urlscan.io logo urlscan.io
SecurityTrails logo

www.upstreamonline.com Open in urlscan Pro
65.9.66.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.nhstglobal.com/e3t/Ctc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-x...
Effective URL: https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqt...
Submission: On March 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 28 HTTP transactions. The main IP is 65.9.66.79, located in United States and belongs to AMAZON-02, US. The main domain is www.upstreamonline.com. The Cisco Umbrella rank of the primary domain is 176134.
TLS certificate: Issued by Amazon on February 28th 2022. Valid for: a year.
This is the only time www.upstreamonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 5 65.9.66.79 16509 (AMAZON-02)
1 1 65.9.66.122 16509 (AMAZON-02)
14 2a02:c0:ac:6:... 39029 (REDPILL-L...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
28 6
2    2606:2c40::c73c:671e (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.nhstglobal.com
5    65.9.66.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-79.fra56.r.cloudfront.net
www.upstreamonline.com
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
nhst.auth.zephr.com
14    2a02:c0:ac:6:fe::145 (Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)
subscription-static1.dn.no
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 dn.no
subscription-static1.dn.no
237 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
341 KB
5 upstreamonline.com
www.upstreamonline.com — Cisco Umbrella Rank: 176134
95 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
23 KB
2 nhstglobal.com
www.nhstglobal.com
4 KB
1 zephr.com
nhst.auth.zephr.com — Cisco Umbrella Rank: 264058
898 B
28 6
Domain Requested by
14 subscription-static1.dn.no www.upstreamonline.com
subscription-static1.dn.no
5 www.upstreamonline.com 1 redirects www.nhstglobal.com
subscription-static1.dn.no
www.upstreamonline.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com subscription-static1.dn.no
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 www.nhstglobal.com 1 redirects
1 nhst.auth.zephr.com 1 redirects
28 7

This site contains links to these domains. Also see Links.

Domain
info.rechargenews.com
Subject Issuer Validity Valid
www.nhstglobal.com
Cloudflare Inc ECC CA-3		 2021-06-20 -
2022-06-19		 a year crt.sh
www.rechargenews.com
Amazon		 2022-02-28 -
2023-03-29		 a year crt.sh
*.dn.no
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-18 -
2023-03-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
Frame ID: 1E7939AAA775C45C54DC699DBF2C1211
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
Frame ID: EB46CDC289F08C7A63C108F8426DB850
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My settings

Page URL History Show full URLs

  1. https://www.nhstglobal.com/e3t/Ctc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-W... Page URL
  2. https://www.nhstglobal.com/events/public/v1/encoded/track/tc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W8... HTTP 307
    https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207... HTTP 302
    https://nhst.auth.zephr.com/zephr/sso?siteRequestUrl=http%3A%2F%2Fwww.upstreamonline.com%2Fprivacy%2Fmy-... HTTP 302
    https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

