shifter.no Open in urlscan Pro
2606:4700:3032::ac43:9e16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://shifter.cmail20.com/t/t-l-ciydlz-ykatthrs-i/
Effective URL:
https://shifter.no/abonnement
Submission: On October 14 via manual (October 14th 2021, 1:53:22 pm UTC) from ES — Scanned from DE

Summary HTTP 126 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 20 domains to perform 126 HTTP transactions. The main IP is 2606:4700:3032::ac43:9e16, located in United States and belongs to CLOUDFLARENET, US. The main domain is shifter.no.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.

This is the only time shifter.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.196.121.95 18.196.121.95	16509 (AMAZON-02) (AMAZON-02)
1 30	2606:4700:303... 2606:4700:3032::ac43:9e16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	85.202.161.10 85.202.161.10	7489 (HOSTUS-GL...) (HOSTUS-GLOBAL-AS HostUS)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
14	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a02:26f0:170... 2a02:26f0:1700:498::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
1	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
1	178.63.12.147 178.63.12.147	24940 (HETZNER-AS) (HETZNER-AS)
2	116.202.80.167 116.202.80.167	24940 (HETZNER-AS) (HETZNER-AS)
5	52.34.133.113 52.34.133.113	16509 (AMAZON-02) (AMAZON-02)
126	27

1 18.196.121.95 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-121-95.eu-central-1.compute.amazonaws.com

shifter.cmail20.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:3032::ac43:9e16 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shifter.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.shifter.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shifter.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.adnuntius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.202.161.10 (Rovigo, Italy)

ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK)
PTR: 85.202.161.10.adnuntius.com

delivery.adnuntius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

policy.app.cookieinformation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1700:498::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.80.167 (Osterhofen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.167.80.202.116.clients.your-server.de

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.34.133.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	shifter.no 1 redirects shifter.no image.shifter.no www.shifter.no	2 MB
19	sumo.com load.sumo.com sumo.com	452 KB
12	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com api-v3.tinypass.com	503 KB
10	gstatic.com fonts.gstatic.com	290 KB
8	cxense.com cdn.cxense.com api.cxense.com p1cluster.cxense.com comcluster.cxense.com id.cxense.com	71 KB
8	google-analytics.com www.google-analytics.com	59 KB
7	googleapis.com fonts.googleapis.com	6 KB
6	piano.io c2.piano.io api-esp.piano.io	21 KB
4	facebook.com www.facebook.com	616 B
4	cookieinformation.com policy.app.cookieinformation.com	24 KB
4	facebook.net connect.facebook.net	248 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
2	google.de www.google.de	629 B
2	google.com www.google.com	629 B
2	doubleclick.net stats.g.doubleclick.net	529 B
2	googletagmanager.com www.googletagmanager.com	117 KB
2	adnuntius.com cdn.adnuntius.com delivery.adnuntius.com	29 KB
1	hotjar.io vc.hotjar.io	257 B
1	jquery.com code.jquery.com	29 KB
1	cmail20.com 1 redirects shifter.cmail20.com	215 B
126	20

	Domain	Requested by
18	shifter.no	shifter.no buy.tinypass.com
14	load.sumo.com	shifter.no load.sumo.com
11	image.shifter.no	buy.tinypass.com
10	fonts.gstatic.com	fonts.googleapis.com
9	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com shifter.no
7	fonts.googleapis.com	shifter.no client buy.tinypass.com
5	sumo.com	load.sumo.com
5	api-esp.piano.io	cdn.tinypass.com code.jquery.com
4	www.facebook.com	shifter.no
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	policy.app.cookieinformation.com	www.googletagmanager.com policy.app.cookieinformation.com
4	connect.facebook.net	shifter.no connect.facebook.net
2	www.google.de	shifter.no
2	www.google.com	shifter.no
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	shifter.no www.googletagmanager.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	www.shifter.no	1 redirects
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	api.cxense.com	cdn.cxense.com
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	code.jquery.com	api-esp.piano.io
1	script.hotjar.com	static.hotjar.com
1	c2.piano.io	cdn.tinypass.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	delivery.adnuntius.com	cdn.adnuntius.com
1	experience.tinypass.com	shifter.no
1	cdn.adnuntius.com	shifter.no
1	shifter.cmail20.com	1 redirects
126	34

This site contains links to these domains. Also see Links.

Domain
tools.google.com
www.youronlinechoices.com
support.microsoft.com
support.mozilla.org
support.google.com
www.opera.com
support.apple.com
www.macromedia.com
timeread.hubpages.com
cookieinformation.com
shows.acast.com
www.shifteracademy.no
cm.shifter.no
labradorcms.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
1548354739.rsc.cdn77.org R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
ads.adnuntius.delivery R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-24` - `2021-10-22`	3 months	crt.sh
sni9bc9gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-26`	a year	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-04` - `2022-05-04`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://shifter.no/abonnement
Frame ID: B5BC7AABDA9AA04962285D0E1A082DD1
Requests: 89 HTTP requests in this frame

Frame: https://policy.app.cookieinformation.com/cookiesharingiframe.html
Frame ID: 28636B707F46434740192A9E0E21E663
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Frame ID: 62D2161BA676F8AB98D5659F54C5907B
Requests: 27 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acff0d328b74363875a0a6075e6c8439.html
Frame ID: 5FF9F9D5541E5607BF4ACC8B269CE060
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 1AFCC4670119DF0C0C975856D305962D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Abonnement

Page URL History Show full URLs

https://shifter.cmail20.com/t/t-l-ciydlz-ykatthrs-i/ HTTP 302
https://shifter.no/abonnement Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

100 %
HTTPS

61 %
IPv6

20
Domains

34
Subdomains

27
IPs

5
Countries

3623 kB
Transfer

9340 kB
Size

28
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://tools.google.com/dlpage/gaoptout
Title: her

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com/uk/your-ad-choices
Title: her

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies#ie=ie-11
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
Title: Mozilla Firefox

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95647?hl=en
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.opera.com/help/tutorials/security/cookies
Title: Opera

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT201265
Title: Safari

Search URL Search Domain Scan URL

URL: https://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
Title: Flash cookies

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT1677
Title: Apple

Search URL Search Domain Scan URL

URL: https://timeread.hubpages.com/hub/How-to-delete-internet-cookies-on-your-Droid-or-any-Android-device
Title: Android

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/11696/windows-phone-7
Title: Windows 7

Search URL Search Domain Scan URL

URL: https://cookieinformation.com/
Title: Cookie Information

Search URL Search Domain Scan URL

URL: https://shows.acast.com/5b1a5a6364d9356d1af279f5
Title: Podcast

Search URL Search Domain Scan URL

URL: https://www.shifteracademy.no/
Title: Shifter Academy

Search URL Search Domain Scan URL

URL: https://cm.shifter.no/stilling
Title: Stilling

Search URL Search Domain Scan URL

URL: https://labradorcms.com/
Title: Powered by Labrador CMS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://shifter.cmail20.com/t/t-l-ciydlz-ykatthrs-i/ HTTP 302
https://shifter.no/abonnement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://www.shifter.no/files/2021/09/23/Gustav-Gorecki.png HTTP 302
https://shifter.no/files/2021/09/23/Gustav-Gorecki.png

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request abonnement Show response
shifter.no/
Redirect Chain

https://shifter.cmail20.com/t/t-l-ciydlz-ykatthrs-i/
https://shifter.no/abonnement

61 KB
9 KB

107ms
89ms

Document
text/html

2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ebecb05aa46ebb81d5bd6ae8ccc5e14965480ef2e1c4300665c02ada74a487b

Request headers

:method: GET
:authority: shifter.no
:scheme: https
:path: /abonnement
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-type: text/html; charset=UTF-8
x-labrador-cache-channel: page-front-171308
x-php-host: php04
x-ua-viewport: desktop
x-varnish-backend: php04_80
vary: X-Ua-Viewport, X-Ua-Device, Accept-Encoding
x-varnish: 301013 1934695
age: 1115
x-varnish-host: varnish01
x-cache: HIT
x-nginx-host: nginx02
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCsgaQhEvNuQXuRBs9%2FrpDPxTDoEBzTtqiWKYOSfFXqjJWEGuAjZx%2BZnO6DRRPgL2MTt%2FLsHgx1e8RJvBZMqMc2M3xzsNM548rDpQD8PPvRIF7177zKihN4iOD88T3Jiye0QqfUU9L%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e14b001b456957-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 14 Oct 2021 13:53:16 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Server: _waflopenresty/1.11.2.2
Location: https://shifter.no/abonnement

GET
H2 200 css
fonts.googleapis.com/ 6 KB
729 B 43ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,700,900

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9b629e54814f41459ffec14a1b874e947f69ea8b9d2799ab2e86bc10c5fc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 12:27:32 GMT
server: ESF
date: Thu, 14 Oct 2021 13:53:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 13:53:16 GMT

GET
H2 200 grid.css
shifter.no/view-resources/view/css/ 22 KB
5 KB 17ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/view/css/grid.css?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83abd685026e68720b4fdc69d504ec2e2fd14b8fdbc389b5d13ac1f16b22e0ee

Request headers

:path: /view-resources/view/css/grid.css?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6429
x-cache: HIT
content-type: text/css;charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish03
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce7eJQJNcIYvm6s%2FzbA2cNdFEULkG65oc%2FVtdh%2BCNM95XMFleCO9Grl7MWuMbdBwA%2FsXtiM6CdbwTzB9c7FoH%2Bvv35nFw9oC3%2BcYYo58MoMfmWzcxgeeSNjUY2Bo5FXPxLBhVVlaEVE6"}],"group":"cf-nel","max_age":604800}
x-varnish: 22298 3998520
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: mobile
x-nginx-host: nginx06
cf-ray: 69e14b00cd166957-FRA

GET
H2 200 main.css
shifter.no/view-resources/view/css/ 287 KB
52 KB 25ms
23ms Stylesheet
text/css 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/view/css/main.css?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce38c14b17e7439230d2501d88adef2df2b5a71f48ba7f5373fca978b854204

Request headers

:path: /view-resources/view/css/main.css?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6429
x-cache: HIT
content-type: text/css;charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php06
x-varnish-host: varnish01
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckxlVVocIaY9lH8r4%2F2d23l3UkzRspEuKLU12%2FyH343%2FfNo8DTHCIYcGIwKICeg%2F%2Fj1Db88Jgn4sHNbjdxmI4TIw5q9Y1mzxWzHLMEdAL%2B5%2F%2FCax3ka0kIEXL9pkQuI4JY%2B2diPqpOH9"}],"group":"cf-nel","max_age":604800}
x-varnish: 4031585 3971251
x-varnish-backend: php06_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx02
cf-ray: 69e14b00cd186957-FRA

GET
H2 200 colors.css
shifter.no/view-resources/view/css/ 16 KB
4 KB 22ms
20ms Stylesheet
text/css 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/view/css/colors.css?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77c821f3be49378ad37d2c2fbd0126fa3ad456e02b851d383c4c519e415ca968

