676c-55e6b78473f00"
vary: Host
x-cache: HIT
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/themes/transformer/font/fontello.woff?46453979>; rel="canonical"
content-length: 26476
x-shield: active
expires: Tue, 07 Feb 2023 09:50:38 GMT

GET
H2 200 be42abdcd4d1b2bc553b00ab16dd472b.jpg
vardvaskan-132b9.kxcdn.com/upload/stbanner/ 20 KB
21 KB 86ms
84ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stbanner/be42abdcd4d1b2bc553b00ab16dd472b.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1ab7a35276d052864bb94cbaa8c537844f0d37b1e10a747c7fed258329afb965

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=20842 odim=755x325 ofmt=webp
content-length: 20842
last-modified: Mon, 31 Oct 2022 15:35:34 GMT
server: keycdn-engine
etag: W/"24cf6-5ec565bbf1f86"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stbanner/be42abdcd4d1b2bc553b00ab16dd472b.jpg>; rel="canonical"
x-shield: active
expires: Tue, 31 Oct 2023 15:35:34 GMT

GET
H2 200 38a667b579a3295ba92a1323d1de3538.jpg
vardvaskan-132b9.kxcdn.com/upload/stbanner/ 15 KB
15 KB 88ms
87ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stbanner/38a667b579a3295ba92a1323d1de3538.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1c3dfaf1d21a64bfef36ef863bf0cf9418fab557175272d3f77dc361ff217b31

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=15190 odim=755x325 ofmt=webp
content-length: 15190
last-modified: Mon, 31 Oct 2022 15:36:52 GMT
server: keycdn-engine
etag: W/"1a665-5ec5660724b61"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stbanner/38a667b579a3295ba92a1323d1de3538.jpg>; rel="canonical"
x-shield: active
expires: Tue, 31 Oct 2023 15:36:53 GMT

GET
H2 200 f60af3dc1ab9aae3d37b9b7fe1afb5e1.jpg
vardvaskan-132b9.kxcdn.com/upload/stbanner/ 51 KB
52 KB 90ms
89ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stbanner/f60af3dc1ab9aae3d37b9b7fe1afb5e1.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8228e1d400cee866efdf1ad94aa37269cda707e9271d1ea2d4baacac1119722c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=52650 odim=755x978 ofmt=webp
content-length: 52650
last-modified: Mon, 31 Oct 2022 15:38:11 GMT
server: keycdn-engine
etag: W/"6cc44-5ec56651f5cb6"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stbanner/f60af3dc1ab9aae3d37b9b7fe1afb5e1.jpg>; rel="canonical"
x-shield: active
expires: Tue, 31 Oct 2023 15:38:11 GMT

GET
H2 200 8b1bc60f86225239970762a3f2fe68f4.jpg
vardvaskan-132b9.kxcdn.com/upload/stbanner/ 69 KB
69 KB 93ms
92ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stbanner/8b1bc60f86225239970762a3f2fe68f4.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 3b08ad3207f8d9fe99de7eacc9f2f0b1d54f22aab54d37980935ca1975c8476c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=70660 odim=755x978 ofmt=webp
content-length: 70660
last-modified: Mon, 31 Oct 2022 15:39:07 GMT
server: keycdn-engine
etag: W/"71312-5ec566873be9b"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stbanner/8b1bc60f86225239970762a3f2fe68f4.jpg>; rel="canonical"
x-shield: active
expires: Tue, 31 Oct 2023 15:39:07 GMT

GET
H2 200 8cd16a9232f859ba4a1414f83fe99c85.jpg
vardvaskan-132b9.kxcdn.com/upload/stbanner/ 29 KB
30 KB 98ms
98ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stbanner/8cd16a9232f859ba4a1414f83fe99c85.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: da36967226b71af2eb5cea0b505ca99bd65967233ee3fd6e36a02b3e91827b20

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:17 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=30116 odim=755x978 ofmt=webp
content-length: 30116
last-modified: Mon, 31 Oct 2022 15:39:44 GMT
server: keycdn-engine
etag: W/"4bedd-5ec566aad976c"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stbanner/8cd16a9232f859ba4a1414f83fe99c85.jpg>; rel="canonical"
x-shield: active
expires: Tue, 31 Oct 2023 15:39:45 GMT

GET
H2 200 7323a5f96a4d590b89bf13fc23acaa08.jpg
vardvaskan-132b9.kxcdn.com/upload/stbanner/ 34 KB
34 KB 105ms
103ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stbanner/7323a5f96a4d590b89bf13fc23acaa08.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cf2ae9f8e0fdb9cbb178a84a1d99b970b6585c7373706618534fdd7befaf561a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:18 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=34444 odim=755x978 ofmt=webp
content-length: 34444
last-modified: Mon, 31 Oct 2022 15:40:45 GMT
server: keycdn-engine
etag: W/"5ec6c-5ec566e51ea6e"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stbanner/7323a5f96a4d590b89bf13fc23acaa08.jpg>; rel="canonical"
x-shield: active
expires: Tue, 31 Oct 2023 15:40:46 GMT

GET
H2 200 56121249ab7100ae6aacc81855b059c0.jpg
vardvaskan-132b9.kxcdn.com/upload/stbanner/ 88 KB
88 KB 105ms
103ms Image
image/webp 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/upload/stbanner/56121249ab7100ae6aacc81855b059c0.jpg
Requested by: Host: www.color4care.no
URL: https://www.color4care.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 248f10ef20996f4520d2185720dc98178fc6021656537957af3d632039bef1a3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:18 GMT
x-edge-location: defr
x-cache: HIT
x-ip: 1
x-ip-info: osz=90030 odim=1546x978 ofmt=webp
content-length: 90030
last-modified: Mon, 31 Oct 2022 15:41:24 GMT
server: keycdn-engine
etag: W/"cafaf-5ec5670a346dc"
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/upload/stbanner/56121249ab7100ae6aacc81855b059c0.jpg>; rel="canonical"
x-shield: active
expires: Tue, 31 Oct 2023 15:41:25 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E4CD 15 KB
6 KB 480ms
61ms Document
text/html 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.color4care.no&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.color4care.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:50:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 949950
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 4055696.js Show response
bat.bing.com/p/action/ 0
120 B 155ms
155ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4055696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 07 Nov 2022 16:50:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD3CCB5D5E9248589F550D3DEA8D6041 Ref B: OSL30EDGE0207 Ref C: 2022-11-07T16:50:18Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 78ms
78ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4055696&Ver=2&mid=04acdb39-f453-4cef-9991-390dc6d19036&sid=429025c05ebc11edbb129174e3e12c97&vid=429010b05ebc11edb70dd31103167494&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Arbeidskl%C3%A6r,%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&kw=stetoskop,%20sykepleier%20klokke,%20penn%20lomme,%20sykepleier&p=https%3A%2F%2Fwww.color4care.no%2F&r=&lt=1385&evt=pageLoad&sv=1&rn=848440

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 16:50:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8173655F924E434C9CA534AE732DD927 Ref B: OSL30EDGE0207 Ref C: 2022-11-07T16:50:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/nn_NO/ 302 KB
85 KB 478ms
61ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/nn_NO/all.js?hash=ffdddfcf6ffdd86df1243d2c8ce54c54

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/nn_NO/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

4c961073e3386fbfffb84de1016d38620b4a67b7cde89f58ac85345ce3aa3cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.color4care.no/
Origin: https://www.color4care.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 16:50:18 GMT
content-md5: nuGvHhLei8WYfADlZLT7yA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86734
x-fb-rlafr: 0
x-fb-debug: otPrVVBQwmWe0jTls0/kGY5U0dGJ8yCC8weyRTkg3QBeq20BsgthpOdEzj1rMyHUkqSL33RG3w7G1BQUXZf2HA==
x-fb-trip-id: 917726464
x-fb-content-md5: b023e97b88a0e18242e1b92eb25d1d24
cross-origin-opener-policy: same-origin-allow-popups
etag: "62e5733e5b72846583dbeb9a87982c96"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 07 Nov 2023 15:30:47 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 69ms
68ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 07 Nov 2022 17:26:52 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 73ms
72ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 07 Nov 2022 17:31:27 GMT