28
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

699 kB
Transfer

1865 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nhstglobal.com/e3t/Ctc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-xCW30dWvW20rcK7W45d62l50ldYVW7v1r3H5_Z-F8W1YPvg72Nz3_tW4-Plsj6clN5SN588rBczzsYxV3wFjq2qX9QRW6Vp6x042ZM4pW64Fv-D6rtjkyW9cymWK64Hgm-W5pRNZT74QHL4W2JZCsY8bMxl9W5rXyq45WBSFtW5Tfx1M11kPXfW2VRHHH5_gPd-W3S0D5x8lwZ94W7Z_r804__0YbW1ZQCXG3WHB4PW5ZNKC-8m0j38W7z_ppG5ZlVBCW8B0cdM7PqF8p3fng1 Page URL
  2. https://www.nhstglobal.com/events/public/v1/encoded/track/tc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-xCW30dWvW20rcK7W45d62l50ldYVW7v1r3H5_Z-F8W1YPvg72Nz3_tW4-Plsj6clN5SN588rBczzsYxV3wFjq2qX9QRW6Vp6x042ZM4pW64Fv-D6rtjkyW9cymWK64Hgm-W5pRNZT74QHL4W2JZCsY8bMxl9W5rXyq45WBSFtW5Tfx1M11kPXfW2VRHHH5_gPd-W3S0D5x8lwZ94W7Z_r804__0YbW1ZQCXG3WHB4PW5ZNKC-8m0j38W7z_ppG5ZlVBCW8B0cdM7PqF8p3fng1?_ud=ae9d976d-429f-4733-965a-7adb706363ec&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email HTTP 302
    https://nhst.auth.zephr.com/zephr/sso?siteRequestUrl=http%3A%2F%2Fwww.upstreamonline.com%2Fprivacy%2Fmy-settings%3Futm_campaign%3DUPS_Single_Churn%26utm_medium%3Demail%26_hsmi%3D207788795%26_hsenc%3Dp2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ%26utm_content%3D207710400%26utm_source%3Dhs_email HTTP 302
    https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-xCW30dWvW20rcK7W45d62l50ldYVW7v1r3H5_Z-F8W1YPvg72Nz3_tW4-Plsj6clN5SN588rBczzsYxV3wFjq2qX9QRW6Vp6x042ZM4pW64Fv-D6rtjkyW9cymWK6...
www.nhstglobal.com/e3t/Ctc/T5+113/c9Q-B04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nhstglobal.com/e3t/Ctc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-xCW30dWvW20rcK7W45d62l50ldYVW7v1r3H5_Z-F8W1YPvg72Nz3_tW4-Plsj6clN5SN588rBczzsYxV3wFjq2qX9QRW6Vp6x042ZM4pW64Fv-D6rtjkyW9cymWK64Hgm-W5pRNZT74QHL4W2JZCsY8bMxl9W5rXyq45WBSFtW5Tfx1M11kPXfW2VRHHH5_gPd-W3S0D5x8lwZ94W7Z_r804__0YbW1ZQCXG3WHB4PW5ZNKC-8m0j38W7z_ppG5ZlVBCW8B0cdM7PqF8p3fng1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 24 Mar 2022 19:30:27 GMT
content-type
text/html;charset=utf-8
cf-ray
6f11d24a98162373-ZRH
last-modified
Thu, 24 Mar 2022 19:30:27 GMT
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
b0d00ffe-a357-4f9b-9eb1-7e8ed0376e99
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gbqb54%2B6%2F7Cxj2GbxlXj6FkAM7u6%2FYE2b9X%2Fia1JGMaetgcGd%2BVkk4sjflvQK55%2BlDJgS40vcf0GPbr0voXWklALp3LQv6Yb3YsT6oWfTE4MPaHogeTYwaOKCb5Ar%2Bi3LJ6eaEg2yQ7BUYetRv4bzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request my-settings
www.upstreamonline.com/privacy/
Redirect Chain
  • https://www.nhstglobal.com/events/public/v1/encoded/track/tc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-xCW30dWvW20rcK7W45d62l50ldYVW7v1r3H5_Z-F8W1YPvg72...
  • https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1...
  • https://nhst.auth.zephr.com/zephr/sso?siteRequestUrl=http%3A%2F%2Fwww.upstreamonline.com%2Fprivacy%2Fmy-settings%3Futm_campaign%3DUPS_Single_Churn%26utm_medium%3Demail%26_hsmi%3D207788795%26_hsenc%...
  • https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1...
399 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
Requested by
Host: www.nhstglobal.com
URL: https://www.nhstglobal.com/e3t/Ctc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-xCW30dWvW20rcK7W45d62l50ldYVW7v1r3H5_Z-F8W1YPvg72Nz3_tW4-Plsj6clN5SN588rBczzsYxV3wFjq2qX9QRW6Vp6x042ZM4pW64Fv-D6rtjkyW9cymWK64Hgm-W5pRNZT74QHL4W2JZCsY8bMxl9W5rXyq45WBSFtW5Tfx1M11kPXfW2VRHHH5_gPd-W3S0D5x8lwZ94W7Z_r804__0YbW1ZQCXG3WHB4PW5ZNKC-8m0j38W7z_ppG5ZlVBCW8B0cdM7PqF8p3fng1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-79.fra56.r.cloudfront.net
Software
gunicorn /
Resource Hash
35a7f55541ae197ec5d1f6cc106a39fad13b6ae3ddf07a8c849bff323ad1c0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.nhstglobal.com/e3t/Ctc/T5+113/c9Q-B04/VVqmQL7pWgnDW2-_9yp62H0R6W842MfZ4H26_pMJvQmV3pdr7V1-WJV7CgVVsW479RcF3k5-xCW30dWvW20rcK7W45d62l50ldYVW7v1r3H5_Z-F8W1YPvg72Nz3_tW4-Plsj6clN5SN588rBczzsYxV3wFjq2qX9QRW6Vp6x042ZM4pW64Fv-D6rtjkyW9cymWK64Hgm-W5pRNZT74QHL4W2JZCsY8bMxl9W5rXyq45WBSFtW5Tfx1M11kPXfW2VRHHH5_gPd-W3S0D5x8lwZ94W7Z_r804__0YbW1ZQCXG3WHB4PW5ZNKC-8m0j38W7z_ppG5ZlVBCW8B0cdM7PqF8p3fng1