Request headers

:path: /view-resources/view/css/colors.css?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6429
x-cache: HIT
content-type: text/css;charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php05
x-varnish-host: varnish02
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov9QFmoDm37oURwg5TkNBXjLp7c96qtz5dJ9jqv%2BGSYCbkIKbMiOpB2upCZqLTIUeyx%2BDDLGsJ%2B9BLds4ys9Ac7ibuJgG7a%2F8itBlPPaAuME%2ByJEu5Wlnx6oscvHpNWghQYoL6MyHHiS"}],"group":"cf-nel","max_age":604800}
x-varnish: 1512279 1507547
x-varnish-backend: php05_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx01
cf-ray: 69e14b00cd196957-FRA

GET
H2 200 foundation-icons.css
shifter.no/view-resources/view/css/foundation-icons/ 52 KB
11 KB 18ms
17ms Stylesheet
text/css 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/view/css/foundation-icons/foundation-icons.css?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 534c15729a7f9203c36f7416ae2c697de60a04dd55ef2374f8e17832c15ff440

Request headers

:path: /view-resources/view/css/foundation-icons/foundation-icons.css?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6429
x-cache: HIT
content-type: text/css;charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish03
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4xlIgReIy5evmDWYYvJSRKJZEgZjW0RRFP3pf80Jul39eE42O2JKTZIWxKNFc4zQhdhcthbHKIS66leCQV%2BolOElAkNkI0JHkIBKKeIM7B2YmqXifZz%2FGbLOR6hV4Q4SCxAImwAgxsG"}],"group":"cf-nel","max_age":604800}
x-varnish: 1774277 98380
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx01
cf-ray: 69e14b00cd1b6957-FRA

GET
H2 200 shifter.css
shifter.no/view-resources/view/css/site/ 10 KB
4 KB 17ms
16ms Stylesheet
text/css 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/view/css/site/shifter.css?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c372981fd4e58e3777a3c11b0bea572c69456737c05d680ec6a74899f2caa4

Request headers

:path: /view-resources/view/css/site/shifter.css?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6429
x-cache: HIT
content-type: text/css;charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php06
x-varnish-host: varnish02
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hD7QawIxD0wdfDDc5q5Yx05B2C3s%2B252otMWFK2KoTol5sWdKmpDAPjWOn%2BwLMo3Ljq3ud5v8qfHHYJEEyRCj0p2xCXzZya%2BOGwtUqRKEP6JgAcMlzyOeqdLuB7EliZk4hbgnp3B7GG"}],"group":"cf-nel","max_age":604800}
x-varnish: 1512281 1507550
x-varnish-backend: php06_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx01
cf-ray: 69e14b00cd1c6957-FRA

GET
H2 200 adn.js Show response
cdn.adnuntius.com/ 90 KB
25 KB 35ms
13ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnuntius.com/adn.js
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecb98d8fd22210abd485f989b5436d45573d23b3bea082b3e5b49c45ffc6b63f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: AcO1rgWPFQHvCAAAAA==
x-accel-expires: @1634220188
date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
etag: W/"6152ab7e-167b2"
last-modified: Tue, 28 Sep 2021 05:43:26 GMT
server: CDN77-Turbo
x-77-nzt-ray: d59LKvBNRTQ=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 8
x-77-pop: frankfurtDE

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d231efc95adebdcab58d442aaeeedd80fa1c4d68f5092488f8523c4c71dcb58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 13:52:21 GMT
server: ESF
date: Thu, 14 Oct 2021 13:53:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 13:53:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,300i,400,400i,700,700i,900,900i

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

878177e3b0c4e075a653ecf58a2d6e31555457ba6e43372c531771da1d4f6e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 12:58:27 GMT
server: ESF
date: Thu, 14 Oct 2021 13:53:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 13:53:16 GMT

GET
H2 200 logo.svg
shifter.no/view-resources/dachser2/public/shifter/ 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shifter.no/view-resources/dachser2/public/shifter/logo.svg
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97a64fa2183657f3039705f64632f911775f55e22bd22134510d8aa54537618

Request headers

:path: /view-resources/dachser2/public/shifter/logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67926
x-cache: HIT
x-varnish-host: varnish02
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php05
last-modified: Mon, 11 Oct 2021 07:36:49 GMT
server: cloudflare
etag: W/"6163e991-8a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7RX193GZ7PPdzEBAuCWG1jy%2BykJXSpqW95m4TWt0JOrOozcNafta3ekzBQTnb4NKqelfojnU0%2F%2BGLvowCltnqnBA0LO%2BVx7BAoSg%2BnFtGx5PwrKbYDhI2a%2Fi5pTRWWKwUO5%2FdOX1Q7s"}],"group":"cf-nel","max_age":604800}
x-varnish: 2425473 1736897
content-type: image/svg+xml
x-varnish-backend: php05_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx06
cf-ray: 69e14b011e266957-FRA

GET
H2 200 email-decode.min.js Show response
shifter.no/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shifter.no/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 10:51:03 GMT
server: cloudflare
etag: W/"615c2e17-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ0h2C796kDvwmK05Bavshc11gN4t1BgTaYkdo1mTEcifql7wc5TpGoB%2BQMGC%2Bn0kjPA9H392aGRv7GYSfUjUakXaomO6CLSkFWv%2BGTVyP4I4fgTmJk8iIDcwjx5MJrM%2F2Cu6tTZ1XyO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e14b010dfc6957-FRA
vary: Accept-Encoding
expires: Sat, 16 Oct 2021 13:53:16 GMT

GET
H2 200 ElementAttributeToggler.js Show response
shifter.no/view-resources/public/common/ 5 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/ElementAttributeToggler.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f4cb7af5b02d86ae74087ea91b70043dbb588d8584e21a06a00ae242278b537

Request headers

:path: /view-resources/public/common/ElementAttributeToggler.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish02
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06ywwp4VP9zkfgdg4ZJ7z4uavnZ4%2BlJNtlPiENcd6pZM6jpWnBvmj%2FhxRgEKOhi3H5MUGZbxh%2FVsE186Ld2gjGEYRoI%2FRZg0j22Zvbh2HoPoGn2ry9EdGUhyPcpYO%2BIvaMgRM3HqGI61"}],"group":"cf-nel","max_age":604800}
x-varnish: 1512210 516
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: mobile
x-nginx-host: nginx04
cf-ray: 69e14b010e006957-FRA

GET
H2 200 imageExpand.js Show response
shifter.no/view-resources/public/common/ 366 B
518 B 20ms
18ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/imageExpand.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8979cd13301f840f4eef08c0b5cb9828d25aae81590da5873fcded88f6ebb307

Request headers

:path: /view-resources/public/common/imageExpand.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish01
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8lA7DgJhyrxSf%2BmKGAUARdxhx%2FuvcIZOckrC%2F5nE7HOCEnVaEZlhZ5tou6w5xcsayIlZIzahpSm3E7N95%2FUzWjWA7O6GiJDIauiDRQIQnQBSgxa9m3OeSdLw21i%2FsPoPTE5gD%2FVZC0m"}],"group":"cf-nel","max_age":604800}
x-varnish: 169284 1441801
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx01
cf-ray: 69e14b011e166957-FRA

GET
H2 200 AutoScroller.js Show response
shifter.no/view-resources/public/common/ 6 KB
2 KB 21ms
19ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/AutoScroller.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 212588cd3ce0b98d887fe0e87d041b9c92172cdce9acd617a742255ed07ac721

Request headers

:path: /view-resources/public/common/AutoScroller.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish03
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drgabrqb5Fup99OHdpnjV3nztxjq13aMATrLYVMvicfjq%2BU%2FBsxOjt8CH%2F%2F%2FtcfI%2Fenlvjv9RqYP2wlzxHI9lh7aPuLkSNYPXNvAJP3dFdMRkwADlDsNkCUwg2ZBi%2BeWz9bCFdmlTmgN"}],"group":"cf-nel","max_age":604800}
x-varnish: 1610484 164093
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx01
cf-ray: 69e14b011e176957-FRA

GET
H2 200 SwipeHelper.js Show response
shifter.no/view-resources/public/common/ 8 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/SwipeHelper.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f7412b3ee67d6a6c2e109bde46fd1ed637f503e19d942e15e9bcc6a1ad3955f

Request headers

:path: /view-resources/public/common/SwipeHelper.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php05
x-varnish-host: varnish03
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVgvtsG5oUsNtsU%2BsFiWIP4c3ToicXBsJszKfED1aV5RAb2aIhrD3qGlaG4K%2BcpVOrDduGgclr1XbQHUxjVAyAGAF0nndfBn0P0RgwUBGqg70NnHrT5b2fCTQ4TMYlIvHBKJzJa17jGU"}],"group":"cf-nel","max_age":604800}
x-varnish: 1251168 1015981
x-varnish-backend: php05_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx04
cf-ray: 69e14b011e1c6957-FRA

GET
H2 200 Parallax.js Show response
shifter.no/view-resources/public/common/ 10 KB
3 KB 25ms
23ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/Parallax.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1fdf2fb3dac6eb9c2cadb0cf04dd6f19749c13bd33a3090f44964be810a3362

Request headers

:path: /view-resources/public/common/Parallax.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php06
x-varnish-host: varnish01
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV65AIdZmGXE7rHNI3dLHtg0LqN7AROIPNOtVbogClZTjPwLl5%2BCNWzzqLPmzlP73uQsrVjzEyHra8xkQmrgN7onu2jqSMCom%2BCPWk9RznEwBdiKNgaOASW5RsdE1HrYz1mGeXuN6NYC"}],"group":"cf-nel","max_age":604800}
x-varnish: 4031580 3997699
x-varnish-backend: php06_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx02
cf-ray: 69e14b011e1e6957-FRA

GET
H2 200 labclient_es6.js Show response
shifter.no/view-resources/public/common/LabClient/ 117 KB
24 KB 18ms
17ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/LabClient/labclient_es6.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 271f727b06bf6c9e88f8f860951f46a0a3841fa47b8fa4a148e711cb2dff312b

Request headers

:path: /view-resources/public/common/LabClient/labclient_es6.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish02
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1Ex7OAbym9c%2BH3sOAb1P6OhxpOd4N7kFxzKsnVhkfscBayJWMujpBm5ps%2B%2BCY8xn76mysdc3eXUDuRT5WvknDjC4pVlMucUTabMzlRdyuz8pzx4IMC7rbRLFFmsiMErLL9tuV4kgUdk"}],"group":"cf-nel","max_age":604800}
x-varnish: 3899458 458998
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: mobile
x-nginx-host: nginx02
cf-ray: 69e14b011e206957-FRA

GET
H2 200 LabClientSetup.js Show response
shifter.no/view-resources/public/common/ 26 KB
6 KB 20ms
19ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/LabClientSetup.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af72c577139950b526571405e9ddf5352a3ff906cc9da04dad7f00a142582fc6

Request headers

:path: /view-resources/public/common/LabClientSetup.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish02
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT7jbXscRT1yIHsn0pt%2F578Q4eRY6hd1TkrU7BChan2gxWUeub6PoTa0aouuANoBuyMyOedexkSRCp3TzlTHSbgLJM%2FCBagzLC7kh7xzRb5Vbtmv64vEwS%2Fk80DO%2FUqcvsHdTthTJSel"}],"group":"cf-nel","max_age":604800}
x-varnish: 3550882 3934595
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: mobile
x-nginx-host: nginx06
cf-ray: 69e14b011e236957-FRA