GET
H2 200 blank.gif
vardvaskan-132b9.kxcdn.com/modules/stcameraslideshow/views/images/ 1 KB
1 KB 63ms
62ms Image
image/gif 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vardvaskan-132b9.kxcdn.com/modules/stcameraslideshow/views/images/blank.gif
Requested by: Host: vardvaskan-132b9.kxcdn.com
URL: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 601b0d76b7835742df77dc85298ce05864fde10002999ecf3c8cf0e1d1649cda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://vardvaskan-132b9.kxcdn.com/themes/transformer/cache/v_765_47bf2b047493f15df772dc60e61f4d12_all.css?version=101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:18 GMT
last-modified: Mon, 20 Nov 2017 15:07:13 GMT
server: keycdn-engine
x-edge-location: defr
etag: "445-55e6b70f26a40"
vary: Host
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://www.vardvaskan.se/modules/stcameraslideshow/views/images/blank.gif>; rel="canonical"
content-length: 1093
x-shield: active
expires: Tue, 07 Feb 2023 10:05:38 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.no.hX_ZsJkz6VM.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ/ 155 KB
53 KB 65ms
65ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.no.hX_ZsJkz6VM.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderBadge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

sffe /

Resource Hash

fd87916be8f7be6c8446c5d39d337af2e90722d14c760bb6782af82e7c3939fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54128
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 21:51:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 495ms
62ms XHR
text/plain 142.251.5.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-23368455-2&cid=222165128.1667839818&jid=1974120463&gjid=258079144&_gid=962439215.1667839818&_u=aGBAgEIrAAAAAEAMI~&z=1234251366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.color4care.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 07 Nov 2022 16:50:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.color4care.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 68ms
68ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1555437777&t=pageview&cu=NOK&_s=1&dl=https%3A%2F%2Fwww.color4care.no%2F&ul=en-us&de=UTF-8&dt=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIrAAAAAAAMI~&jid=1974120463&gjid=258079144&cid=222165128.1667839818&tid=UA-23368455-2&_gid=962439215.1667839818&z=260862520

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50867
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965324878/ 2 KB
1 KB 534ms
83ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965324878/?random=1667839818361&cv=11&fst=1667839818361&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&auid=1884912812.1667839818&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3GL4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

22e0ce00363664e7d9da99b26e1c3feaabb9b6a34d63042e38a040aa2edb47a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 895
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10858671211/ 2 KB
2 KB 245ms
83ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10858671211/?random=1667839818365&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&value=0&bttype=purchase&auid=1884912812.1667839818&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3GL4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1611fa0aa44461dcf5b61047197eac8aacd1c5398da70fbb9dd8f2144c26af97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 59ms
58ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 16:50:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /xRFurDg39rCPEk3WbG8jM8P9BiGDY7aJvXekHnJqa12536JyzHxSFdQ+ZPZvTlsmQk0AxmNz6zzKeT6Z9QiMQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-31744.js Show response
static.hotjar.com/c/ 6 KB
3 KB 187ms
60ms Script
application/javascript 13.32.27.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-31744.js?sv=4

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-15.fra56.r.cloudfront.net

Software

Resource Hash

9cc073740b89a2e8dc5e1f1aec49cd61d2aaa79aa9f34f742a460e6a8fd2f850

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 16:50:18 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 17
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/5be53d6562a83e80034d46543caf6af7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: YLbBtxlw-vDZJuzgfS4nVNxNxPPlEhAxWZSnq6XDuw8q6NGyM3PuqA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 89ms
89ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W6RNYB6W7F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF3GL4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d57f8534f2221f46ad1aec92f84145d87e889349b17737324f761c11679ee933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 16:50:18 GMT

GET
H2 404 badge Show response
www.google.com/shopping/customerreviews/ Frame B14E 2 KB
2 KB 664ms
226ms Document
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=-2859&position=BOTTOM_RIGHT&origin=https%3A%2F%2Fwww.color4care.no&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.no.hX_ZsJkz6VM.O%2Fd%3D1%2Frs%3DAHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.no.hX_ZsJkz6VM.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

ESF /

Resource Hash

9a8af6e416bb47df6aad2fbb3370966d07e1b7bba651a9c165561a4b5f30ad5a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FN4_1k8YrKkfMZnsx70Qhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.color4care.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FN4_1k8YrKkfMZnsx70Qhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
date: Mon, 07 Nov 2022 16:50:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1402982216663094 Show response
connect.facebook.net/signals/config/ 297 KB
85 KB 59ms
59ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1402982216663094?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

43663824d9d5cc2872038c0d3739d0bcbbd2d7d0ba9aeae2c9903535e4f9f60e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 16:50:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86758
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: BqajbX3kxZz0pl70RTu3ZUYmyZ2sZ8d3RgQ38vPnKuoHUAILhPTlVvsnp3M5biCkk9VnQG3/VJoU+/un7Xhhzg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 447ms
50ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W6RNYB6W7F&gtm=2oeb20&_p=1555437777&cid=222165128.1667839818&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.color4care.no%2F&sid=1667839818&sct=1&seg=0&dt=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&en=page_view&_fv=1&_ss=1&epn.event_time=1667839818360&ep.event_id=gtm.js&ep.action_source=website
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6RNYB6W7F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.color4care.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.f1e65ef904544a33c6d0.js Show response
script.hotjar.com/ 262 KB
67 KB 187ms
66ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f1e65ef904544a33c6d0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-31744.js?sv=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

bd411c282a41f2967f5db7ec0b4c9d8ea6eb6b95b26b5507f2889c8c37fd8043

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 12:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 275292
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68402
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
etag: "0f58b5937c38edb646c879633af2ba34"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tgxuX2kpaiBtE0rv5Bf2RuGn8EeGA-nkl70YGqTbTqxmwBYyp-3pMQ==

GET
H2

200

/
www.google.no/pagead/1p-conversion/10858671211/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6...
https://www.google.com/pagead/1p-conversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadse...
https://www.google.no/pagead/1p-conversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadser...

42 B
108 B

429ms
86ms

Image
image/gif

142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/pagead/1p-conversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&value=0&auid=1884912812.1667839818&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BhaW13WVFrYkxoc0xMZV92M0ZBUkltQU1jWnRHTUhKY2d0bkpxTDEzcC1fQlRTM1M4em5DMVFFeGpVSjNhbUJwS1BTYkVYeHpJGlpDaEVJZ1BhaW13WVExNVQ2MWZLRXVmYWJBUkl1QUlUenFwX252Mm05VlVSRmctcE8ySjhGQ21xTHp3S3JGU0ZLWXZ0dS1SX3NTbTdHeVV5SWxGUlZUUzRFU0E&is_vtc=1&ocp_id=SjdpY_TMItaq1gaC1p7wDA&eitems=ChAIgPaimwYQueLZjISAqo0-Eh0AdPWUFlewwOBS7sdd_XkONxkpP0Exr-bCNWCBvQ&random=2600323998&ipr=y&prhg=0

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.no/pagead/1p-conversion/10858671211/?random=386450771&cv=11&fst=1667839818365&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&label=BaGACIP_06QDEOvY6Lko&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&value=0&auid=1884912812.1667839818&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1BhaW13WVFrYkxoc0xMZV92M0ZBUkltQU1jWnRHTUhKY2d0bkpxTDEzcC1fQlRTM1M4em5DMVFFeGpVSjNhbUJwS1BTYkVYeHpJGlpDaEVJZ1BhaW13WVExNVQ2MWZLRXVmYWJBUkl1QUlUenFwX252Mm05VlVSRmctcE8ySjhGQ21xTHp3S3JGU0ZLWXZ0dS1SX3NTbTdHeVV5SWxGUlZUUzRFU0E&is_vtc=1&ocp_id=SjdpY_TMItaq1gaC1p7wDA&eitems=ChAIgPaimwYQueLZjISAqo0-Eh0AdPWUFlewwOBS7sdd_XkONxkpP0Exr-bCNWCBvQ&random=2600323998&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-c6ca1c87e308a39aabb76b56ba54398b.html Show response
vars.hotjar.com/ Frame DFAB 2 KB
1 KB 188ms
58ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-31744.js?sv=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-26.fra53.r.cloudfront.net