Response headers

content-type
text/html; charset=utf-8
content-length
92233
date
Thu, 24 Mar 2022 19:30:28 GMT
server
gunicorn
x-frame-options
DENY
x-content-type-options
nosniff
referrer-policy
same-origin
x-debug-app-id
sub_privacy_dashboard
x-generated-at
2022-03-24T19:30:28Z
x-server-generated-cache-header
no-cache, no-store, must-revalidate
x-host
www.upstreamonline.com
x-url
/privacy/my-settings?_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&_hsmi=207788795
x-webcache-server
fe3-osl4.nhst.c.bitbit.net
x-varnish
62477909
via
1.1 varnish (Varnish/6.0), 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
accept-ranges
bytes
x-zephr-cache
miss
cache-control
no-cache, no-store, no-transform
content-encoding
gzip
vary
Cookie,Origin,Accept-Encoding
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
RkWETsWDhE8TSlPcy9ntf5av4p3YagScmRmnnFhqPx-HGakboLmGqg==
age
0

Redirect headers

content-type
application/json; charset=UTF-8
content-length
4
date
Thu, 24 Mar 2022 19:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
location
//www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
x-blaize-request
41ea48b8
x-cache
Miss from cloudfront
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
SV1laL1GdjwcYeI1TUT53ZWS6uCnudeyOZDBHA6Is10GshoNVWCOjQ==
output.54e1b2f5f6c9.css
subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/css/output.54e1b2f5f6c9.css
Requested by
Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
54e1b2f5f6c9c34044c871d2cb6ca73dbd09d1232643f47d4963dbe1847f644a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 19:18:06 GMT
Content-Encoding
gzip
Age
744
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
3091
x-amz-id-2
RBN11yUibUtYdr8CbSK9IJhv2nrKpUmotSH2ugc6RrZ1NerewEisZQoAy4ucjHHpSZBsXQjyljM=
X-Grace-Status
Last-Modified
Tue, 22 Mar 2022 06:22:04 GMT
ETag
W/"547caed54ed4f40cb3472fc3934fd6c3"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
x-amz-version-id
oKXTCwYi2hpW7YhMl3dkuamiT6N0YzSf
Accept-Ranges
bytes
output.41fdf81593e4.js
subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/ 		469 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Requested by
Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
41fdf81593e4c9c57ff02cbb220e258b016aed0122c59f72c9b045c6c42934b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 19:11:18 GMT
Content-Encoding
gzip
Age
1151
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
149711
x-amz-id-2
P/q+F9WkQZwounbhe63KJ9VhD8tkRDgs1gH8f2U5/pyvbBdKBAW4xYggDwhXBrhm11TiZV6N8dw=
X-Grace-Status
Last-Modified
Tue, 22 Mar 2022 06:22:26 GMT
ETag
W/"825228c43490ac2ae923a920db668ef5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
x-amz-version-id
XVaUsUU4eilfqGRUzbPZkrpehja3xwS_
Accept-Ranges
bytes
api.js
www.google.com/recaptcha/ 		852 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c9d6a2a58b9c7f4ee284526ef182398d1686c5de84286fd58ae111b172d4d456
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Thu, 24 Mar 2022 19:30:29 GMT
nhst-logo.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/nhst-logo.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
69b5c37f4c634a0f55f00957855e1e83f802389f71428f96a4612fe01e222914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:35:46 GMT
Content-Encoding
gzip
Age
28484
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
3529
x-amz-id-2
RKgkpRaqxyku4xDd8bu9q92bm+tIERN4VRp6tMIVjzEnaiRqRWedLC8R1OgEZIdl5C92D9w7lQU=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"fbd32bcb837775ff3b6b2a95ec9cc429"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
ITUzu_jsB67AV2FGwCQPvHXkt.ZUQvFl
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
open.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/ 		994 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/open.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
99f4d93d4e9579019955a39948ce0118a37c6ab4d17cab5af5879903b58f7188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 10:33:18 GMT
Content-Encoding
gzip
Age
32232
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
466
x-amz-id-2
SftRM3KBB7FwV2I9IyDfBmqoj1idenGFnBGf7U1YXC+TDkwSe/AAkVEHvxodKbUxox7OYiRso38=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"dbb59680d44aebbf512a1dae307b0639"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
Y8BxlpBrp_9tIR2iAal364jCP4_so0.J
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
recharge.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/recharge.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
28efec707cdc58e15511c8ebc0f75825adab60cbb31ea6f1673a46478a736feb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 09:00:53 GMT
Content-Encoding
gzip
Age
37777
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
1244
x-amz-id-2
JHwx4kWt3d487skgBLP9i46ZToZa+NbyRfvjvStf886fp6TdU3ue7uOQv4bpGUYnkQCc2VoHY3A=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"db521bad5767082fb4d8fc09be1d96d3"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
cup8B1LXYgza6hj93luasNqudbCpJUUf
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
fiskeribladet.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/fiskeribladet.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
01214827b2e5b30f9486dfcebcd6c299699b90cb953184c69bb2fb9e3b3a3538