GET
H2 200 mustache.min.js Show response
shifter.no/view-resources/public/common/Mustache/ 11 KB
4 KB 23ms
22ms Script
application/javascript 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/public/common/Mustache/mustache.min.js?v=1634039637
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7fbec11e015212cc52a88c6bdda82d3a7b7794caddb9c7e3573dd9d666875f7

Request headers

:path: /view-resources/public/common/Mustache/mustache.min.js?v=1634039637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shifter.no
referer: https://shifter.no/abonnement
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/abonnement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6695
x-cache: HIT
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-php-host: php04
x-varnish-host: varnish01
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFjarzj96GUWKgzr0AB7FiqgxKlnBMSzLvyppxgJbituU%2Bf4MWvqaa86c9%2Fd9jHXy5n7hc7CXCL%2BhGMqgJijnmGSDb7l%2BKg0yYO5ZjMpO0rdQjDdtqRkehs%2BYnsr4cjRC4p7TDc8caJP"}],"group":"cf-nel","max_age":604800}
x-varnish: 4031587 3421143
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: mobile
x-nginx-host: nginx02
cf-ray: 69e14b011e246957-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
69 KB 203ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KB37DPP

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6621bab778792253c12dbbb989f2346bb40b0cd4c37aacfaf45b6ab951209a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69774
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 210ms
33ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=JdO6hmAapu

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edbed02ee74ef41489c4d3deaae889d17d570a3898f691fb000741c009113e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 903
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cp7zy0rAQup
wn: prod-exp-10-0-116-179
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 69e14b022ed94e56-FRA
expires: Thu, 14 Oct 2021 14:23:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 185ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shifter.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 14:59:32 GMT
x-content-type-options: nosniff
age: 341625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 14:59:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 180ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shifter.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 246340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 17:27:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 181ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shifter.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 76897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:40 GMT

GET
H2 200 foundation-icons.woff
shifter.no/view-resources/view/css/foundation-icons/ 31 KB
32 KB 17ms
17ms Font
font/woff 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shifter.no/view-resources/view/css/foundation-icons/foundation-icons.woff
Requested by: Host: shifter.no
URL: https://shifter.no/view-resources/view/css/foundation-icons/foundation-icons.css?v=1634039637
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Request headers

:path: /view-resources/view/css/foundation-icons/foundation-icons.woff
pragma: no-cache
origin: https://shifter.no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: shifter.no
referer: https://shifter.no/view-resources/view/css/foundation-icons/foundation-icons.css?v=1634039637
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shifter.no/view-resources/view/css/foundation-icons/foundation-icons.css?v=1634039637
Origin: https://shifter.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79002
x-cache: HIT
x-varnish-host: varnish03
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32020
x-php-host: php04
content-type: font/woff
server: cloudflare
etag: 66791964317893be8fd9acc3f6dc3b09
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ6khOW0puvjzWSJeXIrsFVqZzqqhMarhch5bAhBT%2FNO4iVb4gHZg%2FLVTmul9WJfix7kDUihykoQECnrBxZb1A7CcWJO25Tj%2F%2FUOujckoV6QdbCXzhvM%2FYbbx4YB3tMtXLSxUCUpyqBF"}],"group":"cf-nel","max_age":604800}
x-varnish: 2163586 1146883
x-varnish-backend: php04_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: mobile
x-nginx-host: nginx03
accept-ranges: bytes
cf-ray: 69e14b012e586957-FRA

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 173ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shifter.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:37:36 GMT
x-content-type-options: nosniff
age: 76541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:37:36 GMT

POST
H2 200 i Show response
delivery.adnuntius.com/ 26 KB
3 KB 40ms
13ms XHR
application/json 85.202.161.10
HOSTUS-GLOBAL-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adnuntius.com/i?tzo=0&tt=multi
Requested by: Host: cdn.adnuntius.com
URL: https://cdn.adnuntius.com/adn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.202.161.10 Rovigo, Italy, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK),
Reverse DNS: 85.202.161.10.adnuntius.com
Software: /
Resource Hash: cb6362518d24c594dc6c82bbadb3872f8610240e37f85e9ac15e43cb938422fb

Request headers

Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
content-type: application/json;charset=utf-8
access-control-allow-origin: https://shifter.no
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-adn-backend-server-id: d38f2abc
x-adn-diagnostic-request-id: a1699ddc8d045b41fdc628afe44bc62e
content-length: 2997
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 412 KB
136 KB 28ms
28ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=JdO6hmAapu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a2b818617447dfa6f85d6437bb7736d48b5acb114a1f01b1afa8a4a201e770

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-130-153
last-modified: Wed, 13 Oct 2021 16:05:42 GMT
server: cloudflare
etag: W/"421868-1634141142000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=3600
cf-ray: 69e14b026f3d4e56-FRA
expires: Thu, 14 Oct 2021 14:53:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5S5BZLQD3D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB37DPP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77012ea0a1ec201e82438c62da06fdcbb21b663d9af77d79398f7f9bf6ec6c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49494
x-xss-protection: 0
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB37DPP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 6731
date: Thu, 14 Oct 2021 12:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 14:01:06 GMT

GET
H2 200 hotjar-1786009.js Show response
static.hotjar.com/c/ 4 KB
2 KB 56ms
37ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1786009.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB37DPP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

23c05d8c57231a6c2fa01d062568a7464b9b43debcef8334c1791963663f30e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/b56c654d7f04533db644876e3537d21e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1903
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id: axG5OJeN2KKwpNUzCnx95jhvUoBfH1fvCkmjTf0MPohLx8JMkKWPsg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25966
x-xss-protection: 0
pragma: public
x-fb-debug: 9qC1YMke1b7Txi6MPf4sEf+z5UtJ3+0j+j3C5bxsqLvggUF2Vk5fa7egRC5s9G85LVEEXEGNso+7ew0bBiLCuA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 14 Oct 2021 13:53:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/nb_NO/ 3 KB
2 KB 29ms
13ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/nb_NO/sdk.js

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b54eacfc91cfd49036a83a460f2c4a19ac2e5e8c7a2ecb9ffada0b6752f708b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: V9icHIXgMsN+tksa82HEvg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 2guJJ5aNdvWXRAkj5tQyzPttvGoAR2w2zz04kYwY7yaHkmNrffxy8iUSxx3tlNm8rdi+c17FIzX/VpuhOWpfAQ==
x-fb-trip-id: 917726464
x-fb-content-md5: acd98f67c2096d0848b33052acf74f5e
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Oct 2021 13:53:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ddf2b5ea0e7d59d6958564687a8dee68"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 14 Oct 2021 14:01:33 GMT

GET
H2 200 uc.js Show response
policy.app.cookieinformation.com/ 32 KB
11 KB 31ms
9ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/uc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KB37DPP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E98) /
Resource Hash: 0017366fbe6fa7cc76e87762db497ea0364b8604299837633e622a22a6a4b59f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
content-md5: Fb0O93f006BHsJKumeVnHQ==
age: 274
x-cache: HIT
content-length: 10603
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 10:06:06 GMT
server: ECAcc (frc/8E98)
etag: 0x8D98267963321A6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 83118c78-201e-0005-5902-c1ea96000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=300
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
expires: Thu, 14 Oct 2021 13:58:17 GMT

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 418ms
17ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: shifter.no
URL: https://shifter.no/abonnement
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: F3WYFBQ44Q2G0CFD
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-08-10 08:54:27
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Kzgb2dwdVDwyLCTvHsZXncN4YdFhrPX778n3LamJ4MTck7tfGc58WNZzyg1g3dO3XdsQwE6N+/s=
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:45:12 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 0e500a469a39d108f7a823775d6d6089
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 22 KB
6 KB 25ms
8ms Script
application/x-javascript 2a02:26f0:1700:498::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:498::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 13:53:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 14:49:19 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5864
Expires: Thu, 14 Oct 2021 14:53:17 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 24 KB
6 KB 141ms
123ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=JdO6hmAapu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd50401b34657c60632f1873874fab0fde1777d7504ac77650ba809d5034b08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: n6mejfsgn3
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://shifter.no
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 69e14b0318724dbe-FRA

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 49ms
32ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 82990
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 08 Oct 2021 13:01:51 GMT
server: cloudflare
etag: W/"1bbec-17c5ffede18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 69e14b032c485b74-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 14 Oct 2022 13:53:17 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
280 B 24ms
22ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=JdO6hmAapu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a9249b5a3023f54f6413f9c82145a78b10819a4f2345caab7e43983376ed2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 297
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Ckozy0rHcn5
pragma
wn: prod-dash-10-0-119-139
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.005
cache-control: public, max-age=1200
cf-ray: 69e14b0308694e56-FRA
expires: Thu, 14 Oct 2021 14:13:17 GMT

GET
H2 200 440794966121809 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/440794966121809?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c283c492e9da3944ad0102ae799f4ba41460a8a64911818f63078a36f5d8297d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146751
x-xss-protection: 0
pragma: public
x-fb-debug: oN1U3bCY/FmRvi8YdY6G+SfgpykBJzQBWekLGe9NI+EMS4eU/TdCcMOWFjtkQ/YtW5LUJSTfO0UIXTwx8bwCJw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 14 Oct 2021 13:53:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/nb_NO/ 269 KB
76 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/nb_NO/sdk.js?hash=a5695b75636ca04fb2fb2f917ace9f02

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/nb_NO/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e03e76b006705c305ac7e13908af4dd0833ccf23c018b440a0c75a3b8c4eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shifter.no/
Origin: https://shifter.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BWnMboZOGjPrgMgDPiaktg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 77616
x-fb-rlafr: 0
x-fb-debug: NH4LyejgV705UGyg2MHG+csALwlqX/PrKVKJfB3X2QsbZCYOgohS1i3u32e+FskNoLdt+FFUDoJtXfxyM1fuQA==
x-fb-trip-id: 917726464
x-fb-content-md5: 6f693b32675e93c602de6359a29fcb10
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Oct 2021 13:53:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e9b936e6f021b0df3655d3624a865821"
timing-allow-origin: *
expires: Fri, 14 Oct 2022 13:41:37 GMT

GET
H2 200 cabl.json Show response
policy.app.cookieinformation.com/cookie-data/shifter.no/ 5 KB
1 KB 28ms
7ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/cookie-data/shifter.no/cabl.json
Requested by: Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E8F) /
Resource Hash: 014465df2728928b6d03aa7f06174ca4e756510bb08271e3ba958c5f3f47b937

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
content-md5: xqjNFKSwhUpQ9uitZa4sXA==
age: 297
x-cache: HIT
content-length: 891
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 07:38:56 GMT
server: ECAcc (frc/8E8F)
etag: 0x8D98EE5AE15720B
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 360cb2e5-701e-0055-0102-c128c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=300
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
expires: Thu, 14 Oct 2021 13:58:17 GMT

GET
H2 200 cookiesharingiframe.html Show response
policy.app.cookieinformation.com/ Frame 2863 4 KB
2 KB 9ms
8ms Document
text/html 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/cookiesharingiframe.html
Requested by: Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2D) /
Resource Hash: 12fe0d2bfe91d982fa77b01d99c873f3fe0d166892f0091220ecfaca420cd35d