Software

Resource Hash

a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.color4care.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 275292
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 12:22:06 GMT
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-id: s6reNqCRlViFE8Z-juunHhJcILQZ2gpfBvnIfzNs_IYn6NViLG99Nw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 / Show response
www.facebook.com/tr/ Frame BF74 0
204 B 484ms
59ms Document
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.color4care.no
Referer: https://www.color4care.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.color4care.no
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:50:19 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame E4CD 428 B
557 B 70ms
70ms Fetch
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=color4care.no&sn=ChromeSyncframe&so=0&topUrl=www.color4care.no&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.color4care.no&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d8c2468da03942229dc7749bc6096a144c62cccecb4a043300697d5399233c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=www.color4care.no&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 9651877
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 211ms
87ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=26555&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=0FJfIl9iVHBlZmV3MUZMUXUzaHZXYWxNMUQ4bU1ydGVReHIlMkZERGk2ZFBHOXV2TUd3STZRVUxiNnEyZDAlMkY0SngxV2V6QklGTyUyRlhIck5kU01JVHlCRjZUYzhJektyQU80VTkzSVVXUUZuTDg2Y0xwVEdnemp5d0p2QVNzQXd0ZXZGcVFOdkFUMEplYXBCS2FWeGRUUmdhJTJCbGV1USUzRCUzRA&tld=color4care.no&fu=https%253A%252F%252Fwww.color4care.no%252F&dtycbr=26560

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9e2b87c28a188d8be7a1783d8081dc441167634b86c65db79e5ef75e05437552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17701658
timing-allow-origin: *
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 101ms
101ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-23368455-2&cid=222165128.1667839818&jid=1974120463&_u=aGBAgEIrAAAAAEAMI~&z=2021627260

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
107 B 551ms
105ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-23368455-2&cid=222165128.1667839818&jid=1974120463&_u=aGBAgEIrAAAAAEAMI~&z=2021627260

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/31744/ 147 B
322 B 210ms
72ms XHR
application/json 52.31.243.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/31744/visit-data?sv=4
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f1e65ef904544a33c6d0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.243.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-243-194.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b

Request headers

Referer: https://www.color4care.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/965324878/ 42 B
108 B 79ms
78ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965324878/?random=1667839818361&cv=11&fst=1667836800000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&fmt=3&is_vtc=1&random=236447043&rmt_tld=0&ipr=y

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.no/pagead/1p-user-list/965324878/ 42 B
548 B 500ms
80ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/pagead/1p-user-list/965324878/?random=1667839818361&cv=11&fst=1667836800000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.color4care.no%2F&tiba=Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell&fmt=3&is_vtc=1&random=236447043&rmt_tld=1&ipr=y

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame B14E 0
257 B 192ms
191ms Other
text/html 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LXpfusvDKLUQ4x3Limh14A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=-2859&position=BOTTOM_RIGHT&origin=https%3A%2F%2Fwww.color4care.no&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.no.hX_ZsJkz6VM.O%2Fd%3D1%2Frs%3DAHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ%2Fm%3D__features__
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-LXpfusvDKLUQ4x3Limh14A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="VerifiedReviewsBadgeUi"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"VerifiedReviewsBadgeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsBadgeUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame B14E 3 KB
3 KB 78ms
78ms Image
image/png 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=-2859&position=BOTTOM_RIGHT&origin=https%3A%2F%2Fwww.color4care.no&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.no.hX_ZsJkz6VM.O%2Fd%3D1%2Frs%3DAHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=-2859&position=BOTTOM_RIGHT&origin=https%3A%2F%2Fwww.color4care.no&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.no.hX_ZsJkz6VM.O%2Fd%3D1%2Frs%3DAHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 07 Nov 2022 16:50:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 58ms
57ms Image
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1402982216663094&ev=Microdata&dl=https%3A%2F%2Fwww.color4care.no%2F&rl=&if=false&ts=1667839819182&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell%22%2C%22meta%3Adescription%22%3A%22P%C3%A5%20Color4care%20vil%20du%20finne%20ditt%20personlige%20helseutstyr.%22%2C%22meta%3Akeywords%22%3A%22stetoskop%2C%20sykepleier%20klokke%2C%20penn%20lomme%2C%20sykepleier%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Color4care%20Norge%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fwww.color4care.no%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Arbeidskl%C3%A6r%2C%20arbeidssko%20og%20st%C3%B8ttestr%C3%B8mper%20for%20helsepersonell%22%2C%22og%3Adescription%22%3A%22P%C3%A5%20Color4care%20vil%20du%20finne%20ditt%20personlige%20helseutstyr.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fvardvaskan-132b9.kxcdn.com%2Fimg%2Fcolor4care-norge-1622042943-2.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667839818643.1197989088&it=1667839818478&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.color4care.no
URL: https://www.color4care.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 16:50:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/x6t63uob
https://js.intercomcdn.com/shim.latest.js

18 KB
7 KB

185ms
59ms

Script
application/javascript

99.86.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/shim.latest.js

Protocol

Server

99.86.4.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-109.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0db9310a5f4bb424454bcadb50c4019330baf09aadf5e002dc89f34a73118b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:47:14 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-version-id: j3r_1xgtD5ozgrqSYMM4M8_FtHzpJg1g
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6172
last-modified: Mon, 07 Nov 2022 11:07:07 GMT
server: AmazonS3
etag: "f71acd2a673c6a74e198960d84184f27"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: jcZaModTvh--L9MEw3zkm6admU5AIolCSag8Zs_VXw7abprtH2X1aQ==

Redirect headers

date: Sun, 06 Nov 2022 19:43:21 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 76019
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
cache-control: max-age=86400
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: kHFysDfzq0do5yCZTQV2uVkSLHbWYCVzATbd2CSEzjM5hasn8qJoFA==

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame DE54 44 KB
16 KB 116ms
116ms Document
text/html 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ef776cfc92d6c%26domain%3Dwww.color4care.no%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.color4care.no%252Ff20c617fd806af%26relation%3Dparent.parent&container_width=1130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcolor4carenorge&locale=nn_NO&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/nn_NO/all.js?hash=ffdddfcf6ffdd86df1243d2c8ce54c54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

Resource Hash

9b0e953cc1aa34e1255a3dff81408090cd1786c9db5ab5acb326454c94ec5e99

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.color4care.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 07 Nov 2022 16:50:19 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: Px7XuLvMyk46SS0wo1os7afx9P+JMGgaA0UDNYubX9VVcxCQM0+AeaEd2ArhuL9n3jX2oIVIKPaZGlOnS6hnPg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame BDF1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-B73FoGPgIF4qrDBe8fh4D1xvSRSOt8lbNWXbmg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-B73FoGPgIF4qrDBe8fh4D1xvSRSOt8lbNWXbmg&expires=30

43 B
495 B

60ms
60ms

Image
image/gif

3.125.244.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-B73FoGPgIF4qrDBe8fh4D1xvSRSOt8lbNWXbmg&expires=30
Protocol: HTTP/1.1
Server: 3.125.244.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-244-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:50:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-B73FoGPgIF4qrDBe8fh4D1xvSRSOt8lbNWXbmg&expires=30
Date: Mon, 07 Nov 2022 16:50:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BDF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-2HIYI2PgIF4qrDBe8fh4D1xvSRSrjdtAQtYvaQ&google_cm&google_hm=ay0ySElZSTJQZ0lGNHFyREJlOGZoNEQxeHZTUlNyamR0Q...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-2HIYI2PgIF4qrDBe8fh4D1xvSRSrjdtAQtYvaQ&google_gid=CAESECctlFGk7yfpzG2sLzoABLg&google_cver=1&google_ula=913071,0

43 B
370 B

60ms
60ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-2HIYI2PgIF4qrDBe8fh4D1xvSRSrjdtAQtYvaQ&google_gid=CAESECctlFGk7yfpzG2sLzoABLg&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1483107
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-2HIYI2PgIF4qrDBe8fh4D1xvSRSrjdtAQtYvaQ&google_gid=CAESECctlFGk7yfpzG2sLzoABLg&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BDF1
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2012336483727893333

43 B
370 B

61ms
60ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2012336483727893333

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2910085
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:50:19 GMT
AN-X-Request-Uuid: bca38ef9-8740-4257-bde3-6de75fdfd7cb
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2012336483727893333
Connection: keep-alive
X-Proxy-Origin: 178.255.148.163; 178.255.148.163; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
r.casalemedia.com/ Frame BDF1
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lp2ZAWPgIF4qrDBe8fh4D1xvSRQP1AjJmOLfkA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lp2ZAWPgIF4qrDBe8fh4D1xvSRQP1AjJmOLfkA&C=1

43 B
415 B

70ms
69ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lp2ZAWPgIF4qrDBe8fh4D1xvSRQP1AjJmOLfkA&C=1
Protocol: H2
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXhmVmyh%2Bto6LI0%2BPZHMNbxrl2POF93fZ0sgHeYLDhc7InmdKd27mct9YXi5PfOr9I529ZecnRCGn3DTY5m85AF3jD4SZRdk2H%2BpIE67ZLmi0T%2BSfL8jZimBPKULr25jCoM4"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76679138dc6cb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xwxyh6A%2FQoC07P5ybMM1vSURgXJr2ItVqI4gGkJM3PZk5Bc6Y%2F1bd9d3Nx5jOW3edyReDD1z%2B7hyIZ42ZoscxIa3w%2FZRSHb7O3UVNtwRT3JQfXYTIE8kiHOb7kkmWcMXM8Tq"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-Lp2ZAWPgIF4qrDBe8fh4D1xvSRQP1AjJmOLfkA&C=1
cache-control: no-cache
cf-ray: 766791385b49b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame BDF1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Mpi_y2PgIF4qrDBe8fh4D1xvSRTpxePdMtJG-w
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Mpi_y2PgIF4qrDBe8fh4D1xvSRTpxePdMtJG-w

43 B
447 B

84ms
84ms

Image
image/gif

54.154.123.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Mpi_y2PgIF4qrDBe8fh4D1xvSRTpxePdMtJG-w
Protocol: H2
Server: 54.154.123.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-123-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Nov 2022 16:50:19 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Mpi_y2PgIF4qrDBe8fh4D1xvSRTpxePdMtJG-w
date: Mon, 07 Nov 2022 16:50:19 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame BDF1 45 B
786 B 362ms
105ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-CUBLVGPgIF4qrDBe8fh4D1xvSRRfN5imUOyvnw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 07 Nov 2022 16:50:19 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 07 Nov 2022 16:50:19 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame BDF1 0
145 B 505ms
122ms Image
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-A_3tZWPgIF4qrDBe8fh4D1xvSRQfcF3YJyhG4Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:50:19 GMT
Cache-Control: no-cache
X-TraceId: 5ea6716a89cb7ef030ff6a2ff7af3f44
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BDF1 42 B
582 B 198ms
61ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-LEO0jWPgIF4qrDBe8fh4D1xvSRRYcaHZkZRpmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 07 Nov 2022 16:50:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame BDF1 0
239 B 255ms
59ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-DBrrdWPgIF4qrDBe8fh4D1xvSRTvL4gx3SZSYQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame BDF1 0
35 B 188ms
57ms Image
text/plain 52.57.87.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Zg8jtmPgIF4qrDBe8fh4D1xvSRQ_2N4wwf00ug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.87.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-87-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BDF1 43 B
688 B 190ms
61ms Image
image/gif 185.86.139.57
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-0IxGsGPgIF4qrDBe8fh4D1xvSRRAk5WnYpF6Ew
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 16:50:18 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BDF1 0
99 B 169ms
54ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-71ZCdWPgIF4qrDBe8fh4D1xvSRTjA4WjYFRPhw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 53081

GET
H2 200 um
criteo-sync.teads.tv/ Frame BDF1 23 B
172 B 348ms
170ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-4n-t5mPgIF4qrDBe8fh4D1xvSRQPWQkL8F1jsw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Mon, 07 Nov 2022 16:50:20 GMT
pragma: no-cache
date: Mon, 07 Nov 2022 16:50:20 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame BDF1 37 B
140 B 147ms
53ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-H3_zdGPgIF4qrDBe8fh4D1xvSRSplmfQ-KMaPQ&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame BDF1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DjCbgWPgIF4qrDBe8fh4D1xvSRSrLEAJQLAeoQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DjCbgWPgIF4qrDBe8fh4D1xvSRSrLEAJQLAeoQ&verify=true

0
310 B

61ms
61ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DjCbgWPgIF4qrDBe8fh4D1xvSRSrLEAJQLAeoQ&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DjCbgWPgIF4qrDBe8fh4D1xvSRSrLEAJQLAeoQ&verify=true
date: Mon, 07 Nov 2022 16:50:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame BDF1 43 B
163 B 156ms
45ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-AsVmL2PgIF4qrDBe8fh4D1xvSRS2V4_Djzwmmw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
last-modified: Wed, 11 Oct 2017 14:26:30 GMT
server: nginx
accept-ranges: bytes
etag: "59de2a16-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame BDF1 49 B
343 B 199ms
75ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Dj0li2PgIF4qrDBe8fh4D1xvSRTOD_xA8OfkDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:19 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 17
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BDF1
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=E-CPFx5y_ZYiDmeuo4BDUmIvSumF3OSP
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E-CPFx5y_ZYiDmeuo4BDUmIvSumF3OSP

42 B
942 B

67ms
67ms

Image
image/gif

54.76.210.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E-CPFx5y_ZYiDmeuo4BDUmIvSumF3OSP

Protocol

HTTP/1.1

Server

54.76.210.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-210-146.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-00b096905.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UuGa5hhUTAo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: U9OcgURuR+4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E-CPFx5y_ZYiDmeuo4BDUmIvSumF3OSP
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame BDF1 43 B
1 KB 181ms
58ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k--h8CXWPgIF4qrDBe8fh4D1xvSRTH7mJDRVtl4g

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 07 Nov 2022 16:50:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame BDF1 42 B
274 B 162ms
72ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-6ruRxWPgIF4qrDBe8fh4D1xvSRS5QS7uwF9a-A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame BDF1 0
880 B 195ms
58ms Image
text/html 3.124.68.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-E67_PGPgIF4qrDBe8fh4D1xvSRR2gIr2piaqGA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.68.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-68-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:20 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame BDF1 43 B
183 B 689ms
125ms Image
image/gif 54.163.167.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-WFYjUWPgIF4qrDBe8fh4D1xvSRQj5ZgdELdNYA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.167.231 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-167-231.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 07 Nov 2022 16:50:20 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame BDF1 0
522 B 194ms
70ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-IWnJiWPgIF4qrDBe8fh4D1xvSRTgBvEVw5slnw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:50:20 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 06 Nov 2022 16:50:20 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame BDF1 43 B
469 B 206ms
67ms Image
image/gif 54.229.162.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k--7tZKWPgIF4qrDBe8fh4D1xvSRTDqxV3VCH60Q&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.162.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-162-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 07 Nov 2022 16:50:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 pageview Show response
api.clerk.io/v2/log/ 30 B
209 B 210ms
73ms Script
application/javascript 52.58.186.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.clerk.io/v2/log/pageview?payload=%7B%22key%22%3A%22h32K0Vc6pv9a6hJxrBtZChRt5ASVPUlr%22%2C%22visitor%22%3A%22auto%22%2C%22language%22%3A%22norwegian%22%2C%22_%22%3A1667839819%7D&callback=__clerk_cb_0
Requested by: Host: cdn.clerk.io
URL: https://cdn.clerk.io/clerk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.186.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-186-193.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2183fd34ae84cf12efa0a6fcfd815eb99ccb84e9cc9df93dad09574ab1485694