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:16:53 GMT
Content-Encoding
gzip
Age
29617
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2378
x-amz-id-2
pG8DWiNxZ7Jxf2KfwQyB0iyT9ecmkY1D2bguYG3zotn24P/VX/n4J/Q429nI++znyVlbR3Kqy88=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"6be3990b56f4a6237ffeb10d78af112f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
h7IIMxH1MbNXWf4BkqQgp6qDy6f_6Ras
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
dn.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/dn.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
c59c4307c5cf38ec0994ec1c92e717b5173ac4d9aaa999d159e2338a5957480e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:16:53 GMT
Content-Encoding
gzip
Age
29617
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
5503
x-amz-id-2
4LjLcU0Ddns4lRWPdxGwppUyQeUrE7FH1WxqawHrYr/l1jAw1LEaNoUFQ9kZOupIGt90giFSM4s=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"348834860a6115b974163d399c322f95"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
vwosutv4zt5X.Q4CQWB0iGptl8iExZ.U
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
intrafish.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/intrafish.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
be8a3b40424e192214a5d6d864149c74f42022873b2f1dbe68afe033007ee17a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 14:21:41 GMT
Content-Encoding
gzip
Age
18529
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2051
x-amz-id-2
vtymYlxSHjd9LuLT84cFcuwrpdpWEC8G9aZblqqWaouOjlPnX8V9F/3INlbmDtVrrwQc+LZ2IC4=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"cf908bd82e4ff18a5a0f063f47f56d7b"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
bGYkQSjU49lVeDTNbaq8kGZAlXOnCXIs
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
upstream.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/upstream.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
6528f66fbc3f067c34ac073bd23ffe857a609fab4e971a22cb1dd05ea824520f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 09:00:53 GMT
Content-Encoding
gzip
Age
37777
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2165
x-amz-id-2
B0UXbYUvOBbUMW7IZ8BIOtfw6MwGMm7VdB5Hj+ecKEVSseEqGASKnG7zQggTw02jOBSp2YjNHFg=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"5e65520c6580ec54b32db106bb134a93"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
0LYRTnFV0eTW008uvbxs5HYjaul8Dmzg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
europower.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/europower.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
80af002a68a964e758a4f1cc36fd3dbdfc31fd99dd014e81809bd94bee6b4721