Request headers

:method: GET
:authority: policy.app.cookieinformation.com
:scheme: https
:path: /cookiesharingiframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shifter.no/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/

Response headers

content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 32
cache-control: max-age=300
content-md5: OFzGGZTUmcWlUU0fT8VAbQ==
content-type: text/html
date: Thu, 14 Oct 2021 13:53:17 GMT
etag: 0x8D982679631E8E0
expires: Thu, 14 Oct 2021 13:58:17 GMT
last-modified: Tue, 28 Sep 2021 10:06:06 GMT
server: ECAcc (frc/8F2D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5d975f95-f01e-00af-5a02-c1ca80000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 1471

GET
H2 200 nb.js Show response
policy.app.cookieinformation.com/2f3d67/shifter.no/ 137 KB
11 KB 8ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/2f3d67/shifter.no/nb.js
Requested by: Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA3) /
Resource Hash: b62b5d4df5561b405b513cfe9591e2a66430fde58c28298a169efe6f42456262

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
content-md5: WfQZ4Vi0Obi8bOCPSt14Cg==
age: 297
x-cache: HIT
content-length: 10633
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 07:38:56 GMT
server: ECAcc (frc/8FA3)
etag: 0x8D98EE5AE1B8DD3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6be3ad50-901e-0000-3302-c1384d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=300
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
expires: Thu, 14 Oct 2021 13:58:17 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
141 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1499212745&t=pageview&_s=1&dl=https%3A%2F%2Fshifter.no%2Fabonnement&ul=en-us&de=UTF-8&dt=Abonnement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1972088477&gjid=147558728&cid=1372545622.1634219597&tid=UA-77529863-1&_gid=1815629305.1634219597&_r=1&gtm=2wgab0KB37DPP&z=412015627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shifter.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1499212745&t=event&ni=0&_s=1&dl=https%3A%2F%2Fshifter.no%2Fabonnement&ul=en-us&de=UTF-8&dt=Abonnement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registrer%20Katergori&ea=Registrer%20Katergori&ev=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1372545622.1634219597&tid=UA-77529863-1&_gid=1815629305.1634219597&gtm=2wgab0KB37DPP&z=1068282234

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 08:59:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1499212745&t=event&ni=0&_s=1&dl=https%3A%2F%2Fshifter.no%2Fabonnement&ul=en-us&de=UTF-8&dt=Abonnement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registrer%20Tagger&ea=Registrer%20Tagger&el=&ev=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1372545622.1634219597&tid=UA-77529863-1&_gid=1815629305.1634219597&gtm=2wgab0KB37DPP&cm2=&z=902176222

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 08:59:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 13ms
13ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5S5BZLQD3D&gtm=2oeab0&_p=1499212745&sr=1600x1200&ul=en-us&cid=1372545622.1634219597&_s=1&dl=https%3A%2F%2Fshifter.no%2Fabonnement&dt=Abonnement&sid=1634219597&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5S5BZLQD3D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shifter.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.1ead97d9cbfc02c8212d.js Show response
script.hotjar.com/ 222 KB
59 KB 28ms
9ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1ead97d9cbfc02c8212d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1786009.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

0804278ac515f7531ad822c77a40834d8300d8ff3e915ca53369bd2c1e8ebfe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 12:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6432
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59783
access-control-allow-origin: *
last-modified: Thu, 14 Oct 2021 12:05:41 GMT
etag: "c6601c365ed80d1ed4e9bad7f3c2247e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bx9wzuFWDggD-2eabH88hY96f_1CiMSSi4FzXG0677eMWshXHO8dhA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
459 B 45ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-77529863-1&cid=1372545622.1634219597&jid=1972088477&gjid=147558728&_gid=1815629305.1634219597&_u=YEBAAAAAAAAAAC~&z=1200187765

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Oct 2021 13:53:17 GMT
content-type: text/plain
access-control-allow-origin: https://shifter.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 116 KB
27 KB 11ms
10ms Script
application/x-javascript 2a02:26f0:1700:498::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:498::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 13:53:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 12:43:03 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27751
Expires: Thu, 14 Oct 2021 14:53:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 23ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440794966121809&ev=PageView&dl=https%3A%2F%2Fshifter.no%2Fabonnement&rl=&if=false&ts=1634219597415&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634219597414.197824886&it=1634219597288&coo=false&exp=p1&rqm=GET

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 23ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440794966121809&ev=tagger&dl=https%3A%2F%2Fshifter.no%2Fabonnement&rl=&if=false&ts=1634219597419&cd[Tagger]=&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634219597414.197824886&it=1634219597288&coo=false&exp=p1&rqm=GET

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 23ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440794966121809&ev=Kategorier&dl=https%3A%2F%2Fshifter.no%2Fabonnement&rl=&if=false&ts=1634219597420&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1634219597414.197824886&it=1634219597288&coo=false&exp=p1&rqm=GET

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 29ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2016 20:03:15 GMT
server: nginx
etag: W/"56901603-14e55"
vary: Accept-Encoding
x-hw: 1634219597.dop156.fr8.t,1634219597.cds292.fr8.hn,1634219597.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 show Show response
buy.tinypass.com/checkout/offer/ Frame 62D2 591 KB
89 KB 270ms
270ms Document
text/html 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62e797d45efd97b7aab5da38c09c7c3f46014991d6d029688f896b208a6b4d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shifter.no/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.055
set-cookie: ch_sid=uzkppbyY4uwDCE8;Version=1;Domain=.tinypass.com;Path=/;Max-Age=3600;Secure;SameSite=None LANG=nb_NO;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4cRyqQTNAsTVEL; SameSite=Lax; path=/; expires=Fri, 15-Oct-21 12:53:17 GMT; HttpOnly
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-94-165
x-forwarded-https: on
x-request-id: Ctwzy0rFQvG
x-xss-protection: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69e14b043a764e56-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 51ms
29ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-77529863-1&cid=1372545622.1634219597&jid=1972088477&_u=YEBAAAAAAAAAAC~&z=240106370

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 52ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-77529863-1&cid=1372545622.1634219597&jid=1972088477&_u=YEBAAAAAAAAAAC~&z=240106370

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acff0d328b74363875a0a6075e6c8439.html Show response
vars.hotjar.com/ Frame 5FF9 2 KB
1 KB 25ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acff0d328b74363875a0a6075e6c8439.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1786009.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: ab905a6626c29d0612a60bb7944b07ba2a1fd55c0f72ddc87913aa21c3d02fb5

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-acff0d328b74363875a0a6075e6c8439.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shifter.no/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/

Response headers

content-type: text/html
content-length: 1044
date: Wed, 13 Oct 2021 08:06:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "180eba9df76aa8711e14c898a36db859"
last-modified: Wed, 13 Oct 2021 08:05:10 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: S_rHupE-MMUz9wPQ082wWs3k3z9OU0jVBeL871hMZQ4AI8zIoIukeQ==
age: 107232

GET
H2 200 316 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1 KB 409ms
409ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/316?email=&visitor=kur05jh5wqw9cy2u&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9302622ce5bbdb7335079554fb9a0270d99c2065dab5aa4cc855a326703e70d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"9ab-6M0ugSsRSSVPyeHyXSxEyRbUl/4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shifter.no
access-control-allow-credentials: true
cf-ray: 69e14b058ff05b74-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H2 200 316
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 160ms
143ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/316?email=&visitor=kur05jh5wqw9cy2u&stored_visitor=&pnespid=

Protocol

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shifter.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://shifter.no
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69e14b04aa0a97b4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 1786009 Show response
vc.hotjar.io/sessions/ 0
257 B 87ms
36ms XHR
text/plain 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1786009?s=0.25&r=0.15837785149602013
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1ead97d9cbfc02c8212d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: fZ1feHAiQytgS8fvu92DBbj203Bd7LZQkxqoxcl8XMf1NH2a_inRSQ==

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 1AFC 1 KB
880 B 9ms
8ms Document
text/html 2a02:26f0:1700:498::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:498::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004

Request headers

Host: cdn.cxense.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shifter.no/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/

Response headers

Accept-Ranges: bytes
Last-Modified: Fri, 30 Jul 2021 08:31:32 GMT
Server: AkamaiNetStorage
Content-Length: 510
Cache-Control: max-age=864000
Expires: Sun, 24 Oct 2021 13:53:17 GMT
Date: Thu, 14 Oct 2021 13:53:17 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 13 KB
7 KB 86ms
44ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22neighborRemovalKeys%22%3A%5B%22id%22%5D%2C%22neighbors%22%3A%5B%5D%2C%22categories%22%3A%7B%22testgroup%22%3A%2219%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.44%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2219%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2219%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fshifter.no%2Fabonnement%22%7D%2C%22widgetId%22%3A%223368465e10460fcba956f55d9aca33b3fa67c2f9%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22kur05jh5wqw9cy2u%22%7D%7D%2C%22prnd%22%3A%22kur05jh0ejxxbo2q%22%7D&media=javascript&sid=1135224483242056815&widgetId=3368465e10460fcba956f55d9aca33b3fa67c2f9&resizeToContentSize=true&useSecureUrls=true&usi=kur05jh5wqw9cy2u&rnd=209000463&prnd=kur05jh0ejxxbo2q&tzo=0&callback=cXJsonpCBkur05jowdb186p72

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

7f6335c260c289dcae08d6050ef48ee63132e51bb67979c0547af9032561ccd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 6382
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 1AFC 116 KB
27 KB 22ms
22ms Script
application/x-javascript 2a02:26f0:1700:498::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:498::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 13:53:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 12:43:03 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27751
Expires: Thu, 14 Oct 2021 14:53:17 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 1AFC 46 B
635 B 46ms
11ms Script
text/javascript 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de715.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 887e2616b79dd5fbb596cadedd52b0fca4728400248820bf7140e548c76484d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 13:53:17 GMT
Last-Modified: Wed, 14 Apr 2021 13:53:17 GMT
Server: Jetty(9.4.28.v20200408)
ETag: 2eeheh208zpgt90tsyfrldz8c
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: private, proxy-revalidate
Content-Type: text/javascript;charset=utf-8
Content-Length: 46
Expires: Fri, 14 Oct 2022 13:53:17 GMT

GET
H2 200 72.0a035390359aab65eb82.js Show response
load.sumo.com/ 131 KB
44 KB 15ms
15ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 1ZQEWHAMVKQ7GYB9
cdn-cachedat: 08/11/2021 08:27:12
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: kmFKyXlcNfWRvLk73k8+XQ19wYCytEHCTISpCux9qKXgMmTWTauGgYuQX+XFo3SzIUCSissBAiY=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:49 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 0ace02213fcb45b3203e1a44e7e86fdd
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 73.0a035390359aab65eb82.js Show response
load.sumo.com/ 289 KB
100 KB 23ms
23ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: TBY01K4HP9CGD4T8
cdn-cachedat: 08/11/2021 06:56:09
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: zxdeegSWyj0r5KeMe1/TVBrRHqZLd4efcDcAMD1YkADnK6T70g4ma5XkPClgzRKwYXb8pz26pBk=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:50 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: c0db9644a1ac2e6520fd1f4d38ed4868
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
646 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 12:33:48 GMT
server: ESF
date: Thu, 14 Oct 2021 13:53:17 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 1AFC 43 B
469 B 38ms
14ms Image
image/gif 116.202.80.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kur05jh0ejxxbo2q&sid=1135224483242056815&loc=https%3A%2F%2Fshifter.no%2Fabonnement&new=0&arf=0&ltm=1634219597519&ref=&tzo=0&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kur05jorynhmx89p&ckp=kur05jh5wqw9cy2u&glb=&wsz=1600x1200&cp_userState=anon&cp_ver=2.44&cp_testGroup=19&cst=2eeheh208zpgt90tsyfrldz8c
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.167 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.167.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 118 B
690 B 40ms
15ms Script
text/javascript 116.202.80.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kur05jh5wqw9cy2u%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222eeheh208zpgt90tsyfrldz8c%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222eeheh208zpgt90tsyfrldz8c%22%7D%5D%2C%22siteId%22%3A%221135224483242056815%22%2C%22location%22%3A%22https%3A%2F%2Fshifter.no%2Fabonnement%22%7D&callback=cXJsonpCBkur05jrochsl3qcz