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.color4care.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Nov 2022 16:50:20 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 iQYYM0Q3oc7.css
static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/ Frame DE54 19 KB
5 KB 61ms
59ms Stylesheet
text/css 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/iQYYM0Q3oc7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ef776cfc92d6c%26domain%3Dwww.color4care.no%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.color4care.no%252Ff20c617fd806af%26relation%3Dparent.parent&container_width=1130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcolor4carenorge&locale=nn_NO&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

3a11f80f8cd093ca7d56169080928f70019fbed117aeac1146ebed7b3c58ae53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nAiXOhzlK6LqT1Gy5sJEOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4876
x-fb-rlafr: 0
x-fb-debug: rU3MtjLImcueejaX/wByG/gj3XFOWWKicq+UzzJlzWHp5CPo37YVE/LOkdwvjXDFR5BGdFgtSqPNkymPPk0qOQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 06 Nov 2023 15:48:56 GMT

GET
H2 200 5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame DE54 2 KB
1022 B 65ms
63ms Stylesheet
text/css 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qp62alFG777So/ro/wbkaA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 829
x-fb-rlafr: 0
x-fb-debug: FVhgptR9KIQ83d87U1XzNgS8+6rZcOFmogVoQvhdyAqhzn6lt5ExeIX/1JVKkoHv6aBcpS/hKEOW32+nrZ6yMg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Oct 2023 21:06:53 GMT

GET
H2 200 xUCu69_VoIG.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame DE54 6 KB
1 KB 60ms
59ms Stylesheet
text/css 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G4bSvzLG2IH4kVzNTn3U6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 871
x-fb-rlafr: 0
x-fb-debug: qWomoizgm+2F/7vIcYfNFeKMWg9JDn9Ysn6exUfMKMQ7Xkw22kn9Y6nVwwc1gR0bxynzKginl9Iqg2ZzQl0rBw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Nov 2023 17:16:10 GMT

GET
H2 200 DjO6Oym61Xn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame DE54 322 KB
87 KB 64ms
63ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/DjO6Oym61Xn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

16c5cdf84e3db6d8a37ec3b8c4bc2efa19253ba4e67c8bd1ee388115255ce514

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G9Pp55nXH0EsNqpewbiP8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88900
x-fb-rlafr: 0
x-fb-debug: 5jO0AaTVlzJ+YosWb3744n81gYjSyneSYfNjxnH/DssIk8/jpm4kIwgnQVsjzazE7izutSeVEmv0xRdISClGCA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 05 Nov 2023 01:31:40 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame DE54 5 KB
2 KB 61ms
59ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: 1Ryjq9ZNYX7N4i4Wd6GfG7L6Hl7LRF50orHZZilBGekuA6+TaFRlC54WDTWaSP7V4muqrSFcRAyzr3sG3XNq0w==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Oct 2023 16:49:24 GMT

GET
H2 200 NXJxRmgihgl.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame DE54 38 KB
12 KB 63ms
62ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

904cb3d055d18359601a723ab0647e3ef32b516256572676ea1c6e3026e1142e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /y0u7mDgxnzS9aiAZOFzmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12270
x-fb-rlafr: 0
x-fb-debug: kM5mLezCc+RADwSmkQ2inuWW/Okcog4/x3S3G+4VnVTuC2KOUCgJwJH6BzwUg5d4/FMR3X0980XkztLuMwy8zg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 27 Oct 2023 17:54:04 GMT

GET
H2 200 ojzICpVg5Kb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame DE54 52 KB
16 KB 64ms
63ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

511bb2e3d878baab516a36f721819aa1c99a0e7ca1ffdaad02aaefdffbf87445

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wrD8MriTscJDs6J7zFeZzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16259
x-fb-rlafr: 0
x-fb-debug: Rfs3txVT8L4PNL+HS49+hMfdJcnyjahxnIwZd9NsGZoXJzHoalQ/K2wzkziyxjza3pAjm6OKuOMJYvFaYsPe4g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 05 Nov 2023 03:01:13 GMT

GET
H2 200 I52F_owkvX4.js Show response
static.xx.fbcdn.net/rsrc.php/v3ia_64/yJ/l/nn_NO/ Frame DE54 83 KB
23 KB 124ms
123ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ia_64/yJ/l/nn_NO/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

ef117968302af6c20cd7d4764fa24869a869c66e33ad0724046e93cbc165546d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kowEkU2T6N+yPcjgeKeoGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23326
x-fb-rlafr: 0
x-fb-debug: HK8+cQtI66Tq+w6cfsMaJuQNy3HvUnj0mzzni0DOItiTR309JJB/zcfy2dyMrXdtzrtepWPw03oXBPf5ms/Jbg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 03 Nov 2023 05:06:07 GMT

GET
H2 200 288060270_4958021840991673_4458453574682815028_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/ Frame DE54 12 KB
12 KB 426ms
42ms Image
image/jpeg 31.13.72.12
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/288060270_4958021840991673_4458453574682815028_n.jpg?stp=dst-jpg_s526x296&_nc_cat=102&ccb=1-7&_nc_sid=dd9801&_nc_ohc=4-JyChcF928AX_6hqCt&_nc_ht=scontent-arn2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBWS0GL7qqm0eHfE3Q_K1U_pVVF9LyXgdFMOdrLLDQJ6w&oe=636E0B1E
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ef776cfc92d6c%26domain%3Dwww.color4care.no%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.color4care.no%252Ff20c617fd806af%26relation%3Dparent.parent&container_width=1130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcolor4carenorge&locale=nn_NO&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.13.72.12 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-arn2.fbcdn.net
Software: /
Resource Hash: d2b23409b320202025b8820e81cd8ff4ddc0d6757c21411b0661c1bbed9b6eaf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-haystack-needlechecksum: 3000536261
date: Mon, 07 Nov 2022 16:50:20 GMT
x-fb-trip-id: 1904183273
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 14 Jun 2022 13:08:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4016787160
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 502168798
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 12357

GET
H2 200 53682549_1956063811187506_7971206808838602752_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-1/ Frame DE54 1 KB
2 KB 59ms
58ms Image
image/jpeg 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/53682549_1956063811187506_7971206808838602752_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=FfL05iIiXbgAX9HDZFB&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfDoJ_XUHHRnddGs-NItTr1ob0jOfpE5GmCVhfNgWu-QAQ&oe=6390A6B6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ef776cfc92d6c%26domain%3Dwww.color4care.no%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.color4care.no%252Ff20c617fd806af%26relation%3Dparent.parent&container_width=1130&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcolor4carenorge&locale=nn_NO&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-frx5.fbcdn.net
Software: /
Resource Hash: 44bc28515c417c6318bd3996028d9d99f62622424cb369dbcabee2e824053e0a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-haystack-needlechecksum: 3841932721
date: Mon, 07 Nov 2022 16:50:19 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 13 Mar 2019 12:55:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3349717785
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4173457948
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1366

GET
H2 200 qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame DE54 3 KB
3 KB 360ms
59ms Image
image/png 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:20 GMT
x-content-type-options: nosniff
content-md5: iN31dShDArRt9ZikrDb13w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2616
x-fb-rlafr: 0
x-fb-debug: B9Fx5crFY0mvdr21obs1h0V3xLLmmDwO/sPmNJDRFBFNDTJV5ovndNcERMPwLo8tG0cR+ut44ekn2hljw4s9yA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Nov 2023 02:42:36 GMT

GET
H2 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame DE54 573 B
819 B 359ms
58ms Image
image/png 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/iQYYM0Q3oc7.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/iQYYM0Q3oc7.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:20 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: 27qRep9cu+fdjI0PsTMYH1upn4Uk3wl9DHCmXEepRnMILNvDrA2hd8sSDZkkC0PiE1UYGoZRL6pPQ8IYUMeQ7w==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Nov 2023 00:50:15 GMT

GET
H2 200 oDVETVg4GJv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame DE54 22 KB
7 KB 359ms
58ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/DjO6Oym61Xn.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0bpo8UawH0rvYNearbkm6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7236
x-fb-rlafr: 0
x-fb-debug: /badk7m8F2XXLpciLPtNEOpyKuSNUpPFQxolXg0OpuFmgEIaSha5dVQMhDbv2iWE+BvrQ0gasD//h5P3aKH8Gw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Oct 2023 16:49:25 GMT

GET
H3 200 frame-modern.519578b1.js Show response
js.intercomcdn.com/ Frame 6AF8 446 KB
122 KB 130ms
67ms Script
application/javascript 99.86.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.519578b1.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x6t63uob

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-109.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

765566747a5fc8557810ed94ef3cb13e430cdb4d89540583201c8ee6a473027b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id: gZm9WlwBfgA7TpVlcFdcyDopJTAzfsJJ
date: Mon, 07 Nov 2022 15:07:14 GMT
x-amz-cf-pop: FRA6-C1
age: 6186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 124460
last-modified: Mon, 07 Nov 2022 11:05:25 GMT
server: AmazonS3
etag: "fd43c116ecbc01ab8502a6fa6e14ed6b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: JplVmpvsAUGube8Hn5jqtGYDuXA2KFe2EeozXrMxLMj57DSOoPMNcA==

GET
H3 200 vendor-modern.89e225e9.js Show response
js.intercomcdn.com/ Frame 6AF8 236 KB
73 KB 120ms
58ms Script
application/javascript 99.86.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.89e225e9.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x6t63uob

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-109.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5fbd91f54cbcf754eb07aedda60473dc7924e388479cb24284613b5fccf2e15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id: rWthdkK3D73Pp6T1ddA5OwH_NDUx57Af
date: Mon, 07 Nov 2022 15:30:00 GMT
x-amz-cf-pop: FRA6-C1
age: 4820
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74257
last-modified: Fri, 04 Nov 2022 17:11:25 GMT
server: AmazonS3
etag: "a05f63df8461cf4480503d375a8242db"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: VvBi8C7fkf41yDiCwQMNx3DDvLOGKx_GQUSSgfVdqLPW2ntaLgAqpw==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BDF1
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wE3-54yJlSU_Z22FFnth3p50JOuwSYVD

0
338 B

207ms
66ms

Image
text/plain

52.208.54.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wE3-54yJlSU_Z22FFnth3p50JOuwSYVD
Protocol: H2
Server: 52.208.54.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-54-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Mon, 07 Nov 2022 16:50:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1667839820
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wE3-54yJlSU_Z22FFnth3p50JOuwSYVD
date: Mon, 07 Nov 2022 16:50:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 2681952
content-length: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 6AF8 9 KB
3 KB 742ms
484ms XHR
application/json 3.93.95.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.519578b1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.95.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-95-179.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5778e659393328644e10ad33bf1cec4ce331d7d9f37e5f3de43aa65521ea1e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 16:50:20 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0030b7455fa630838
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00197jmooh3d2f6ofi50
x-runtime: 0.313807
server: nginx
etag: W/"5778e659393328644e10ad33bf1cec4c"
x-ratelimit-remaining: 13332
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.color4care.no
x-intercom-version: 2d52c0b7362bf67ef11416cafabfb742e822431d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1667839830
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H2

200

cs
s.thebrighttag.com/ Frame BDF1
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ozgXSpkpYV71ATSzYWhWpfkRjZN1nyAH

35 B
268 B

424ms
139ms

Image
image/gif

3.23.184.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ozgXSpkpYV71ATSzYWhWpfkRjZN1nyAH
Protocol: H2
Server: 3.23.184.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-184-187.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:50:20 GMT
x-bt-requestid: 43fb03e0-5ebc-11ed-aee7-0000ac170113
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ozgXSpkpYV71ATSzYWhWpfkRjZN1nyAH
date: Mon, 07 Nov 2022 16:50:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1559443
content-length: 0

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.color4care.no/	1970-01-20 07:46:07	Name: PrestaShop-2d6857381ae0c75dab71195c3806f340 Value: miD1pETtLjbajmYriXYgmO7zwD3mDa%2BL5P3YyB7HH9TF0shZcVhCWBH5KFmpPkfHwYsCF71vTHOa9FS3bMQK%2BIrp7HG9BUfWp5uHJM%2BYx864bvSwHjIjfc1U2VOsMbGO9naYYNgCeyY9OyuP5nMMNLq8oeirwihhsWMQRWtzN1I%3D000119
www.color4care.no/	1969-12-31 23:59:59	Name: fbp Value: fb.1.1667839817.MPZPUHjV87ZZ
.bing.com/	1970-01-20 16:38:55	Name: MUID Value: 0350595434286D7A04DD4B0135DD6C4F
.color4care.no/	1970-01-20 07:18:46	Name: _uetsid Value: 429025c05ebc11edbb129174e3e12c97
.color4care.no/	1970-01-20 16:38:55	Name: _uetvid Value: 429010b05ebc11edb70dd31103167494
.color4care.no/	1970-01-20 07:18:46	Name: _gid Value: GA1.2.962439215.1667839818
.color4care.no/	1970-01-20 07:17:19	Name: _gat Value: 1
.color4care.no/	1970-01-20 09:26:55	Name: _gcl_au Value: 1.1.1884912812.1667839818
.color4care.no/	1970-01-20 16:53:19	Name: _ga_W6RNYB6W7F Value: GS1.1.1667839818.1.0.1667839818.0.0.0
.color4care.no/	1970-01-20 16:53:19	Name: _ga Value: GA1.1.222165128.1667839818
.color4care.no/	1970-01-20 09:26:55	Name: _fbp Value: fb.1.1667839818643.1197989088
.criteo.com/	1970-01-20 16:38:55	Name: uid Value: e680c42d-b7b5-4285-82eb-1c5de7aeac7a
.color4care.no/	1970-01-20 16:46:43	Name: cto_bundle Value: 0FJfIl9iVHBlZmV3MUZMUXUzaHZXYWxNMUQ4bU1ydGVReHIlMkZERGk2ZFBHOXV2TUd3STZRVUxiNnEyZDAlMkY0SngxV2V6QklGTyUyRlhIck5kU01JVHlCRjZUYzhJektyQU80VTkzSVVXUUZuTDg2Y0xwVEdnemp5d0p2QVNzQXd0ZXZGcVFOdkFUMEplYXBCS2FWeGRUUmdhJTJCbGV1USUzRCUzRA
.color4care.no/	1970-01-20 16:02:55	Name: _hjSessionUser_31744 Value: eyJpZCI6IjNmNmRkMzdjLWQ2MTEtNTYwMy1iYTM3LWJhMjc0YTdhZmRlYiIsImNyZWF0ZWQiOjE2Njc4Mzk4MTg4ODAsImV4aXN0aW5nIjpmYWxzZX0=
.color4care.no/	1970-01-20 07:17:21	Name: _hjFirstSeen Value: 1
www.color4care.no/	1970-01-20 07:17:19	Name: _hjIncludedInSessionSample Value: 0
.color4care.no/	1970-01-20 07:17:21	Name: _hjSession_31744 Value: eyJpZCI6ImMzZmZmNjIyLTEzOTctNGI4Ni05YTMyLTkyZjM1MmRhYTU4YSIsImNyZWF0ZWQiOjE2Njc4Mzk4MTg5MTIsImluU2FtcGxlIjpmYWxzZX0=
www.color4care.no/	1970-01-20 07:17:19	Name: _hjIncludedInPageviewSample Value: 1
.color4care.no/	1970-01-20 07:17:21	Name: _hjAbsoluteSessionInProgress Value: 0
.google.com/	1970-01-20 11:40:51	Name: NID Value: 511=E3Ibb-q1d00GNnVmBhgyG19aigHT5CMPVCslAPDuqo-o9KlfNyyiwnM4VmM1Xf6tvzAdwSYRVbTWdyn4symJiDOQuoa9GRZaaC4A8HaYONa6T2k-gyEU5bMsMhWmZZ1UO14EG8dGj2pqqlbo-apJcLjqF73g3FrIeZ4jwYaWYek
.casalemedia.com/	1970-01-20 16:02:55	Name: CMID Value: Y2k3S9fvdhqqSdcITyIxhAAA
.casalemedia.com/	1970-01-20 09:26:55	Name: CMPS Value: 714
.casalemedia.com/	1970-01-20 09:26:55	Name: CMPRO Value: 714
.adnxs.com/	1970-01-20 09:26:55	Name: uuid2 Value: 2012336483727893333
.pubmatic.com/	1970-01-20 08:00:31	Name: KRTBCOOKIE_97 Value: 3385-uid:k-LEO0jWPgIF4qrDBe8fh4D1xvSRRYcaHZkZRpmg&KRTB&23144-uid:k-LEO0jWPgIF4qrDBe8fh4D1xvSRRYcaHZkZRpmg&KRTB&23286-uid:k-LEO0jWPgIF4qrDBe8fh4D1xvSRRYcaHZkZRpmg&KRTB&23287-uid:k-LEO0jWPgIF4qrDBe8fh4D1xvSRRYcaHZkZRpmg
.pubmatic.com/	1970-01-20 08:00:31	Name: PugT Value: 1667839818
.360yield.com/	1970-01-20 09:26:55	Name: tuuid Value: a9271319-343a-4de9-8a90-4b9e53908d00
.360yield.com/	1970-01-20 09:26:55	Name: tuuid_lu Value: 1667839819
.casalemedia.com/	1970-01-20 09:26:55	Name: CMTS Value: 695
.doubleclick.net/	1970-01-20 16:53:19	Name: IDE Value: AHWqTUn5cIVLCfip4ADjwmMdnYfIjxp8rXGyEdA9BgTgbZBtnpaVv6Jz5ssw2B2C2h0
.bidswitch.net/	1970-01-20 16:02:55	Name: tuuid Value: 30e40a33-1a04-4dd4-951b-7eaaa8ac6738
.bidswitch.net/	1970-01-20 16:02:55	Name: c Value: 1667839819
.bidswitch.net/	1970-01-20 16:02:55	Name: tuuid_lu Value: 1667839819
.360yield.com/	1970-01-20 09:26:55	Name: um Value: !38,BPQKp61tVOu07YqUlNnpVNejYf8FpRMAlQ4tHDyZTfNAZUI5gKCSV5.1hg--9CPsbW0A..Fs,1675615819
.360yield.com/	1970-01-20 09:26:55	Name: umeh Value: !38,0,1730047819,-1
.demdex.net/	1970-01-20 11:36:31	Name: demdex Value: 80110118467989214704382015154812225653
.media.net/	1970-01-20 16:02:55	Name: visitor-id Value: 3108414199417988000V10
.media.net/	1970-01-20 08:00:31	Name: data-c-ts Value: 1667839819
.media.net/	1970-01-20 08:00:31	Name: data-c Value: k-CUBLVGPgIF4qrDBe8fh4D1xvSRRfN5imUOyvnw~~3
.dpm.demdex.net/	1970-01-20 11:36:31	Name: dpm Value: 80110118467989214704382015154812225653
.smartadserver.com/	1970-01-20 16:47:34	Name: pid Value: 3967520170852979328
.smartadserver.com/	1970-01-20 16:47:34	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 16:02:55	Name: csync Value: 79:k-0IxGsGPgIF4qrDBe8fh4D1xvSRRAk5WnYpF6Ew
.yahoo.com/	1970-01-20 16:03:17	Name: A3 Value: d=AQABBEs3aWMCEIIMHFVC4uVfeYhax8r5zGcFEgEBAQGIamNzYwAAAAAA_eMAAA&S=AQAAAmcbMejtBJt3tPz7mrDe_mg
.omnitagjs.com/	1970-01-20 08:00:31	Name: ayl_visitor Value: d2274911d703868d07d1d1d6f2f25da9
.id5-sync.com/	1970-01-20 07:17:20	Name: cf Value:
.id5-sync.com/	1970-01-20 07:17:20	Name: cip Value:
.id5-sync.com/	1970-01-20 07:17:20	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:17:20	Name: car Value:
.id5-sync.com/	1970-01-20 07:17:20	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:17:20	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 16:02:55	Name: IDSYNC Value: 18zh~285s
exchange.mediavine.com/	1970-01-20 07:37:29	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2243ad0af0-5ebc-11ed-b168-0553b0b0f0f4%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:37:29	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2243ad0af0-5ebc-11ed-b168-0553b0b0f0f4%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:37:29	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2243ad0af0-5ebc-11ed-b168-0553b0b0f0f4%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:37:29	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2243ad0af0-5ebc-11ed-b168-0553b0b0f0f4%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:37:29	Name: criteo Value: %7B%22id%22%3A%22k-E67_PGPgIF4qrDBe8fh4D1xvSRR2gIr2piaqGA%22%2C%22version%22%3A%22criteo%22%7D
.yieldlab.net/	1970-01-20 16:02:55	Name: id Value: db385e8f-11b6-482e-81d1-36b3c0cf7bfc
.krxd.net/	1970-01-20 11:36:31	Name: _kuid_ Value: PL1bhkjQ
.yieldmo.com/	1970-01-20 16:02:55	Name: yieldmo_id Value: gdc46a613b964138b746%7C1667839820140%7C0%7C
.ads.yieldmo.com/	1970-01-20 16:02:55	Name: ptrcriteo Value: k--7tZKWPgIF4qrDBe8fh4D1xvSRTDqxV3VCH60Q
.color4care.no/	1970-01-20 13:46:09	Name: intercom-id-x6t63uob Value: 1109ee3f-d13b-4627-a9e8-3b269c557bd8
.color4care.no/	1970-01-20 07:27:24	Name: intercom-session-x6t63uob Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.klarna.com/1.0/code/client/all.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=-2859&position=BOTTOM_RIGHT&origin=https%3A%2F%2Fwww.color4care.no&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.no.hX_ZsJkz6VM.O%2Fd%3D1%2Frs%3DAHpOoo-nRSTwV3B_EbBvifU_uy49AvG0NQ%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1667839818431&_gfid=I0_1667839818431&parent=https%3A%2F%2Fwww.color4care.no&pfname=&rpctoken=23324198 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
api-iam.intercom.io
api.clerk.io
apis.google.com
bat.bing.com
beacon.krxd.net
cdn.clerk.io