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 14:21:41 GMT
Content-Encoding
gzip
Age
18529
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
1845
x-amz-id-2
bE6tyWWLuV2S0TruA44I06qSQsMYWSOTWC3zxkDPD64YMC2yXsdmfkw2YFNDdNzKZ+0ZIPnwTzo=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"d2e44ab88f5bc70625b26e122ce9b9b3"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
f0LPeOEHGpSOv_rS8xIpGSiNcLmkoSyl
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
tradewinds.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/tradewinds.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
11581237e15f205d3a03a9fb3e90f0f176a8eaa6ca486f0573bcd95593c11454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:16:53 GMT
Content-Encoding
gzip
Age
29617
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2628
x-amz-id-2
W/FTvleByX6btcByQq+SZigWiSeWQCbMQfQwHp08tLFSoOMtxZBce0Exsav1XIyfY9wE694cZmU=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"f36d39709e973cbc35f952756e5c1450"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
9oNRmjfCEOjSFaH5cGsjRLKaW5zoUG3f
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
nhst.svg
subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/img/footer/nhst.svg
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
d9af903f7f6e08ebb5a5636621f920adbd604f898f01ba17f89dcd95cf91cee7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 14:21:39 GMT
Content-Encoding
gzip
Age
18532
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
4356
x-amz-id-2
HruT6uKxz9gLN4T6xrYOonPliiAtY2/P6QnD2rpUnyxb6yUZfH660j4lbZLa0zCaso6ghYntp8A=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
W/"a5acbb56f5af349bbe0312cba616caf4"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
mzON9JzVVtu6LFUKz7KoUdJMMp7u7Ikb
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
image/svg+xml
status
www.upstreamonline.com/zephr/public/sso/v1/ 		26 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.upstreamonline.com/zephr/public/sso/v1/status
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-79.fra56.r.cloudfront.net
Software
/
Resource Hash
0f64e0a287167815f4fb23d43d6915992a89f0f203f90c98d6fa1206ea2b3d0b

Request headers

X-Trace-Id
782ac1a1-30bf-4b8a-a732-8c4672f806d6
Accept
application/json
Referer
https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
X-CSRF-TOKEN
83421594-d8f4-4bfb-8ce4-cbf4007721b0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:30:30 GMT
via
1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
26
x-amz-cf-id
s1KTkbZerW1gp4vj-ecvPDPDvP3iCrig9HO9LfafAA64nz_-VOnIHQ==
x-blaize-request
ffffffffbeff1c36
flamabook-webfont.woff
subscription-static1.dn.no/privacy-dashboard/static-re/fonts/flama/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/fonts/flama/flamabook-webfont.woff
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/css/output.54e1b2f5f6c9.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
61b9ae754d65608efdd9da25d636ebf196b9360e1981c855bf44ea3efadfcbf1

Request headers

Referer
https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/css/output.54e1b2f5f6c9.css
Origin
https://www.upstreamonline.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Grace-Status
Date
Thu, 24 Mar 2022 19:11:18 GMT
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
Age
1152
ETag
"aed619ca2748f84c520b9fd7ef4e77ec"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
x-amz-replication-status
COMPLETED
x-amz-version-id
CWed0CafpmfwJGBONKtEnYSagm6njqWo
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27320
x-amz-id-2
qHGwB2NIOlKQ7Te21WkRjti/+sC2JkRUL/9QJJ8L16PVD1ZUPQgEUMmkd7GlbDNG+YuAT+CJ+fE=
flamamedium-webfont.woff
subscription-static1.dn.no/privacy-dashboard/static-re/fonts/flama/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscription-static1.dn.no/privacy-dashboard/static-re/fonts/flama/flamamedium-webfont.woff
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/css/output.54e1b2f5f6c9.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:c0:ac:6:fe::145 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
3c5dfaf0a113faaf5c1c31fccd37598fb67906a7d316bf975150b4726a13e53f