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

116.202.80.167 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.167.80.202.116.clients.your-server.de

Software

Jetty(9.4.28.v20200408) /

Resource Hash

5d517a7bb910717d69cce868babdea7a04a3fde8dddcc42b560400eadfe6cbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:17 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 118
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 62D2 412 KB
89 KB 51ms
51ms Stylesheet
text/css 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19734e728912a2fb10d03a69776a7d7ae1774c52247d43082b2cef232b315962

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5881
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-122-67
last-modified: Wed, 13 Oct 2021 15:57:48 GMT
server: cloudflare
etag: W/"421783-1634140668000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 69e14b05dd174e56-FRA
expires: Thu, 14 Oct 2021 15:53:17 GMT

GET
H2 200 platform-translation-map_nb_NO.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 62D2 8 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_nb_NO.js?version=12.341.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa1865ea2f76cf86fa52419879b76fce098de7f5f613f4e393853b0a41604b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 62084
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-81-99
last-modified: Mon, 11 Oct 2021 01:52:26 GMT
server: cloudflare
etag: W/"8146-1633917146000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 69e14b05dd184e56-FRA
expires: Fri, 15 Oct 2021 13:53:17 GMT

GET
H2 200 H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C11agk4Y9gPm3xjzYAAAAA Show response
buy.tinypass.com/_sam/ Frame 62D2 568 KB
173 KB 34ms
34ms Script
text/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C11agk4Y9gPm3xjzYAAAAA?compressed=true&v=12.341.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea66c29032f4b74b1f74b70a866bb64361f70661507afae0a9e8e0db8354f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 227
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-94-165
last-modified: Wed, 13 Oct 2021 16:08:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=604572
x-optimized-by: _sam
cf-ray: 69e14b05dd1a4e56-FRA
expires: Thu, 21 Oct 2021 13:49:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 62D2 12 KB
957 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,500;0,600;0,700;1,500&family=Roboto:ital,wght@0,700;1,500&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab2003726f58a72aebe4f292011ff04644f67101c53fff344b998ce6d6b9e4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: ESF
date: Thu, 14 Oct 2021 13:53:17 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame 62D2 569 B
418 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: ESF
date: Thu, 14 Oct 2021 13:53:17 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 125079.jpg
image.shifter.no/ Frame 62D2 128 KB
128 KB 89ms
88ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/125079.jpg?imageId=125079&x=0&y=0&cropw=undefined&croph=undefined&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310798e3de39d2ded5d81a106032c4cf53fce12165d631b690f6600bac37de70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-125079
x-cache: HIT
x-varnish-host: varnish02
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 130761
x-php-host: php04
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8XBfcTQgZQvl4B0Fa2VHGCDjIh3FvwWOh2u7MfOqs8yw%2FmVpmqcYoGh4oLnthgZsKSEBSu3B944glQ3oQKmUO5ugl6lvG6ywM%2FmOPgrlvXIpE6gRx8VqnYi0OhGX9TfFUKOuWTrl%2B33FBnaHyW9"}],"group":"cf-nel","max_age":604800}
x-varnish: 166104 2229966
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php04_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b063ad56957-FRA
access-control-allow-headers: *

GET
H2 200 124180.jpg
image.shifter.no/ Frame 62D2 204 KB
205 KB 114ms
114ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/124180.jpg?imageId=124180&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e799c861848d2b7ccebd69a55eb796b9030223cb92447519732767479df33b8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-124180
x-cache: HIT
x-varnish-host: varnish02
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 209319
x-php-host: php06
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SO6Mm69JKTxjnQ4V6bHGxK5SwzzYk3lyIh8VhVpekukjKpa33cfErH2%2Bs2eCAv2hwRnSw1ZNEe97OPZCjIUorDXLcNCAGubS%2F%2FgiJcBzNs%2Bq0Pc3q%2F1kARm0c8dDhEMQUZGxazu6XKFTFAMCeG4K"}],"group":"cf-nel","max_age":604800}
x-varnish: 1344350 2033027
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php06_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b064af46957-FRA
access-control-allow-headers: *

GET
H2 200 204602.jpg
image.shifter.no/ Frame 62D2 118 KB
118 KB 109ms
107ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/204602.jpg?imageId=204602&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a010f3988f009aab063395e0b7a1bb350c0873500d39a16c67225817f11c58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-204602
x-cache: HIT
x-varnish-host: varnish03
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 120596
x-php-host: php06
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ew%2F%2BW1xFiukhKnAPJuwP8XkFf4E6fUNd8ON27jufyBVydzgEobv%2BdQFAwH1hPYgKD0GhcCAFenA5OkYa%2FITV3CZUWEBlqC8dv3oTdjAVYbdaObZJFJ3gs6xK5IFVL0zg28kTiTme8I0u4wfLOywI"}],"group":"cf-nel","max_age":604800}
x-varnish: 2002060 626601
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php06_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b066b536957-FRA
access-control-allow-headers: *

GET
H2 200 207298.jpg
image.shifter.no/ Frame 62D2 114 KB
115 KB 96ms
94ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/207298.jpg?imageId=207298&x=0&y=4.0123456790123&cropw=100&croph=93.981481481481&width=1067&height=610
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8acc32a70aa3c8b0b265d4c17e3de8772606bf9b093248138e0b1296b96d91fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-207298
x-cache: HIT
x-varnish-host: varnish02
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 117131
x-php-host: php05
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKdRwPYCdr6HTzQ5HW1oD8RjBG8i6c0UtB2XawHVEKG%2FAgZBX6ewIctcZ2XYisNlTIA%2BIGv8nMfuDy3dYcYl2eEJx2yAVyV5OZLQiJQZwzmYcuGeLIny1BHEZi0l%2FeekQutrftnbJL%2B5WE4EdsyP"}],"group":"cf-nel","max_age":604800}
x-varnish: 1512998 2430438
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php05_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b066b586957-FRA
access-control-allow-headers: *

GET
H2 200 193389.jpg
image.shifter.no/ Frame 62D2 71 KB
72 KB 132ms
130ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/193389.jpg?imageId=193389&x=0&y=0&cropw=100&croph=85.654008438819&width=1067&height=610
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3036b1fd8c511287b6970f514f3d48c8269f1bb9d87691bc9ab2c34d2195bb77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-193389
x-cache: HIT
x-varnish-host: varnish03
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73197
x-php-host: php05
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeOjmESrKHFUyZwlb5ZVZ8Z26kpdzchrFzZRtSd0ebaTYcndPpAVq%2BX%2FKU0kR0oyRILiFfjkP%2B85flgPiUvnA%2FhsrZN5jRtQ6NFXAMo%2BT%2B0wrClTE33RbgGv8gdYCzXjkvHd2lB%2FxkeARxrOQgCi"}],"group":"cf-nel","max_age":604800}
x-varnish: 724156 626609
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php05_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b066b5a6957-FRA
access-control-allow-headers: *

GET
H2 200 126018.jpg
image.shifter.no/ Frame 62D2 151 KB
152 KB 85ms
83ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/126018.jpg?imageId=126018&x=0&y=0&cropw=undefined&croph=undefined&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a6a13befeb23dd558b7883c9210a14f29702ce5902135256926bb622eb319d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-126018
x-cache: HIT
x-varnish-host: varnish02
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 154797
x-php-host: php04
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwZ7Gugit1QA6FiwK%2FGZbIDNJFn0PYQQo9b3rJAk%2FZeUUZvN8xfr8UhGLRQlrVZSPABb3fz1BZ8Pl1xPFRfhu2GVi60hjSjdX8nfIGEuCGGpPTVulLI2QgbOsj3KrbDqYR0Ch459NhTGcv%2Fh6F2V"}],"group":"cf-nel","max_age":604800}
x-varnish: 166106 1382235
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php04_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b066b5e6957-FRA
access-control-allow-headers: *

GET
H2 200 127522.jpg
image.shifter.no/ Frame 62D2 144 KB
144 KB 135ms
133ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/127522.jpg?imageId=127522&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b69c3c90be6dea6f97aa886e3c51f7abfaee77b48ca35576a49eb54d511dd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-127522
x-cache: HIT
x-varnish-host: varnish03
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 146947
x-php-host: php05
last-modified: Thu, 14 Oct 2021 13:53:18 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXKkTEemkNuSbIl6ijgjGPlslx9ZysEAkMX06wHKXx4asGSNw358jte0lpetGMbxM2%2Fh%2B8j4E7I507rqVKXhFA%2BSBstzqh7xzCVuliHnkHDV5bo4GYRKIwuYpYlxbOdeCqVWzhxvuXfraRQ%2FGrpi"}],"group":"cf-nel","max_age":604800}
x-varnish: 724158 854798
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php05_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b06ec936957-FRA
access-control-allow-headers: *

GET
H2 200 129813.jpg
image.shifter.no/ Frame 62D2 95 KB
95 KB 98ms
96ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/129813.jpg?imageId=129813&x=0&y=0&cropw=undefined&croph=undefined&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a59d803cf58be381b57f990e0d7cbe006545819e7d45e356234237818962b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-129813
x-cache: HIT
x-varnish-host: varnish02
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 96943
x-php-host: php06
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArrDV8%2BWrijdm%2Bw5dmbJ8M3FaY7rFYgiA7CKLr%2FWiSRZPnEZ1RqeT2l7XGO8IjdVPyYMKeMQfLyRlXNt2VyYb0IwtZN6KsrhYs%2B3rJ1ZqVXo7aTh1SzgRWeBc3UEjfMcfPyURmfQsqvkPgd2%2BTPS"}],"group":"cf-nel","max_age":604800}
x-varnish: 166108 1639166
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php06_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b06ec966957-FRA
access-control-allow-headers: *

GET
H2 200 114887.jpg
image.shifter.no/ Frame 62D2 148 KB
148 KB 103ms
101ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/114887.jpg?imageId=114887&x=0&y=0&cropw=undefined&croph=undefined&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bdfbd747ae17e83cea0d6fa953a2a1283b23e362b88ef5ec0242498131e7022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-114887
x-cache: HIT
x-varnish-host: varnish01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 151349
x-php-host: php06
last-modified: Thu, 14 Oct 2021 13:53:17 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kx0XPXs9AwBczozMoo5yEhAj%2FLe0Oeqw9N%2BLwlCJryvosoJ%2F40O7s%2FvxpE855XytH%2F1DzRdFlYKxJH3LNZ2Ltt7G38Vu7bfTzT7gyxTA1%2FFb%2BC0%2FebKEx0Z%2FWHbVpCAEHQhSGeGQ1eUJl7hku%2B5o"}],"group":"cf-nel","max_age":604800}
x-varnish: 2033152 299681
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php06_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b06ec9a6957-FRA
access-control-allow-headers: *