cdn.klarna.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
in.hotjar.com
js.intercomcdn.com
match.sharethrough.com
matching.ivitrack.com
mimgs.s3.amazonaws.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
scontent-arn2-1.xx.fbcdn.net
scontent.xx.fbcdn.net
script.hotjar.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
vardvaskan-132b9.kxcdn.com
vars.hotjar.com
visitor.omnitagjs.com
widget.intercom.io
www.color4care.no
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.18.18.126
13.107.21.200
13.248.245.213
13.32.27.15
13.32.27.21
13.32.27.54
141.226.228.48
141.95.98.64
142.250.181.238
142.250.184.200
142.250.184.226
142.250.185.106
142.250.185.226
142.250.185.227
142.250.185.67
142.250.186.132
142.250.186.46
142.251.5.154
143.204.215.26
172.217.16.130
178.250.0.130
178.250.0.157
178.250.0.163
18.156.0.31
185.172.148.128
185.255.84.153
185.60.216.19
185.60.216.35
185.64.189.110
185.86.139.57
185.89.210.141
2.18.232.7
2.18.235.93
216.239.32.36
3.123.68.182
3.124.68.177
3.125.244.197
3.23.184.187
3.93.95.179
31.13.72.12
34.117.157.22
37.157.4.25
52.208.54.255
52.31.243.194
52.57.87.55
52.58.186.193
52.92.19.65
54.154.123.93
54.163.167.231
54.229.162.197
54.76.210.146
69.173.144.138
70.42.32.191
94.246.97.146
96.16.132.239
99.86.4.107
99.86.4.109
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
128033f5ea6e01b78394a1cc1e3c3927c3951be5e22080785d53a0ef3ca536e5
1611fa0aa44461dcf5b61047197eac8aacd1c5398da70fbb9dd8f2144c26af97
16c5cdf84e3db6d8a37ec3b8c4bc2efa19253ba4e67c8bd1ee388115255ce514
16e69006ddfddecc4db7da78c7ad6b0caa7b75943880d8d3112c4c514dc3f957
1ab7a35276d052864bb94cbaa8c537844f0d37b1e10a747c7fed258329afb965
1c3dfaf1d21a64bfef36ef863bf0cf9418fab557175272d3f77dc361ff217b31
2183fd34ae84cf12efa0a6fcfd815eb99ccb84e9cc9df93dad09574ab1485694
21a0c213161247827727312aaff4098c436d11121415532ee9428e1c351c3563
22e0ce00363664e7d9da99b26e1c3feaabb9b6a34d63042e38a040aa2edb47a1
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
248f10ef20996f4520d2185720dc98178fc6021656537957af3d632039bef1a3
25b705094aefeda7f1b40a7cd572d93450274cc48ce628e25fbafdb23e8bf4a0
263b61b1d0c63ee79ab1102a8e56064379b7fbc358b20d6fee91e35a87ee61c2
28f93372a58bc369c2461ca7152a887cde9540e529fd90c467d800a8485b9409
2fe01fcac771c5777ea2b5c844808b05c3b7d6d2502dd8970d4a48b2f3848446
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34ad5bd3a512346bba28ed19e5a0ead936c8e7ee36baf269915c122d7d26cf3c
35ce83fd6fd4eed8c44e402217c637445c0bde581a41ee75ce4cac57835f89db
3a11f80f8cd093ca7d56169080928f70019fbed117aeac1146ebed7b3c58ae53
3b08ad3207f8d9fe99de7eacc9f2f0b1d54f22aab54d37980935ca1975c8476c
3b4ff28d8f8b3cb7a72020673df1555379de0213dd0683f433cb6a776eaadb21
43663824d9d5cc2872038c0d3739d0bcbbd2d7d0ba9aeae2c9903535e4f9f60e
44bc28515c417c6318bd3996028d9d99f62622424cb369dbcabee2e824053e0a
46b134c5fab9b09c596d5c5125a10a5fbd4913163573774e3ea5b893e55706e6
4a01100e5515ea2b9e1f1b55de1ba4d8c98a3d244c5df22a6e12ba56f98d885e
4bbeba12e09dae7c87a5451fd4b61a5ddcbcaadd11dc0909378b4fe9df7bf90a
4c961073e3386fbfffb84de1016d38620b4a67b7cde89f58ac85345ce3aa3cb1
4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42fbcab7354575b2cd76056ea8d4de6520aec9a5675fc4d14a0167193a80b8
50fb7d4f219d3a5a974ff4e3bb78f9d0c6daa1d6e5f1af2cd6d726532888ad89
511bb2e3d878baab516a36f721819aa1c99a0e7ca1ffdaad02aaefdffbf87445
52388ec201350d286c8e37c14f17117edeff94754f70996320e93cc1ad8f0446
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
5778e659393328644e10ad33bf1cec4ce331d7d9f37e5f3de43aa65521ea1e5e
5fbd91f54cbcf754eb07aedda60473dc7924e388479cb24284613b5fccf2e15e
601b0d76b7835742df77dc85298ce05864fde10002999ecf3c8cf0e1d1649cda
655454942cf5710e50b8da3b8bf52f25d58a9accbd917ed2ac404a0ce0b2b8de
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
66faef23b2f292e0160fa946a0158a8dfbf3c67ba3608cdb4a58602dbad75f74
717e73f3ebbeada2dbc758c99fa6ef92600909e4bae93e1e9e6c583c0764ef17
731394b6e035991e7bf49f713c86d7d1e7e6d2c7d84b255a568c44af89044d6c
73157d96343bfbcd9ffff538487b843b7d20cef45c8464ba49c80ec6493b537d
74c7e59b09809f21d1df60efe71a505721ac699851dd03452369c5c9052c27ae
765566747a5fc8557810ed94ef3cb13e430cdb4d89540583201c8ee6a473027b
7a22e22eeb23c85bbf1d6328e1da9cf1c46ee1dc48fab94cac755da1c232d5ac
8228e1d400cee866efdf1ad94aa37269cda707e9271d1ea2d4baacac1119722c
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a436dd4405ef0ca73c28b7438737e331911df3c152ee70efc8fc736c4b5f29
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4bb2235a3f228e35ab4d3184118de9cd8b7369db6a03a75b15df85a9ea0ac5
8eba388ccdb39e2074893b816bc16c12e029e14f981e2e1d3d27ff2956041667
904cb3d055d18359601a723ab0647e3ef32b516256572676ea1c6e3026e1142e
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9a8af6e416bb47df6aad2fbb3370966d07e1b7bba651a9c165561a4b5f30ad5a
9b0e953cc1aa34e1255a3dff81408090cd1786c9db5ab5acb326454c94ec5e99
9cc073740b89a2e8dc5e1f1aec49cd61d2aaa79aa9f34f742a460e6a8fd2f850
9e2b87c28a188d8be7a1783d8081dc441167634b86c65db79e5ef75e05437552
9ea86969c1769d80d5ba09445a99a28e1c0ab5669bec04a1aaefddc2f5961e98
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5a2c34d58b2eece003f84368840b07a7a86a53e9ea46ac3e8c60d5cd61083bb
a7d614b61505cfdc6406d3867d47cf91db40ca859197c048e5443028bd32ed02
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b66142a01e5051588c3be52ba99c5b15478819cf1cf85a1efd84036e8a1e4599
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd411c282a41f2967f5db7ec0b4c9d8ea6eb6b95b26b5507f2889c8c37fd8043
bfe353a28f7572ce856d4e9aa0b76c88867690358c69ea1693a473a0a68e6ace
ca615ca30ede3bf34619342f65c45762c429b40a06335b5d9efca8896d3bdb9f
cedc21fbfa810a715602044fdfca15cdd06e412c2c2073336aa8b65093d71b52
cf2ae9f8e0fdb9cbb178a84a1d99b970b6585c7373706618534fdd7befaf561a
d0db9310a5f4bb424454bcadb50c4019330baf09aadf5e002dc89f34a73118b0
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2b23409b320202025b8820e81cd8ff4ddc0d6757c21411b0661c1bbed9b6eaf
d57f8534f2221f46ad1aec92f84145d87e889349b17737324f761c11679ee933
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
d8c2468da03942229dc7749bc6096a144c62cccecb4a043300697d5399233c95
da36967226b71af2eb5cea0b505ca99bd65967233ee3fd6e36a02b3e91827b20
da74628cdc8b33a8077e45e8bbbaf51975754de256b4583af66282ba0bd6f8f3
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4675d689adccd74fb714db2a6f28cd4dacaf7cb24d3d1db508904787cd968ff
ef117968302af6c20cd7d4764fa24869a869c66e33ad0724046e93cbc165546d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fbccb89abc10c5fc4c2d3f77a3ec3fab1862c2323d181d761a2b7624eb032246
fd87916be8f7be6c8446c5d39d337af2e90722d14c760bb6782af82e7c3939fc

www.color4care.no Open in urlscan Pro 94.246.97.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

91 %HTTPS

0 %IPv6

47 Domains

60 Subdomains

55 IPs

10 Countries

1857 kBTransfer

5509 kBSize

63 Cookies

28 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.color4care.no Open in urlscan Pro
94.246.97.146 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

91 %
HTTPS

0 %
IPv6

47
Domains

60
Subdomains

55
IPs

10
Countries

1857 kB
Transfer

5509 kB
Size

63
Cookies

116 HTTP transactions
9 data transactions