Request headers

Referer
https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/css/output.54e1b2f5f6c9.css
Origin
https://www.upstreamonline.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 12:25:00 GMT
Age
25530
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
27420
x-amz-id-2
/q8HqK9/9lpj5mTwQ3ecXBuzqwMtQNp3zqiiXHwn1WDzGOS5FH8y2W6NVdAHjM8b/vl+126f2e0=
X-Grace-Status
1
Last-Modified
Thu, 02 Dec 2021 12:40:20 GMT
ETag
"bbf672b9def718e7455a4c9f55368079"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
.vkl0TK8unV3BlJ_j0hDk_VO_EbhiSie
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, s-maxage=1800, must-revalidate
Accept-Ranges
bytes
Content-Type
application/octet-stream
datalayer
www.upstreamonline.com/blaize/ 		137 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.upstreamonline.com/blaize/datalayer
Requested by
Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-79.fra56.r.cloudfront.net
Software
/
Resource Hash
7ade71812897ac67370e8c4a6cb2a65141a5b637d1aacbd2dce3ad554e1789f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:30:30 GMT
via
1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
137
x-amz-cf-id
-l3PFz8-IFJgJb-ZxYlcoKedrmkyRtjarcG10FpILyyPCjik9j7VXg==
x-blaize-request
ffffffffe70eb382
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 		360 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.upstreamonline.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 17:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Mar 2023 17:31:28 GMT
anchor
www.google.com/recaptcha/api2/ Frame EB46 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d8c9c6b61ee22bc636da871cf01d759876ad0dd339f6715024ec67d18d35cf2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sla3AdcRyJGja76SWc+Xtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 24 Mar 2022 19:30:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-Sla3AdcRyJGja76SWc+Xtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22142
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame EB46 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 17:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Mar 2023 17:31:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame EB46 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 17:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Mar 2023 17:31:28 GMT
INFO
www.upstreamonline.com/oneid/auth/logging/ 		16 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.upstreamonline.com/oneid/auth/logging/INFO
Requested by
Host: subscription-static1.dn.no
URL: https://subscription-static1.dn.no/privacy-dashboard/static-re/CACHE/js/output.41fdf81593e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-79.fra56.r.cloudfront.net
Software
/
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Trace-Id
782ac1a1-30bf-4b8a-a732-8c4672f806d6
Accept
application/json
Referer
https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO
X-CSRF-TOKEN
83421594-d8f4-4bfb-8ce4-cbf4007721b0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

x-zephr-cache
miss
date
Thu, 24 Mar 2022 19:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-length
36
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
content-type
application/json
via
1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform
x-amz-cf-id
Qq2wUVw9DvtRv0KPpEvUA3aS6NG5xavqaDTrG3mbxob-t4Jy0O0V_A==
expires
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EB46 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 03:05:30 GMT
x-content-type-options
nosniff
age
145500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 30 Mar 2022 03:05:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB46 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options
nosniff
age
202345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB46 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
age
174642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame EB46 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvByIdAAAAADFB3GSnqkSIqxv5q74GMHuvJj_3&co=aHR0cHM6Ly93d3cudXBzdHJlYW1vbmxpbmUuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=d7yss7wfbj19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 24 Mar 2022 19:30:30 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored string| __csrf_cookie_name__ string| __csrf_header_name__ object| __app__ function| setImmediate function| clearImmediate function| _ function| anime object| regeneratorRuntime object| authServices object| Zephr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_182261 object| zephrDataLayer

12 Cookies

Domain/Path Name / Value
.www.nhstglobal.com/ Name: __cfruid
Value: fea26dd783e3e8273adecf918e599fd4fc1dcc49-1648150227
nhst.auth.zephr.com/ Name: AWSALB
Value: O9VOIUQ5zR8+/oOj9qtNn/ixa9XgKWp+UL+gBI/JVkwyWowtmweBPRqjhRM96fWopAeGp8WOljEmLgZkGKgUhdCGjQQZBXhMYDfW9+FuqU1fmEZ+vDWdYV4GUlne
nhst.auth.zephr.com/ Name: AWSALBCORS
Value: O9VOIUQ5zR8+/oOj9qtNn/ixa9XgKWp+UL+gBI/JVkwyWowtmweBPRqjhRM96fWopAeGp8WOljEmLgZkGKgUhdCGjQQZBXhMYDfW9+FuqU1fmEZ+vDWdYV4GUlne
nhst.auth.zephr.com/ Name: zephr_sso
Value: 9hmc83
www.upstreamonline.com/ Name: privacycsrftoken
Value: V2FHomKw2cyK4VXB20x33OmTtChLjXtYzbT6CUgCWFijJTRfkWA1VYCOZVCnH1VI
www.upstreamonline.com/ Name: pivacysessionid
Value: cum7ba0gpppsorqsqlkm4znkofxldxk9
www.upstreamonline.com/ Name: 547ee07ec9134df2e3a42dfa5a2aa7c5
Value: cf10f51913f410f12e3b9cd5d670bb72
www.upstreamonline.com/ Name: blaize_session
Value: f555f34a-93bc-4efd-85dd-4489bfc32bf7
www.upstreamonline.com/ Name: blaize_tracking_id
Value: 99bd41d4-2ba7-4002-acd6-3b9bf052344a
www.upstreamonline.com/ Name: CSRF-TOKEN
Value: 83421594-d8f4-4bfb-8ce4-cbf4007721b0
www.upstreamonline.com/ Name: AWSALB
Value: R8ijy2Ql0s4+YuY5kuV3p5mNZ05dmwLVgTqXO5CU6l1ryWS6dVPh0nl7hR8iLtJeSGV8DWe1KTMTPvZK4a9KMdIRJ9xOJyIFPg9+47OUvSIeYuFGoM/yz7iV0cyU
www.upstreamonline.com/ Name: AWSALBCORS
Value: R8ijy2Ql0s4+YuY5kuV3p5mNZ05dmwLVgTqXO5CU6l1ryWS6dVPh0nl7hR8iLtJeSGV8DWe1KTMTPvZK4a9KMdIRJ9xOJyIFPg9+47OUvSIeYuFGoM/yz7iV0cyU