GET
H2

200

Gustav-Gorecki.png
shifter.no/files/2021/09/23/ Frame 62D2
Redirect Chain

https://www.shifter.no/files/2021/09/23/Gustav-Gorecki.png
https://shifter.no/files/2021/09/23/Gustav-Gorecki.png

105 KB
105 KB

252ms
251ms

Image
image/png

2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shifter.no/files/2021/09/23/Gustav-Gorecki.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f035db67a36ac745d04bddedf2cb478ddc2648776f2967ac42534ec406195b

Request headers

:path: /files/2021/09/23/Gustav-Gorecki.png
pragma: no-cache
cookie: cX_S=kur05jorynhmx89p; cX_G=cx%3A1d75p3tmu7wvf1qsixv8sjxrtv%3A2csbtkd2v604e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shifter.no
referer: https://buy.tinypass.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-varnish-host: varnish01
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107387
x-php-host: php05
last-modified: Thu, 23 Sep 2021 18:45:38 GMT
server: cloudflare
etag: "614ccb52-1a37b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfDvx0mtv5CXrSEuCGm%2FQWOvIZo9dUzJsOngnPBEj964pEJSwXGtQXZpgwTmYWow4ocnIqLimqQev6UkRHyU0BwddY4HcAcbsAqrETq1sun7ZQPCW6j%2F6vZXjXR2CSnUsx8zZasXuYia"}],"group":"cf-nel","max_age":604800}
x-varnish: 1934818
content-type: image/png
x-varnish-backend: php05_80
cache-control: public, max-age=86400, s-maxage=86400
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b06dc796957-FRA

Redirect headers

date: Thu, 14 Oct 2021 13:53:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B18ZLzFMFHSadYIZUUSAB0GmzQcY5df9p8k0FNfpEHgeS6cw36AHh12luyASfp8UO%2FBx5dpeFEu3EJQykBWGoWciF33HtuMqU98cz4grdB2aJ7y4DXTCFR7Y%2B9p5zZalnJWZaEhEFh6%2Biofy%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://shifter.no/files/2021/09/23/Gustav-Gorecki.png
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 69e14b067b976957-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 103662.jpg
image.shifter.no/ Frame 62D2 131 KB
132 KB 128ms
126ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/103662.jpg?imageId=103662&x=0&y=0&cropw=undefined&croph=undefined&width=1058&height=604
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8cd155b276d80896416976bcecf922ffe11f3b9eaa0157d5454ab48613ab7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-103662
x-cache: HIT
x-varnish-host: varnish03
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 134334
x-php-host: php05
last-modified: Thu, 14 Oct 2021 13:53:18 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8K8Nnxx1dqsopx1WJr58Nfn5RxAhg%2FCwzSGybuEu4ad0VXST7TKAqkyxmagK2Klize7t8TX%2B9U4BS1GY7MBVAyRZX8LfM86JVEzi%2BpYMpsaSn98H7iMmdcj0Lebd%2BrUTazR4m%2BCJ8LF5YX8sjoth"}],"group":"cf-nel","max_age":604800}
x-varnish: 2002062 1970901
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php05_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b06ec9d6957-FRA
access-control-allow-headers: *

GET
H2 200 189230.jpg
image.shifter.no/ Frame 62D2 131 KB
132 KB 129ms
127ms Image
image/jpeg 2606:4700:3032::ac43:9e16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.shifter.no/189230.jpg?imageId=189230&x=6.9635627530364&y=22.141119221411&cropw=86.234817813765&croph=73.965936739659&width=1065&height=608
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9e16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c23acbe7b3d0411f9615ca7c22b5eb9a2cdcfd2f9f00277dd83d04992c3d9cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-labrador-cache-channel: image-189230
x-cache: HIT
x-varnish-host: varnish02
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 134515
x-php-host: php04
last-modified: Thu, 14 Oct 2021 13:53:18 GMT
server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmdPdeXLuTj1yrXF%2Bt25%2B6MbZVVpHSvsbqA%2FtwkAJNZ71Qll3JHBK3Q5xwH8f9iIBrvRtVpLNHiXvZAEX8qC3kWXoaoX570yVXrXiL0bWAmUrtsSeFsXsmA5H4VIMHQKLrjOVtjhGP202WY9yOjx"}],"group":"cf-nel","max_age":604800}
x-varnish: 2199032 2330817
access-control-allow-origin: *
content-type: image/jpeg
x-varnish-backend: php04_80
x-robots-tag: none
x-ua-viewport: desktop
x-nginx-host: nginx02
accept-ranges: bytes
cf-ray: 69e14b06ec9f6957-FRA
access-control-allow-headers: *

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 62D2 58 KB
11 KB 30ms
30ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.341.1

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C11agk4Y9gPm3xjzYAAAAA?compressed=true&v=12.341.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c22b6f656365ec3d38db4469c4bfccb020d1ac33ff23cc6636c7a6c09ba2e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 85091
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wn: prod-dash-10-0-136-183
last-modified: Wed, 13 Oct 2021 15:57:48 GMT
server: cloudflare
etag: W/"59159-1634140668000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 69e14b068e1e4e56-FRA
expires: Fri, 15 Oct 2021 13:53:17 GMT

GET
H2 200 loadTranslationMap Show response
buy.tinypass.com/checkout/general/ Frame 62D2 35 B
154 B 20ms
20ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/general/loadTranslationMap?aid=JdO6hmAapu&version=1629729276000&language=en_US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7dca910e0831e9da57f4124eec492eb7c5c6b8f567f0978fa70180f1332be71

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4391
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cuiwy0r0EZT
pragma
wn: prod-dash-10-0-130-103
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.003
cache-control: public, max-age=86400
cf-ray: 69e14b068e204e56-FRA
expires: Fri, 15 Oct 2021 13:53:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440794966121809&ev=Microdata&dl=https%3A%2F%2Fshifter.no%2Fabonnement&rl=&if=false&ts=1634219597936&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Abonnement%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22frontpage%22%2C%22og%3Atitle%22%3A%22Abonnement%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%2Fview-resources%2Fdachser2%2Fpublic%2Fshifter%2Flogo.png%22%2C%22og%3Aimage%3Awidth%22%3A%22250%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fshifter.no%2Fa%2F171308%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22mainEntityOfPage%22%3A%22https%3A%2F%2Fshifter.no%2Fabonnement%22%2C%22headline%22%3A%22Abonnement%22%2C%22abstract%22%3A%22%22%2C%22%40type%22%3A%22WebPage%22%7D%5D&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=3&o=30&fbp=fb.1.1634219597414.197824886&it=1634219597288&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 14 Oct 2021 13:53:17 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 62D2 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,500;0,600;0,700;1,500&family=Roboto:ital,wght@0,700;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 04:17:51 GMT
x-content-type-options: nosniff
age: 207326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 04:17:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 62D2 15 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,500;0,600;0,700;1,500&family=Roboto:ital,wght@0,700;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 76897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:40 GMT

GET
H2 200 1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfIA.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 62D2 20 KB
21 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4VrMDrMfIA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,500;0,600;0,700;1,500&family=Roboto:ital,wght@0,700;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2490e42ce00257ee3a2e81eccfcdb2d493c72a7739caeb67801c8a982d28b085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 17:51:03 GMT
x-content-type-options: nosniff
age: 331334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20984
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:43:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 17:51:03 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 62D2 17 KB
17 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,400;0,500;0,600;0,700;1,500&family=Roboto:ital,wght@0,700;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:37:36 GMT
x-content-type-options: nosniff
age: 76541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17380
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:37:36 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v109/ Frame 62D2 111 KB
111 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v109/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 00:14:39 GMT
x-content-type-options: nosniff
age: 221918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113660
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 00:04:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Oct 2022 00:14:39 GMT

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame 62D2 1 KB
990 B 138ms
137ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f32b9d8f1e6a16c1a75bad6097e096d1036b5fecbe576103b68afbcd3567d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.abonner-side&templateId=OTFPENPCHMHF&offerId=OFUFBKV8DF0H&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX0PVDOVOM4X&widget=offer&iframeId=offer-0-Mm7Qe&url=https%3A%2F%2Fshifter.no%2Fabonnement&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=JdO6hmAapu&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=70862549dc
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 0
x-request-id: Cuwzy0r7k65
pragma: no-cache
wn: prod-dash-10-0-126-249
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buy.tinypass.com
cache-control: no-cache, no-store, must-revalidate
server-time: 0.003
cf-ray: 69e14b075f694e56-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 563
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 139ms
138ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/563?story_url=https%3A%2F%2Fshifter.no%2Fabonnement&visitor=kur05jh5wqw9cy2u

Protocol

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shifter.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://shifter.no
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69e14b082b0797b4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 563 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
198 B 138ms
137ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/563?story_url=https%3A%2F%2Fshifter.no%2Fabonnement&visitor=kur05jh5wqw9cy2u

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e80167671bd9da8eae82c654020a0bf7264a1e425439b69f22f308ad2c708f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
content-encoding: gzip
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"41-hd1hMHJnVOhEZ7u4dwfoTsaQuKY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shifter.no
access-control-allow-credentials: true
cf-ray: 69e14b090d825b74-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

POST
H2 200 / Show response
sumo.com/api/load/ 855 B
1 KB 493ms
166ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

81d841528b9db3b378dac3b01930d6f7219b9f9f0f32993c235e6fa7c737960f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
vary: Origin, Accept-Encoding
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shifter.no
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 855

POST
H2 200 logExecutionStats
api-v3.tinypass.com/api/v3/composer/ 0
0 164ms
163ms Ping
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/composer/logExecutionStats?aid=JdO6hmAapu&items=%5B%7B%22mId%22%3A%22timer7J5WP171K5VA38%22%2C%22eId%22%3A%22EXFORE2N4Q69%22%2C%22eV%22%3A3%2C%22eeId%22%3A%221808r100eo-00002v3v2gf3g5i57fdkvumpu0%22%7D%2C%7B%22mId%22%3A%22runJsXMZUN80PZBMI40%22%2C%22eId%22%3A%22EXFORE2N4Q69%22%2C%22eV%22%3A3%2C%22eeId%22%3A%221808r100eo-00002v3v2gf3g5i57fdkvumpu0%22%7D%5D&execution_stats_context=%7Bjcx%7DH4sIAAAAAAAAAE3Py27CMBAF0F8ZeQUSdVwcJzxWiEWpaLoBwTqBaRgS4uA4D4r497oIJJYz546u5srqCs3nnk0YG7DE6PY5ZrUR6nhQ7bkd7y7D2nEZp7ghbF9d4LHrEj08O2-oInvH5u3JslGXdJQVjv-bZikWdmUNFamLRfqX8jz2FBfQ21Kxd_XwvYZ3wcUU3CLwp9AFfh9mZZnjFpMlWU_JkMsAesvFOvoaQE4ZwgfuMt2H-cHoE3pjyQX3VRjyQMIq_okNPa5evojQoqnY5Hq7_QEp0ptyBgEAAA&ts=1634219598439&source=chain
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 163ms
163ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://shifter.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Thu, 14 Oct 2021 13:53:18 GMT
access-control-allow-origin: https://shifter.no
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

POST
H2 200 services Show response
sumo.com/ 31 KB
4 KB 172ms
172ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

fbf8032973db43a0df27ae053e237d397e716a020eae7e06a17736e5addf6f63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: UDmgMEFcFhdLnYQS9wVYWhFC
Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Oct 2021 13:53:18 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://shifter.no
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 7.0a035390359aab65eb82.js Show response
load.sumo.com/ 97 KB
34 KB 7ms
6ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: CJCF7CW3MV8N7Q6G
cdn-cachedat: 08/11/2021 03:14:52
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: CNkELBse4Y593KQCSQRX1oicsKF7scX+YJuwfC6ldz4XD7H1DIWNNU10iOgfiLXPokfuDShuseU=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:47 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 13385e6b4ffecb5328775c5336a04620
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 10ms
9ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: N4YGPYHRDAC7QXZH
cdn-cachedat: 08/11/2021 01:00:42
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ZyN3peb0mEdiK4szAABWta3Npp/s6aFp7SGneDOBlLz3RaDSa8Ho9RodM0lRLwgOOWsqwAYTQsw=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:24 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 801079b8302955a8543f4370308322b0
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2.0a035390359aab65eb82.js Show response
load.sumo.com/ 3 KB
2 KB 20ms
19ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: YBS2XEB4GWK751DG
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-10-05 11:42:59
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: N3Y+yWqjjd2CeAmbI5PBHgxAlF7pQQeYSH4+m+LUfa803cIHT/G0Acg0Fd5ve7gBOYqGi2VZPms=
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:08 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: eb11b8c581a79b0d08442195e78b60c2
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.0a035390359aab65eb82.js Show response
load.sumo.com/ 11 KB
5 KB 20ms
19ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: MER4KM6F7Q2JNQ5W
cdn-cachedat: 08/11/2021 07:29:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: E5dcQp/o1cIppfojsowKVOXW7ZUiiNp7ocDAMKJh6oiooddIklNQ5UOgh1R9uM2pZdkJYmHadl8=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:43:54 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 02ba079f148e6ab3b8761c089e1a3072
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.0a035390359aab65eb82.js Show response
load.sumo.com/ 92 KB
25 KB 9ms
9ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: SDRMZCHBH8JCG4EW
cdn-cachedat: 08/11/2021 01:39:03
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Mh4g/5w6u8Sn3oSvTIRlHjXYmlpmbUcVAuUhwYOrgj1kCeipGQke7R0i5izHPL985rLtaJBDcAk=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:10 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 800e11579c742801f8901350c5e6058a
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 23.0a035390359aab65eb82.js Show response
load.sumo.com/ 329 KB
94 KB 11ms
10ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 9XQCP7NW3WVDSYTB
cdn-cachedat: 08/11/2021 03:15:25
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ld40Pz0CH+lzXng12qFYRohEmnjI9dEBceKZ2sX+7mdR6hnYe912+QkcLiFlJd9TnthnETGE3YM=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:10 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 0380c816b42edda582150ee5aa79e8cc
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.0a035390359aab65eb82.js Show response
load.sumo.com/ 179 KB
51 KB 16ms
15ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: PC6V8XNR7Q61HHSG
cdn-cachedat: 08/11/2021 04:57:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ZHXqsNODWdp8QMufVJkeNZ8Xe+OkUm7aygEJNy5f/FZIdtn7oJxkd0gh20eHC6PhK+QjRbS0Qac=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:09 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: bd25442d7b91d1e4892301e6ea417006
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 64.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 KB
1 KB 18ms
18ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: HA5WXKDDR49J14S5
cdn-cachedat: 08/11/2021 02:58:39
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: tdwIiEVSoIoFjCT91hbXGtcKx2WNNGkRfehwR63674L7CkYizIxkDrZIK4AWzM2dkDrPOU4IpNM=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:44 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: acab2fd7a6061858bd8c6a638be991a9
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 7ms
7ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 72BJV4V2M6106661
cdn-cachedat: 08/11/2021 06:53:00
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: geN8VZqyqgjzxGHn+iZxJjzqyPacwIfonJ7M/Gfx/SPZ8YbafYphswHvw0hJB5OpVkDQ305Tt6o=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:43:53 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 788203f5c4006f440df23e34f6a46811
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 96.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 MB
80 KB 14ms
13ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: ETN9Y2CB4JR36VS8
cdn-cachedat: 08/11/2021 06:56:51
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: hmfe8ryATIBRescEh6v33eH8sJ61l9gyYCWqjtX5MgK5uVzXNqi4XzjIlkZQAGWsnUd8ANzMelg=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:45:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 753a4d672ba9469363997b353fac8cd8
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 97.0a035390359aab65eb82.js Show response
load.sumo.com/ 221 B
958 B 8ms
7ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: XX71XTHVAZ9WHXF5
cdn-cachedat: 08/11/2021 01:00:39
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: IrAr89qZVaMDRwNGV7DkBYLlhQduKqBlKagxiVs2XoSkMpsnw5sFcxxojABTLTuponGysrE/vDc=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:45:09 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: a8b266969909c2a193f99796ac04ad32
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 31 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8d1eb929b183c4440bfb1c8e7b37f0d43c8618d988f04cfbd47aa70072e040e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 11:54:04 GMT
server: ESF
date: Thu, 14 Oct 2021 13:53:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 13:53:19 GMT

GET
H2 200 features Show response
sumo.com/api/site/d9c201dd60441d11c4f22f8793cecea2de362e24960876eaf33d4181ba5ce338/ 3 KB
1 KB 165ms
164ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/d9c201dd60441d11c4f22f8793cecea2de362e24960876eaf33d4181ba5ce338/features?site_id=d9c201dd60441d11c4f22f8793cecea2de362e24960876eaf33d4181ba5ce338

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Sumo-Auth: UDmgMEFcFhdLnYQS9wVYWhFC

Response headers

date: Thu, 14 Oct 2021 13:53:19 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
etag: "-362431178"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shifter.no
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/d9c201dd60441d11c4f22f8793cecea2de362e24960876eaf33d4181ba5ce338/ Frame 0
0 163ms
163ms Preflight 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/d9c201dd60441d11c4f22f8793cecea2de362e24960876eaf33d4181ba5ce338/features?site_id=d9c201dd60441d11c4f22f8793cecea2de362e24960876eaf33d4181ba5ce338
Protocol: H2
Server: 52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://shifter.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Thu, 14 Oct 2021 13:53:19 GMT
access-control-allow-origin: https://shifter.no
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shifter.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 246342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 17:27:37 GMT

GET
H2 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 81 B
329 B 129ms
128ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=JdO6hmAapu&tbc=%7Bjzx%7DlSwnEHGwU5WdbWttVruyW4NswM_WuGUIKEsFQKZztLEGF9vfHyQ9GqECur9MlybhdFC4mL0ZDJRXRew1j5oNVT0HXRK0ucHTShzKUeqYM-c&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonpCallback&_=1634219597244

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8992588dda40ffa65a5eea18acfdeeee8053f93c1c272e57fa5435b36d4a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 69e14b1a1acd4e56-FRA
date: Thu, 14 Oct 2021 13:53:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-135-41
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.011
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: Cxwzy0r3nMC

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 6735
date: Thu, 14 Oct 2021 12:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 14:01:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1499212745&t=event&ni=1&_s=1&dl=https%3A%2F%2Fshifter.no%2Fabonnement&ul=en-us&de=UTF-8&dt=Abonnement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFUFBKV8DF0H____templateId_OTFPENPCHMHF____aid_JdO6hmAapu&el=Show%20offer%20offerId%3AOFUFBKV8DF0H%20templateId%3AOTFPENPCHMHF%20aid%3AJdO6hmAapu&_u=6GDAAEABAAAAAC~&jid=2019350656&gjid=1498788792&cid=1372545622.1634219597&tid=UA-77529863-1&_gid=1815629305.1634219597&_r=1&_slc=1&z=41048619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shifter.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 62D2 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shifter.no
URL: https://shifter.no/abonnement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 6735
date: Thu, 14 Oct 2021 12:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 14:01:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-77529863-1&cid=1372545622.1634219597&jid=2019350656&gjid=1498788792&_gid=1815629305.1634219597&_u=6GDAAEABAAAAAC~&z=1124997060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shifter.no/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Oct 2021 13:53:21 GMT
content-type: text/plain
access-control-allow-origin: https://shifter.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-77529863-1&cid=1372545622.1634219597&jid=2019350656&_u=6GDAAEABAAAAAC~&z=1929745618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-77529863-1&cid=1372545622.1634219597&jid=2019350656&_u=6GDAAEABAAAAAC~&z=1929745618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shifter.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 13:53:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.delivery.adnuntius.com/	1970-01-19 22:40:11	Name: usi Value: shifter!0a5e3669fde5dfd3657b8b61cad3f405
.delivery.adnuntius.com/	1969-12-31 23:59:59	Name: sessionId Value: 8a9043553278699a3ca06013a4720249
.shifter.no/	1970-01-19 21:58:26	Name: _gid Value: GA1.2.1815629305.1634219597
.shifter.no/	1970-01-19 21:56:59	Name: _gat_UA-77529863-1 Value: 1
.shifter.no/	1970-01-20 15:28:11	Name: _ga_5S5BZLQD3D Value: GS1.1.1634219597.1.0.1634219597.0
.shifter.no/	1970-01-20 00:06:35	Name: _fbp Value: fb.1.1634219597414.197824886
.piano.io/	1970-01-19 21:57:01	Name: __cf_bm Value: 6cw93wHHorjiYBO7mSZJXPN11CFvM1xKhpuvwnHCljk-1634219597-0-AfrjLp40oitC/MbA16UUoSsxlDH1XOdg9gzqpWgOL4Bsfcu0eFfNM2UN/rcTUE0/BaKTYODFNl0CO+VHgTxqkn8=
.shifter.no/	1970-01-20 15:28:11	Name: __tbc Value: %7Bjzx%7DlSwnEHGwU5WdbWttVruyW4NswM_WuGUIKEsFQKZztLEGF9vfHyQ9GqECur9MlybhdFC4mL0ZDJRXRew1j5oNVT0HXRK0ucHTShzKUeqYM-c
.shifter.no/	1970-01-19 22:40:11	Name: __pat Value: 3600000
.shifter.no/	1970-01-19 21:58:25	Name: __pvi Value: %7B%22id%22%3A%22v-kur05jh03v5yg8kn%22%2C%22domain%22%3A%22.shifter.no%22%2C%22time%22%3A1634219597427%7D
.shifter.no/	1970-01-20 15:28:11	Name: xbc Value: %7Bjzx%7DcC81JGmk8ll5Te6a-UfKanOSqZbfXfOZRmgCJ6eOnLMs_ha7YKfCwvztQlQQpLvTUS1pt-po79tfwlDxvtLvUEjpwAt6i9xuqsr2WLKeCKIWd2T5oR4sfkqucwO49Cr8uDj2ieyhwxDO51ihOfoadg28UOWBscdSdPqhOCGvQ3kWyzZyaVKjXWlDAsjKRP5OV1JdG5rVYZWMPz-aVETFf06Fb7dEbEIJccktWetpRgpyg4qcoS_XjnicQpHpCm55
.shifter.no/	1970-01-20 06:42:35	Name: _hjid Value: 446e53d8-5f24-4876-947d-02a6f66a014b
.shifter.no/	1970-01-19 21:57:01	Name: _hjFirstSeen Value: 1
.shifter.no/	1970-01-19 21:57:01	Name: _hjAbsoluteSessionInProgress Value: 1
.shifter.no/	1969-12-31 23:59:59	Name: cX_S Value: kur05jorynhmx89p
.cxense.com/	1970-01-19 21:58:25	Name: cX_T Value: kur05jq7ur7ojxpm
.cxense.com/	1970-01-20 06:42:35	Name: gckp Value: 21bn9bonqc3y79b2860egaevq
.tinypass.com/	1970-01-19 21:57:03	Name: ch_sid Value: uzkppbyY4uwDCE8
.tinypass.com/	1970-01-21 09:56:59	Name: LANG Value: nb_NO
shifter.no/	1970-01-19 22:40:11	Name: __smVID Value: 05d0440778e3fe4d9e25c3c629bad39ece52ecf3380a01bf25ab67a756eb0896
.shifter.no/	1970-01-20 06:42:35	Name: cX_G Value: cx%3A1d75p3tmu7wvf1qsixv8sjxrtv%3A2csbtkd2v604e
.tinypass.com/	1970-01-19 21:58:25	Name: LANG_CHANGED Value: nb_NO
.shifter.no/	1970-01-19 22:40:11	Name: __pil Value: nb_NO
shifter.no/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1634219598099%2C%22visitNumber%22%3A1%7D
shifter.no/	1970-01-20 06:42:35	Name: pnespsdk_visitor Value: kur05jh5wqw9cy2u
shifter.no/	1970-01-20 06:42:35	Name: __smToken Value: UDmgMEFcFhdLnYQS9wVYWhFC
.shifter.no/	1970-01-20 15:28:11	Name: _ga Value: GA1.2.1372545622.1634219597
.shifter.no/	1970-01-19 21:56:59	Name: _gat_pianoTracker Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-esp.piano.io
api-v3.tinypass.com
api.cxense.com
buy.tinypass.com
c2.piano.io
cdn.adnuntius.com
cdn.cxense.com
cdn.tinypass.com
code.jquery.com
comcluster.cxense.com
connect.facebook.net
delivery.adnuntius.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
id.cxense.com
image.shifter.no
load.sumo.com
p1cluster.cxense.com
policy.app.cookieinformation.com
script.hotjar.com
shifter.cmail20.com
shifter.no
static.hotjar.com
stats.g.doubleclick.net
sumo.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.shifter.no
116.202.80.167
143.204.98.110
143.204.98.32
143.204.98.39
143.204.98.93
147.75.85.120
178.63.12.147
18.196.121.95
2001:4de0:ac18::1:a:3a
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3032::ac43:9e16
2606:4700::6810:2a41
2606:4700::6810:f015
2606:4700::6811:b7b1
2a00:1450:4001:808::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::9a
2a02:26f0:1700:498::268b
2a02:6ea0:c700::11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
52.34.133.113
85.202.161.10
89.187.169.47
0017366fbe6fa7cc76e87762db497ea0364b8604299837633e622a22a6a4b59f
00a9249b5a3023f54f6413f9c82145a78b10819a4f2345caab7e43983376ed2c
014465df2728928b6d03aa7f06174ca4e756510bb08271e3ba958c5f3f47b937
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
0804278ac515f7531ad822c77a40834d8300d8ff3e915ca53369bd2c1e8ebfe4
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a59d803cf58be381b57f990e0d7cbe006545819e7d45e356234237818962b9
12fe0d2bfe91d982fa77b01d99c873f3fe0d166892f0091220ecfaca420cd35d
19734e728912a2fb10d03a69776a7d7ae1774c52247d43082b2cef232b315962
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1bdfbd747ae17e83cea0d6fa953a2a1283b23e362b88ef5ec0242498131e7022
1c23acbe7b3d0411f9615ca7c22b5eb9a2cdcfd2f9f00277dd83d04992c3d9cd
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
212588cd3ce0b98d887fe0e87d041b9c92172cdce9acd617a742255ed07ac721
23c05d8c57231a6c2fa01d062568a7464b9b43debcef8334c1791963663f30e3
2490e42ce00257ee3a2e81eccfcdb2d493c72a7739caeb67801c8a982d28b085
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
271f727b06bf6c9e88f8f860951f46a0a3841fa47b8fa4a148e711cb2dff312b
3036b1fd8c511287b6970f514f3d48c8269f1bb9d87691bc9ab2c34d2195bb77
310798e3de39d2ded5d81a106032c4cf53fce12165d631b690f6600bac37de70
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4b69c3c90be6dea6f97aa886e3c51f7abfaee77b48ca35576a49eb54d511dd5a
4c22b6f656365ec3d38db4469c4bfccb020d1ac33ff23cc6636c7a6c09ba2e93
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e80167671bd9da8eae82c654020a0bf7264a1e425439b69f22f308ad2c708f5
4ebecb05aa46ebb81d5bd6ae8ccc5e14965480ef2e1c4300665c02ada74a487b
4fa1865ea2f76cf86fa52419879b76fce098de7f5f613f4e393853b0a41604b1
534c15729a7f9203c36f7416ae2c697de60a04dd55ef2374f8e17832c15ff440
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
5a6a13befeb23dd558b7883c9210a14f29702ce5902135256926bb622eb319d2
5a9b629e54814f41459ffec14a1b874e947f69ea8b9d2799ab2e86bc10c5fc3f
5d517a7bb910717d69cce868babdea7a04a3fde8dddcc42b560400eadfe6cbb2
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
62e797d45efd97b7aab5da38c09c7c3f46014991d6d029688f896b208a6b4d24
64c372981fd4e58e3777a3c11b0bea572c69456737c05d680ec6a74899f2caa4
6621bab778792253c12dbbb989f2346bb40b0cd4c37aacfaf45b6ab951209a76
6f32b9d8f1e6a16c1a75bad6097e096d1036b5fecbe576103b68afbcd3567d84
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
77012ea0a1ec201e82438c62da06fdcbb21b663d9af77d79398f7f9bf6ec6c6e
77c821f3be49378ad37d2c2fbd0126fa3ad456e02b851d383c4c519e415ca968
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
7f6335c260c289dcae08d6050ef48ee63132e51bb67979c0547af9032561ccd4
81d841528b9db3b378dac3b01930d6f7219b9f9f0f32993c235e6fa7c737960f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83abd685026e68720b4fdc69d504ec2e2fd14b8fdbc389b5d13ac1f16b22e0ee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
878177e3b0c4e075a653ecf58a2d6e31555457ba6e43372c531771da1d4f6e01
887e2616b79dd5fbb596cadedd52b0fca4728400248820bf7140e548c76484d2
8979cd13301f840f4eef08c0b5cb9828d25aae81590da5873fcded88f6ebb307
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8acc32a70aa3c8b0b265d4c17e3de8772606bf9b093248138e0b1296b96d91fb
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8ce38c14b17e7439230d2501d88adef2df2b5a71f48ba7f5373fca978b854204
91a010f3988f009aab063395e0b7a1bb350c0873500d39a16c67225817f11c58
9302622ce5bbdb7335079554fb9a0270d99c2065dab5aa4cc855a326703e70d2
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
98e03e76b006705c305ac7e13908af4dd0833ccf23c018b440a0c75a3b8c4eb2
99a2b818617447dfa6f85d6437bb7736d48b5acb114a1f01b1afa8a4a201e770
9e8cd155b276d80896416976bcecf922ffe11f3b9eaa0157d5454ab48613ab7f
9ea66c29032f4b74b1f74b70a866bb64361f70661507afae0a9e8e0db8354f71
9f4cb7af5b02d86ae74087ea91b70043dbb588d8584e21a06a00ae242278b537
9f7412b3ee67d6a6c2e109bde46fd1ed637f503e19d942e15e9bcc6a1ad3955f
a7dca910e0831e9da57f4124eec492eb7c5c6b8f567f0978fa70180f1332be71
ab2003726f58a72aebe4f292011ff04644f67101c53fff344b998ce6d6b9e4a8
ab905a6626c29d0612a60bb7944b07ba2a1fd55c0f72ddc87913aa21c3d02fb5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af72c577139950b526571405e9ddf5352a3ff906cc9da04dad7f00a142582fc6
b54eacfc91cfd49036a83a460f2c4a19ac2e5e8c7a2ecb9ffada0b6752f708b2
b62b5d4df5561b405b513cfe9591e2a66430fde58c28298a169efe6f42456262
b64f53bf69d080d62a915b32b4c7c8a2b31a787b3ccf64c4a63aeba170355c22
c283c492e9da3944ad0102ae799f4ba41460a8a64911818f63078a36f5d8297d
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c6f035db67a36ac745d04bddedf2cb478ddc2648776f2967ac42534ec406195b
c92cab84b44ac37925a00450873a018ac601883a2d6e7a760ea38fdde7671004
cb6362518d24c594dc6c82bbadb3872f8610240e37f85e9ac15e43cb938422fb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
d231efc95adebdcab58d442aaeeedd80fa1c4d68f5092488f8523c4c71dcb58d
dc8992588dda40ffa65a5eea18acfdeeee8053f93c1c272e57fa5435b36d4a8d
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e799c861848d2b7ccebd69a55eb796b9030223cb92447519732767479df33b8b
e7fbec11e015212cc52a88c6bdda82d3a7b7794caddb9c7e3573dd9d666875f7
e97a64fa2183657f3039705f64632f911775f55e22bd22134510d8aa54537618
ecb98d8fd22210abd485f989b5436d45573d23b3bea082b3e5b49c45ffc6b63f
ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304
edbed02ee74ef41489c4d3deaae889d17d570a3898f691fb000741c009113e40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fdf2fb3dac6eb9c2cadb0cf04dd6f19749c13bd33a3090f44964be810a3362
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f8d1eb929b183c4440bfb1c8e7b37f0d43c8618d988f04cfbd47aa70072e040e
fbf8032973db43a0df27ae053e237d397e716a020eae7e06a17736e5addf6f63
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd50401b34657c60632f1873874fab0fde1777d7504ac77650ba809d5034b08d
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

shifter.no Open in urlscan Pro 2606:4700:3032::ac43:9e16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

61 %IPv6

20 Domains

34 Subdomains

27 IPs

5 Countries

3623 kBTransfer

9340 kBSize

28 Cookies

16 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shifter.no Open in urlscan Pro
2606:4700:3032::ac43:9e16 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

61 %
IPv6

20
Domains

34
Subdomains

27
IPs

5
Countries

3623 kB
Transfer

9340 kB
Size

28
Cookies

126 HTTP transactions
0 data transactions