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.upstreamonline.com/privacy/my-settings?utm_campaign=UPS_Single_Churn&utm_medium=email&_hsmi=207788795&_hsenc=p2ANqtz--pz0aAZAul5POru89AHzLQ75KkHRwwICndB6U1OgTTum4Dj_N-782_CsX_6XMLToPGS1-W4Yp78a6aXMfeJIic7TZsJQ&utm_content=207710400&utm_source=hs_email&zephr_sso_ott=1DsNQO(Line 39)
Message:
The key "" is not recognized and ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
nhst.auth.zephr.com
subscription-static1.dn.no
www.google.com
www.gstatic.com
www.nhstglobal.com
www.upstreamonline.com
2606:2c40::c73c:671e
2a00:1450:4001:800::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a02:c0:ac:6:fe::145
65.9.66.122
65.9.66.79
01214827b2e5b30f9486dfcebcd6c299699b90cb953184c69bb2fb9e3b3a3538
0f64e0a287167815f4fb23d43d6915992a89f0f203f90c98d6fa1206ea2b3d0b
11581237e15f205d3a03a9fb3e90f0f176a8eaa6ca486f0573bcd95593c11454
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
28efec707cdc58e15511c8ebc0f75825adab60cbb31ea6f1673a46478a736feb
35a7f55541ae197ec5d1f6cc106a39fad13b6ae3ddf07a8c849bff323ad1c0d1
3c5dfaf0a113faaf5c1c31fccd37598fb67906a7d316bf975150b4726a13e53f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41fdf81593e4c9c57ff02cbb220e258b016aed0122c59f72c9b045c6c42934b9
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
54e1b2f5f6c9c34044c871d2cb6ca73dbd09d1232643f47d4963dbe1847f644a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d8c9c6b61ee22bc636da871cf01d759876ad0dd339f6715024ec67d18d35cf2
61b9ae754d65608efdd9da25d636ebf196b9360e1981c855bf44ea3efadfcbf1
6528f66fbc3f067c34ac073bd23ffe857a609fab4e971a22cb1dd05ea824520f
69b5c37f4c634a0f55f00957855e1e83f802389f71428f96a4612fe01e222914
7ade71812897ac67370e8c4a6cb2a65141a5b637d1aacbd2dce3ad554e1789f0
80af002a68a964e758a4f1cc36fd3dbdfc31fd99dd014e81809bd94bee6b4721
99f4d93d4e9579019955a39948ce0118a37c6ab4d17cab5af5879903b58f7188
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
be8a3b40424e192214a5d6d864149c74f42022873b2f1dbe68afe033007ee17a
c59c4307c5cf38ec0994ec1c92e717b5173ac4d9aaa999d159e2338a5957480e
c9d6a2a58b9c7f4ee284526ef182398d1686c5de84286fd58ae111b172d4d456
d9af903f7f6e08ebb5a5636621f920adbd604f898f01ba17f89dcd95cf91cee7
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce