urlscan.io logo urlscan.io
SecurityTrails logo

kampanje.flex5x.no Open in urlscan Pro
54.93.101.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newsletter.sams3d.com/redirect.php?id=PGZhMjQzMmFkYzY0YTY4ZGMxYzJmNTQ1NTlhMzRiOTBhQG5ld3NsZXR0ZXIuc2FtczNkLmNvbT4=&ref...
Effective URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=4...
Submission: On June 19 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 8 countries across 34 domains to perform 69 HTTP transactions. The main IP is 54.93.101.66, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is kampanje.flex5x.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 18th 2020. Valid for: 3 months.
This is the only time kampanje.flex5x.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 40.112.135.80 8075 (MICROSOFT...)
1 54.93.101.66 16509 (AMAZON-02)
3 13.226.154.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.226.154.87 16509 (AMAZON-02)
2 13.225.87.104 16509 (AMAZON-02)
19 13.226.156.176 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.233.196.115 8075 (MICROSOFT...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 13.225.87.29 16509 (AMAZON-02)
1 4 213.155.156.188 1299 (TELIANET ...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 52.204.146.66 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.186.226.184 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
2 2 172.217.16.130 15169 (GOOGLE)
2 213.155.156.165 1299 (TELIANET ...)
2 2 185.33.220.243 29990 (ASN-APPNEX)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 18.195.112.7 16509 (AMAZON-02)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 2 35.158.60.52 16509 (AMAZON-02)
1 2 3.126.56.137 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2 37.157.4.41 198622 (ADFORM)
1 1 99.81.58.150 16509 (AMAZON-02)
1 213.19.147.150 26120 (RHYTHMONE)
1 2 23.210.249.164 16625 (AKAMAI-AS)
69 30
1    2606:4700:3030::ac43:9d7d (United States)

ASN13335 (CLOUDFLARENET, US)
newsletter.sams3d.com
2    40.112.135.80 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
healthcarehighlights.com
orcheckmed.com
1    54.93.101.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
kampanje.flex5x.no
3    13.226.154.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-89.dus51.r.cloudfront.net
builder-assets.unbounce.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    13.226.154.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-87.dus51.r.cloudfront.net
assets.unbounce.com
2    13.225.87.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-104.fra2.r.cloudfront.net
assets.ub-analytics.com
19    13.226.156.176 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-176.dus51.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.233.196.115 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
kunde.vitamail.no
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.225.87.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-29.fra2.r.cloudfront.net
sc-static.net
4    213.155.156.188 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, EU)
PTR: 213-155-156-188.teliacarrier-cust.com
tb.de17a.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.204.146.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-146-66.compute-1.amazonaws.com
events.ub-analytics.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
8    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
2    213.155.156.165 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, EU)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
2    185.33.220.243 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    18.195.112.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-112-7.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    185.94.180.126 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
sync.search.spotxchange.com
2    35.158.60.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-60-52.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2600:9000:2156:c00:3:e7f4:6f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.userreport.com
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    99.81.58.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-58-150.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com
1    213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
dsum.casalemedia.com
Apex Domain
Subdomains		 Transfer
19 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
245 KB
8 gstatic.com
fonts.gstatic.com
82 KB
6 de17a.com
tb.de17a.com
d5p.de17a.com
10 KB
5 unbounce.com
builder-assets.unbounce.com
assets.unbounce.com
49 KB
3 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
2 KB
3 ub-analytics.com
assets.ub-analytics.com
events.ub-analytics.com
31 KB
2 casalemedia.com
dsum.casalemedia.com
2 KB
2 adform.net
dmp.adform.net
575 B
2 yahoo.com
ups.analytics.yahoo.com
2 KB
2 advertising.com
pixel.advertising.com
677 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 360yield.com
ad.360yield.com
826 B
2 adnxs.com
ib.adnxs.com
2 KB
2 snapchat.com
tr.snapchat.com
2 facebook.com
www.facebook.com
435 B
2 sc-static.net
sc-static.net
14 KB
2 facebook.net
connect.facebook.net
161 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 bing.com
bat.bing.com
8 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
26 KB
1 1rx.io
sync.1rx.io
185 B
1 unrulymedia.com
usermatch.targeting.unrulymedia.com
325 B
1 userreport.com
sync.userreport.com
587 B
1 pubmatic.com
image2.pubmatic.com
849 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 google.de
www.google.de
554 B
1 google.com
www.google.com
631 B
1 vitamail.no
kunde.vitamail.no
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 flex5x.no
kampanje.flex5x.no
20 KB
1 orcheckmed.com
orcheckmed.com
611 B
1 healthcarehighlights.com
healthcarehighlights.com
622 B
1 sams3d.com
newsletter.sams3d.com
749 B
0 bootstrapcdn.com Failed
netdna.bootstrapcdn.com Failed
69 34
Domain Requested by
19 d9hhrg4mnvzow.cloudfront.net kampanje.flex5x.no
8 fonts.gstatic.com sc-static.net
kampanje.flex5x.no
4 tb.de17a.com 1 redirects kampanje.flex5x.no
tb.de17a.com
3 builder-assets.unbounce.com kampanje.flex5x.no
2 dsum.casalemedia.com 1 redirects blank
2 dmp.adform.net 1 redirects blank
2 ups.analytics.yahoo.com 1 redirects blank
2 pixel.advertising.com 2 redirects
2 sync.search.spotxchange.com 1 redirects blank
2 ad.360yield.com 1 redirects blank
2 ib.adnxs.com 2 redirects
2 d5p.de17a.com blank
2 cm.g.doubleclick.net 2 redirects
2 tr.snapchat.com sc-static.net
2 www.facebook.com kampanje.flex5x.no
2 sc-static.net kampanje.flex5x.no
sc-static.net
2 connect.facebook.net kampanje.flex5x.no
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 bat.bing.com www.googletagmanager.com
kampanje.flex5x.no
2 assets.ub-analytics.com kampanje.flex5x.no
assets.ub-analytics.com
2 assets.unbounce.com kampanje.flex5x.no
1 sync.1rx.io blank
1 usermatch.targeting.unrulymedia.com 1 redirects
1 sync.userreport.com blank
1 image2.pubmatic.com blank
1 pixel.rubiconproject.com blank
1 fonts.googleapis.com builder-assets.unbounce.com
1 events.ub-analytics.com kampanje.flex5x.no
1 www.google.de kampanje.flex5x.no
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 kunde.vitamail.no kampanje.flex5x.no
1 www.googletagmanager.com kampanje.flex5x.no
1 ajax.googleapis.com kampanje.flex5x.no
1 kampanje.flex5x.no
1 orcheckmed.com 1 redirects
1 healthcarehighlights.com 1 redirects
1 newsletter.sams3d.com 1 redirects
0 netdna.bootstrapcdn.com Failed kampanje.flex5x.no
69 39

This site contains no links.

Subject Issuer Validity Valid
kampanje.flex5x.no
Let's Encrypt Authority X3		 2020-05-18 -
2020-08-16		 3 months crt.sh
*.unbounce.com
Amazon		 2020-04-08 -
2021-05-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.ub-analytics.com
Amazon		 2020-06-08 -
2021-07-08		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
faktura.vitamail.no
Go Daddy Secure Certificate Authority - G2		 2020-02-12 -
2020-11-14		 9 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2019-12-03 -
2020-12-02		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-05-27 -
2020-11-23		 6 months crt.sh
*.userreport.com
RapidSSL RSA CA 2018		 2019-01-10 -
2021-03-10		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh

This page contains 7 frames:

Primary Page: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Frame ID: 1D0608B7D663632A35F54B476BBEB436
Requests: 53 HTTP requests in this frame

Frame: https://kunde.vitamail.no/reviewlister.aspx?product=182&ArrowColor=6BACDE&TextColor=000000&HeaderColor=000000
Frame ID: 44F2CF4E16CA8DDD615BFC4054261BA3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=01501061-dac3-4280-9a5c-a12d0db1a940
Frame ID: CA3B14E6B6C30D957903D3C3D4A6612C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 69018B4B7B99E4C2D25D566E81E6BCE7
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: 88CB600FAB4DDB62E26D25AA3A8EDB87
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5%26a%3D430473%26b%3D%22%2C%22title%22%3A%22Pr%C3%B8v%20Flex5x%20gratis%20%7C%20Flex5x%22%2C%22trackingAccountId%22%3A%2217065%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 72E7BD50208D5803FC6A4ABE5B02B21E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=1268154279446269952&expires=30
Frame ID: 95FC6FA15926816ADCF8B6E7CABECCC8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://newsletter.sams3d.com/redirect.php?id=PGZhMjQzMmFkYzY0YTY4ZGMxYzJmNTQ1NTlhMzRiOTBhQG5ld3NsZXR0ZXIu... HTTP 302
    https://healthcarehighlights.com/click.track?CID=430665&AFID=431307&ADID=2363917&SID= HTTP 302
    https://orcheckmed.com/click.track?CID=430473&AFID=422872&AffiliateReferenceID=06_50572728_00700461... HTTP 302
    https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

69
Requests

96 %
HTTPS

35 %
IPv6

34
Domains

39
Subdomains

30
IPs

8
Countries

706 kB
Transfer

1656 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newsletter.sams3d.com/redirect.php?id=PGZhMjQzMmFkYzY0YTY4ZGMxYzJmNTQ1NTlhMzRiOTBhQG5ld3NsZXR0ZXIuc2FtczNkLmNvbT4=&ref=aHR0cHM6Ly9oZWFsdGhjYXJlaGlnaGxpZ2h0cy5jb20vY2xpY2sudHJhY2s/Q0lEPTNENDMwNjY1JkFGSUQ9M0Q0MzEzMDcmQURJPQ0KRD0zRDIzNjM5MTcmU0lEPTNE&e=1 HTTP 302
    https://healthcarehighlights.com/click.track?CID=430665&AFID=431307&ADID=2363917&SID= HTTP 302
    https://orcheckmed.com/click.track?CID=430473&AFID=422872&AffiliateReferenceID=06_50572728_00700461-755d-4657-867f-d1b859745819&SID= HTTP 302
    https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1861260064&t=pageview&_s=1&dl=https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5%26a%3D430473%26b%3D&ul=en-us&de=UTF-8&dt=Pr%C3%B8v%20Flex5x%20gratis%20%7C%20Flex5x&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=864616869&gjid=1522687247&cid=1898247820.1592556075&tid=UA-137506799-6&_gid=261287408.1592556075&_r=1&gtm=2wg6a0NVHXDPN&z=1465289646 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_gid=261287408.1592556075&gjid=1522687247&_v=j83&z=1465289646 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_v=j83&z=1465289646 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_v=j83&z=1465289646&slf_rd=1&random=1986735230
Request Chain 55
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Request Chain 58
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc= HTTP 302
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI3BrZM1ZSoUQjSUhp5Sd1I&google_cver=1&google_ula=668382,0
Request Chain 59
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=1143518422084865468
Request Chain 61
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=1268154279446269952&expiration=1595148076 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=1268154279446269952&expiration=1595148076
Request Chain 62
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=1268154279446269952&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=1268154279446269952&img=1&__user_check__=1&sync_id=a3f05790-b208-11ea-a426-1974e5cf0806
Request Chain 63
  • https://pixel.advertising.com/ups/55955/sync?uid=1268154279446269952&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55955/sync?uid=1268154279446269952&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55955/sync?uid=1268154279446269952&_origin=1&apid=UPa3e6dda5-b208-11ea-bd3b-06ed23be50da HTTP 302
  • https://ups.analytics.yahoo.com/ups/55955/sync?uid=1268154279446269952&_origin=1&apid=UPa3e6dda5-b208-11ea-bd3b-06ed23be50da&verify=true
Request Chain 65
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=1268154279446269952 HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=1268154279446269952
Request Chain 66
  • https://usermatch.targeting.unrulymedia.com/usermatch/delta/1268154279446269952 HTTP 302
  • https://sync.1rx.io/usersync/delta/1268154279446269952
Request Chain 67
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=1268154279446269952&expiration=1595148076 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=1268154279446269952&expiration=1595148076&C=1

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kampanje.flex5x.no/
Redirect Chain
  • http://newsletter.sams3d.com/redirect.php?id=PGZhMjQzMmFkYzY0YTY4ZGMxYzJmNTQ1NTlhMzRiOTBhQG5ld3NsZXR0ZXIuc2FtczNkLmNvbT4=&ref=aHR0cHM6Ly9oZWFsdGhjYXJlaGlnaGxpZ2h0cy5jb20vY2xpY2sudHJhY2s/Q0lEPTNENDM...
  • https://healthcarehighlights.com/click.track?CID=430665&AFID=431307&ADID=2363917&SID=
  • https://orcheckmed.com/click.track?CID=430473&AFID=422872&AffiliateReferenceID=06_50572728_00700461-755d-4657-867f-d1b859745819&SID=
  • https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
130 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.93.101.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9ad6f8b62373f2126461025930200d4a285b3e7bf94467dd91bc77bad0970ff2

Request headers

Host
kampanje.flex5x.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:13 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
e0b5053c-aa17-4aaf-a2e5-c4f7e2ed0f03
etag
0f818be51a4dce02ea974c36a17dc35e
content-location
https://kampanje.flex5x.no/
x-unbounce-visitorid
165.231.142.361593132097941872
last-modified
Thu, 07 May 2020 14:53:12 GMT
x-unbounce-variant
k
link
<https://kampanje.flex5x.no/>; rel="canonical"
set-cookie
ubpv=k%2Ce0b5053c-aa17-4aaf-a2e5-c4f7e2ed0f03; Max-Age=15897600; Expires=Sun, 20 Dec 2020 08:41:13 GMT; Path=/ ubrs=weighted; Path=/ ubvs=165.231.142.361593132097941872; Max-Age=15552000; Expires=Wed, 16 Dec 2020 08:41:13 GMT; Path=/ ubvt=165.231.142.361593132097941872; Max-Age=259200; Expires=Mon, 22 Jun 2020 08:41:13 GMT; Path=/; Domain=flex5x.no
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

Server
nginx
Date
Fri, 19 Jun 2020 08:41:13 GMT
Content-Type
text/html; charset=utf-8
Content-Length
264
Connection
keep-alive
Cache-Control
private
Location
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
P3P
policyref="/p3p/P3P.orcheckmed.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
X-AspNet-Version
4.0.30319
Set-Cookie
LTTC6_430473=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5; expires=Sun, 19-Jul-2020 08:41:13 GMT; path=/; SameSite=None; secure
X-Powered-By
ASP.NET
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-89.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 03 Apr 2020 13:51:07 GMT
content-encoding
gzip
age
6634208
x-cache
Hit from cloudfront
status
200
content-length
2902
last-modified
Thu, 02 Apr 2020 17:52:40 GMT
server
AmazonS3
etag
"8a6547781289fd02dfe228a23ef28934"
x-amz-version-id
L11c.KqhMvfO_yyXwqm27MUAn1iG_g7i
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
tcaeshbsGdPbMwJlBKS6K4FTRcZ9OPZ1qu45RVTeaKdeXNk7Mt68og==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 13:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586626
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Jun 2021 13:44:07 GMT
jquery.fancybox-1.3.4.css
assets.unbounce.com/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.unbounce.com/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.css
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-87.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Mon, 11 Apr 2011 19:35:24 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:503/gname:staff/uname:cschmidt/gid:20/mode:33261/mtime:1302547553/atime:1302547552/ctime:1302547553
age
28922
date
Fri, 19 Jun 2020 04:58:15 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
U--dofdWUDPzPcb7If22rjznrgc5cHoXnztqrDERZ3CqDvlNYolmBg==
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
jquery.fancybox-1.3.4.js
assets.unbounce.com/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.unbounce.com/m/lp-webapp/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-87.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Mon, 11 Apr 2011 19:35:24 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:503/gname:staff/uname:cschmidt/gid:20/mode:33261/mtime:1302547553/atime:1302547554/ctime:1302547553
age
26723
date
Fri, 19 Jun 2020 04:55:29 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
B9A4I78VKFzaWl0943pvDMU4F3l-BpL-egmSeoGiY7b8C8Lf_NtRHw==
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
jquery-shims.bundle-0983003.z.js
builder-assets.unbounce.com/published-js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-89.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Nov 2019 18:20:30 GMT
content-encoding
gzip
age
18454845
x-cache
Hit from cloudfront
status
200
content-length
1993
last-modified
Mon, 18 Nov 2019 17:55:17 GMT
server
AmazonS3
etag
"78463755ec54ef174fee82014bc7044b"
x-amz-version-id
ALMfZtHr0dHt.IuVdrqg2V2wKC.p6qAs
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
nR5XSJT2sfkrpFPfMibRQJx2FU6ed09DEYao-zXhRMVtEGGe4vrM5Q==
ub.js
assets.ub-analytics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/ub.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d96ddcaf34c2e2a77a6c71c68f62f9aa69f570d9af4ec216b3f16dd91d80c949

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
bZn9flHBsWU9aNu20yxweI1A7OFBugY8
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
last-modified
Thu, 14 May 2020 17:22:42 GMT
server
AmazonS3
age
234
etag
"bbca570813c1877b581530490f602824"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=300
date
Fri, 19 Jun 2020 08:37:21 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
4562
x-amz-cf-id
0QxEwFh0GB_G2N7n3QswxveDm9KrVBWnqOPeBwreNhQBkFdygm5wHw==
transparent.gif
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		42 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/transparent.gif
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:21 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3475
etag
"d89746888da2d9510b64a9f031eaecd5"
x-cache
Hit from cloudfront
x-amz-version-id
dECjYnA90uNt1XilYhIbKxz9YDSs665N
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/gif
content-length
42
x-amz-cf-id
Lb9VefxXfgII2O43M_3-n-qu6Y7gI1wM7PUMHN5FQy3iUtJyrnECvw==
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-89.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 21:22:01 GMT
content-encoding
gzip
age
4360753
x-cache
Hit from cloudfront
status
200
content-length
33645
last-modified
Wed, 29 Apr 2020 19:49:39 GMT
server
AmazonS3
etag
"e3cd90068d75377439e6202b33a169c9"
x-amz-version-id
JBFUS0AkE5K2tQgjpSYJVwZCr8Y4Yfgg
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-5RPfnpDtk-mYOpKER_EUuFQs-gEO_jwWRAyp9-yg43G0mvx2HblGQ==
gtm.js
www.googletagmanager.com/ 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVHXDPN
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6eb363a0b13a7240dd53dc523c3f7c1266e809faa19e42573dc72a4ff89af84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:14 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38187
x-xss-protection
0
last-modified
Fri, 19 Jun 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Jun 2020 08:41:14 GMT
Cookie set reviewlister.aspx
kunde.vitamail.no/ Frame 44F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://kunde.vitamail.no/reviewlister.aspx?product=182&ArrowColor=6BACDE&TextColor=000000&HeaderColor=000000
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.233.196.115 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host
kunde.vitamail.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=

Response headers

Cache-Control
public, max-age=60
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Fri, 19 Jun 2020 08:42:14 GMT
Last-Modified
Fri, 19 Jun 2020 08:41:14 GMT
Vary
*
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=ui5ecv0mkmw1i2hm404isopa; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Fri, 19 Jun 2020 08:41:15 GMT
Content-Length
7074
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 		0
0
fontawesome-webfont.ttf
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 		0
0
f0f281e5-postenbring_07d01906q019000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/f0f281e5-postenbring_07d01906q019000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a45f94c35731af921fc7c5ae7897f0a352ea42ead7f265118b179f552486f7e2

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:21 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3475
etag
"fca7cee7d64a9d06adf9f298e0203552"
x-cache
Hit from cloudfront
x-amz-version-id
De8tXAUY_cbJDGq_yxQvkKDJE1PKKa.3
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
12495
x-amz-cf-id
_g8Qo_H9gU5NLyS-MYaoTJj5nK_oMDTmBdcco_MYT2HDi0HmX1gieQ==
bat.js
bat.bing.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVHXDPN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:13 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 19:59:59 GMT
x-msedge-ref
Ref A: 475B0CD93E0F4D30883F009370650AC0 Ref B: FRAEDGE1418 Ref C: 2020-06-19T08:41:14Z
status
200
etag
"804946b8613fd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7791
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVHXDPN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6295
date
Fri, 19 Jun 2020 06:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Fri, 19 Jun 2020 08:56:19 GMT
fbevents.js
connect.facebook.net/en_US/ 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
J7Nk6aUnLHY1JCP3wWlaxi1x5qVYpdzL3/y3IACJ64kEMaxfXFPVrJHhls6ClBtEPhjldbFK5V8+J2y2miVb9w==
x-fb-trip-id
2042748335
x-frame-options
DENY
date
Fri, 19 Jun 2020 08:41:14 GMT, Fri, 19 Jun 2020 08:41:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-29.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:15 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA2-C2
status
200
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5415
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
x-amz-cf-id
JrZIJHQZePkxe96VGypX18WiGuZsoS0tv9r9xN0F9HfkG-PzPhHWlA==
d7.js
tb.de17a.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.10.1 /
Resource Hash
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:14 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 08:20:27 GMT
server
nginx/1.10.1
etag
W/"XhSF2LHLZEYXhSEqCyb0So--gzip"
vary
Accept-Encoding, User-Agent
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
status
200
cache-control
must-revalidate, private
content-type
application/javascript
content-length
6265
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1861260064&t=pageview&_s=1&dl=https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_gid=261287408.1592556075&gjid=1522687247&_v=j83&z=1465289646
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_v=j83&z=1465289646
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_v=j83&z=1465289646&slf_rd=1&random=1986735230
42 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_v=j83&z=1465289646&slf_rd=1&random=1986735230
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jun 2020 08:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jun 2020 08:41:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137506799-6&cid=1898247820.1592556075&jid=864616869&_v=j83&z=1465289646&slf_rd=1&random=1986735230
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2481744745248682
connect.facebook.net/signals/config/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2481744745248682?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6330fb650d006871ce249586428ec0cd0c485045f725aef0b1a70fc8c8279ef
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
oalTV5vtiDv6l+UNt5VLt7eyh/Bx0YnkLtqeDMHFN4pFxrAjAS4YmqQjuU2ye+FpY9Y9LpvfSsts/6T50T4c1g==
x-fb-trip-id
2042748335
x-frame-options
DENY
date
Fri, 19 Jun 2020 08:41:14 GMT, Fri, 19 Jun 2020 08:41:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sp-2.9.0.js
assets.ub-analytics.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/sp-2.9.0.js
Requested by
Host: assets.ub-analytics.com
URL: https://assets.ub-analytics.com/ub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 20:39:14 GMT
content-encoding
gzip
age
21988921
x-cache
Hit from cloudfront
status
200
content-length
25747
last-modified
Tue, 16 Jul 2019 16:36:37 GMT
server
AmazonS3
etag
"ca3734b973941d7734d9116b823f868b"
x-amz-version-id
EYCPJnlZccivTrgOYeEuIt6iQVaAC0Td
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
X5jgDMcm8OKbQiubjHnhpgK3AXIqzUnoUCBubn8YsAz-Y10Og43oow==
0
bat.bing.com/action/ 		0
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=19001652&Ver=2&mid=3777bada-abe2-3be0-ee69-b7aa62d792a6&sid=eb8fb72b-872f-e5c0-a6bd-de0b9995a75e&vid=fe5d6e78-19da-ec4b-c7b2-af348a65733a-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pr%C3%B8v%20Flex5x%20gratis%20%7C%20Flex5x&kw=vitamail,%20flex,%20muskler,%20ledd,%20muskler%20og%20ledd,%20stive%20ledd,%20leddgikt,%20revmatisme,%20artrose,%20leddplager,%20muskelplager,%20muskelsmerter,%20leddsmerter,%20benskj%C3%B8rhet,%20kroniske%20betennelser,%20kroniske%20sykdommer,%20leddsykdommer,%20betennelser,%20gurkemeie,%20k2,%20vitamin%20k2,%20boswellia,%20boswellia%20serrata,%20sort%20pepper,%20piperin,%20gr%C3%B8nnleppet%20musling&p=https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5%26a%3D430473%26b%3D&r=&lt=2843&evt=pageLoad&msclkid=N&sv=1&rn=841591
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 19 Jun 2020 08:41:14 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 1E656D95C8D8416499262AEABD8EE121 Ref B: FRAEDGE1418 Ref C: 2020-06-19T08:41:14Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2481744745248682&ev=PageView&dl=https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5%26a%3D430473%26b%3D&rl=&if=false&ts=1592556075064&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592556075006.1499272680&it=1592556074884&coo=false&rqm=GET
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:15 GMT, Fri, 19 Jun 2020 08:41:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 19 Jun 2020 08:41:15 GMT
i
events.ub-analytics.com/ 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1592556075077&e=pv&url=https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5%26a%3D430473%26b%3D&page=Pr%C3%B8v%20Flex5x%20gratis%20%7C%20Flex5x&tv=js-2.9.0&tna=cf&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f2f01598-3521-4bab-999e-5f39c96c7d7d&dtm=1592556075075&vp=1600x1200&ds=1600x3212&vid=1&sid=3ab33ce0-617f-4db8-8f45-ddd343abc14b&duid=9e558536-1e0c-4ae5-af32-096bf7f56f4b&fp=1288168746&uid=165.231.142.361593132097941872&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZTBiNTA1M2MtYWExNy00YWFmLWEyZTUtYzRmN2UyZWQwZjAzIiwidmFyaWFudElkIjoiayIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.146.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-146-66.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:15 GMT
server
akka-http/10.0.9
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
image/gif
content-length
43
f7bf9659-9685-4dea-bb92-c8ae4d156713
https://kampanje.flex5x.no/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://kampanje.flex5x.no/f7bf9659-9685-4dea-bb92-c8ae4d156713
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d5a7707a30d42f6f88418d5fafd906fe4fad2f5ea7d70c2ea0c1fe648abaa8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Jun 2020 08:41:15 GMT
server
ESF
date
Fri, 19 Jun 2020 08:41:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jun 2020 08:41:15 GMT
47f21d93-kundeserviceprisen-alene-logo-250511_027026000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/47f21d93-kundeserviceprisen-alene-logo-250511_027026000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c928276dde657e8a3be15590b11541e651d7c11af06c049a5303ce4bd9010b94

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:21 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"1bd99904a5818f0420ba83ec90fff04b"
x-cache
Hit from cloudfront
x-amz-version-id
S38UuNdq_sZosdsWjSvl4af_AOeK8cs0
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
11669
x-amz-cf-id
AZpyaWlOO8JSXXJP1CDTrD41tJN6nx1Oob2I7ETbH9xNMaPkLFE7yQ==
267e5d3c-2017-vitamail-lys_05g014000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/267e5d3c-2017-vitamail-lys_05g014000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5717722ec734d0830ea9f5dba04494fbdca1b9fb26cdb011bb64f099eb61527b

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:21 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"ea62a9627af83c48c9bd7acef9b4a7c9"
x-cache
Hit from cloudfront
x-amz-version-id
sbCBSlC8uS0xGg0coqNsfSHNUg0Y_LrW
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
4398
x-amz-cf-id
mDgLkjNw1lDR0mLDQWsKEf_cWFIAuZWG4zPm_6i6BG64_z5Trp86UA==
9c01d74b-istock-160581636_04602s03k02300g00p01o.jpg
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/9c01d74b-istock-160581636_04602s03k02300g00p01o.jpg
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84a3ebf039ccbb2c7546ffa7f693658acb5af4344c9d7758119cd99935b5f281

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:21 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3475
etag
"d81fa83e04a8017be198e5a70c0c6471"
x-cache
Hit from cloudfront
x-amz-version-id
cLMGPBIdLwje2kcBQyLCmijOWK3m84sk
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1067
x-amz-cf-id
5qB4nKez1qa2v62Cyy_ICNV_K7ACHSC8GhmAAjdzWreUvR5-rKC5pw==
5fc2f818-istock-185296258_03302202p02200800001o.jpg
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/5fc2f818-istock-185296258_03302202p02200800001o.jpg
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28435dc694d3abcf3c92c21d516529f1d4036e717bc10549eef07259a5b2d97e

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:21 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"282ec004e4bfb793f2860954f1716a32"
x-cache
Hit from cloudfront
x-amz-version-id
prlq6tpXsmfji8RA6RguMOLuUYUAPzEV
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1109
x-amz-cf-id
n41sOKn150cqvQmm_NdOkjZipB92T_Js24thtw4srPgapgtNPbQrZg==
58625cfd-fisk_03402300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/58625cfd-fisk_03402300000000000001o.jpg
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac36e179848cf0e3cacbf3defb532db0b9b5a5d29f5fdfdb2fc3fcf369ec785d

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 06:45:08 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
6968
etag
"da48835d3e6fea1f863ffe4b791cd70c"
x-cache
Hit from cloudfront
x-amz-version-id
6nBx53ZIclqs6sXEKFJdu3lRaQkzJ6xj
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1294
x-amz-cf-id
uFpswRgD9MOytsxJQZHOsRoagbwYgOBBLL_xrf_lXBAWs16Ye-jr9g==
32d9f326-istock-174874581_03302200000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/32d9f326-istock-174874581_03302200000000000001o.jpg
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b2aab88b4f715bbc2e23066500da6e70abc3e59ca3f15530456bb8119f7f168

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:22 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"5e11a3545d7f7cbbc60c2655175a9f24"
x-cache
Hit from cloudfront
x-amz-version-id
GbLeyupvjJ.71UIDT5tz2Wp6YYwcgK5D
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1556
x-amz-cf-id
KZcV4u3AFW0UAtmMEUKKw8EOfB60_3mRLf3LoehGdmm3uvV4aODxbQ==
93985753-gratis-flex_04e04e000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/93985753-gratis-flex_04e04e000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e5da1fc1ec85e78560b46c7b47e3c489b1cbbfb5509be438237ab604393e568

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:22 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"b4784113ee3ec87d33ce380546a1cfb4"
x-cache
Hit from cloudfront
x-amz-version-id
Ta6pa3fnyJspfvfqKSEYFZ1.Vdk5MsJt
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
16412
x-amz-cf-id
FIN3LuTmEI1MNBv6hdG0T2nmRGkS5zNNGWJ1BapvDABejP-UXLnyCQ==
9a6c0cab-boks-rik_0ei090000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/9a6c0cab-boks-rik_0ei090000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
847e50389dfdca6543bffbb1a19cdfa23cfd1d8f2b434df18049284a90bb6076

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:22 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"f58fe0736804d1307b1955e3d371d761"
x-cache
Hit from cloudfront
x-amz-version-id
AUfUtFKLezxovj0wZW2ZBjlae7ZPBxok
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
82318
x-amz-cf-id
EyCnxW9EIBGVMBAvMLVO3nIyN9MLSmKya2-EbSLkmsIFRLTaqwxKhA==
9a6c0cab-boks-rik_0gj0aa000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/9a6c0cab-boks-rik_0gj0aa000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11493d1ae147c87b5f9520bee99dd2baf043183c91f8967fe42f3dbe89a5a2f7

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:22 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"d13d774e6457da00b2e434ab93e95691"
x-cache
Hit from cloudfront
x-amz-version-id
ZpSvGCaMD2ywin0IHz97U9ndKB5nTj9t
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
100910
x-amz-cf-id
A2o1NdDR9umK-7DVK9Ru20wZJdNtDq6DbHozjomL4MQAiz-q9YHXmw==
f218541b-flexing_01e01e000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/f218541b-flexing_01e01e000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ebecd013a1baab6c0c5e5ffcb5c0b4f0849fdd6424dafd15a6f909756b225ce

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:22 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"0e88ebf4aef54f79ddf3d122b8d287e1"
x-cache
Hit from cloudfront
x-amz-version-id
85XgNIoaExvHw4fpjJaUZ2cS56tWfoW8
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
2494
x-amz-cf-id
fVVvAaYFDgA0jqwFD2sfCQ4_aiYl88JT_xOjZOjtfhoI5V-eVfjRZQ==
8eb4132c-5x_01j01k000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/8eb4132c-5x_01j01k000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2227acab53038575027afaad79701cc3aa446cb257b0118ddbea9296576bbab

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 06:45:08 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
6968
etag
"caa84a061ddc088e689f6e5656c530a7"
x-cache
Hit from cloudfront
x-amz-version-id
9FItLQIcjkMGHy1WeBoP5u.fOgWafk9d
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
2209
x-amz-cf-id
vDtunFsyF4NIlVPx7Y2L_sAyTMO9v2amd7mwkFUSE9F6GNqO4Pb0ig==
e485e142-pill_01k010000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/e485e142-pill_01k010000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa40b16555ccbfde80d0c2aa57034c382e9186dbc482163f1efeac033d8d8f58

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:22 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"26371b8b4e190d13b30cad06e6efc49b"
x-cache
Hit from cloudfront
x-amz-version-id
cy9XYriGOigyCIiRPxmOSNYC_tBVp9Yi
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
1747
x-amz-cf-id
NuLruuibN5Oam4Hmp6t2xmK3HC4OpvODiEN7ZVmDvy0Ypiz_O9SDjg==
e01e241a-kontakt_01o01l000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/e01e241a-kontakt_01o01l000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
387211ccad7938985e8c18bc82e560269caccedc8222cb51ddcf390bf7f34e79

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 06:45:09 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
6967
etag
"89399cb6e53707fc6508640ad68e5a35"
x-cache
Hit from cloudfront
x-amz-version-id
_nKD9KCE2TjBinXmnhe6FJ2_CV1vT4H6
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
1178
x-amz-cf-id
Lcsunfm3DFvJpXMOq1iu_WHjafUpVy2Sp2fjnaCdM-in4Fx5T1UhuA==
011d0050-sirkel_013012000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		368 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/011d0050-sirkel_013012000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e0d96a0c01d0823b84c25c2eb41277b158f8d7a8bd3b31dddff1b0007d00ff5

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 06:45:08 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
6968
etag
"f743108315e67f684de0c615730e2e8c"
x-cache
Hit from cloudfront
x-amz-version-id
cW_VJZSXqCM78y6YgZBlZImIfLSZgrZM
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
368
x-amz-cf-id
NIhH7QIh34lCzwG_y7HWNtzOAqZcvldHL7uDvzNHslUcmyBDsN6-6Q==
06c66cd4-linje-tan_0da01l000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		477 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/06c66cd4-linje-tan_0da01l000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab2196a338e61bc2f6fff339c84d1ed899779e589b0c998b6eb3e3eea3e74e1c

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 07:43:22 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
3474
etag
"00e3a0061225c701b4160451ff0c568d"
x-cache
Hit from cloudfront
x-amz-version-id
pNJ7k1xfMyacDE9e.jHyAUFzPbqGm_C1
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
477
x-amz-cf-id
T1HF2FpuZPSvjGlInQWi0no_h1x49mxS6B-DczHDStUo9T14MS-uQw==
13be437d-strek2_0e701n000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/13be437d-strek2_0e701n000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b669b5db0edb00cbd3298181125e79b2d0fe7cbb2874b2033fd42f3ff99eee9

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 06:45:08 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
6968
etag
"4bc762c6e048a298d57e56f5d50e09b6"
x-cache
Hit from cloudfront
x-amz-version-id
kHQ9heETvWbg.Hq5kAtXlx6xllzSLMf8
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
1235
x-amz-cf-id
HqsQiUOmYw-QLR7QfC2Z5tSuersGU3_1x85CT5j30nJFJa-J1BNTWA==
91e66b6d-vertikal-strek_00501m000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/ 		162 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.flex5x.no/91e66b6d-vertikal-strek_00501m000000000000001.png
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-176.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6b37741a953cbd590ccaa61357bf51f2dc237a5b88aaf7f24b6d119882aad8a

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 06:45:08 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 14:53:12 GMT
server
AmazonS3
age
6968
etag
"9f43ce647d1d2650f29f3cd71915c5e5"
x-cache
Hit from cloudfront
x-amz-version-id
CajEoBfKrif4qSn5NQSIrflVVxYK6I2i
status
200
cache-control
max-age=31557600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
162
x-amz-cf-id
grOw20TdT9HNLwb47-Ys-XHwdnX51caKKolbTTmOKlCIXeZ33aGVdQ==
i
tr.snapchat.com/cm/ Frame CA3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=01501061-dac3-4280-9a5c-a12d0db1a940
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=01501061-dac3-4280-9a5c-a12d0db1a940
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=

Response headers

status
200
server
nginx/1.17.3
date
Fri, 19 Jun 2020 08:41:15 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Fri, 12 Jun 2020 22:52:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:04 GMT
server
sffe
age
553752
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7968
x-xss-protection
0
expires
Sat, 12 Jun 2021 22:52:03 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Fri, 12 Jun 2020 16:51:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
575383
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Sat, 12 Jun 2021 16:51:32 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
675471
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 11 Jun 2021 13:03:24 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Thu, 11 Jun 2020 20:40:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:29 GMT
server
sffe
age
648043
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7924
x-xss-protection
0
expires
Fri, 11 Jun 2021 20:40:32 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Thu, 11 Jun 2020 12:45:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
age
676548
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13912
x-xss-protection
0
expires
Fri, 11 Jun 2021 12:45:27 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Fri, 12 Jun 2020 16:53:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
575292
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 12 Jun 2021 16:53:03 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
561579
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 12 Jun 2021 20:41:36 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,regular,700,600%7CPoppins:regular,700%7CLato:300,regular%7CRoboto:regular
Origin
https://kampanje.flex5x.no

Response headers

date
Thu, 11 Jun 2020 16:31:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
662977
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Fri, 11 Jun 2021 16:31:38 GMT
js-sha256-v1.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Origin
https://kampanje.flex5x.no

Response headers

date
Thu, 18 Jun 2020 09:19:24 GMT
content-encoding
gzip
age
84112
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3a228n70cpQn711IUGpKHZAf0dOEOOcuqQkZNEtIZg0eojMf_7SkWw==
p
tr.snapchat.com/ Frame 6901 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
417
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://kampanje.flex5x.no
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://kampanje.flex5x.no
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=

Response headers

status
200
server
nginx/1.17.3
date
Fri, 19 Jun 2020 08:41:15 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AMAQEwIkkKp43jmi3MHzvhrezM4XvuHjRpBCUZ5wOu+OduwdlQGhi9QO9xjLlMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2481744745248682&ev=Microdata&dl=https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5%26a%3D430473%26b%3D&rl=&if=false&ts=1592556075567&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pr%C3%B8v%20Flex5x%20gratis%20%7C%20Flex5x%22%2C%22meta%3Akeywords%22%3A%22vitamail%2C%20flex%2C%20muskler%2C%20ledd%2C%20muskler%20og%20ledd%2C%20stive%20ledd%2C%20leddgikt%2C%20revmatisme%2C%20artrose%2C%20leddplager%2C%20muskelplager%2C%20muskelsmerter%2C%20leddsmerter%2C%20benskj%C3%B8rhet%2C%20kroniske%20betennelser%2C%20kroniske%20sykdommer%2C%20leddsykdommer%2C%20betennelser%2C%20gurkemeie%2C%20k2%2C%20vitamin%20k2%2C%20boswellia%2C%20boswellia%20serrata%2C%20sort%20pepper%2C%20piperin%2C%20gr%C3%B8nnleppet%20musling%22%2C%22meta%3Adescription%22%3A%22Flex5x%20gir%20musklene%20og%20leddene%20dine%20n%C3%A6ringen%20de%20trenger%20for%20%C3%A5%20holde%20seg%20myke%20og%20friske.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Pr%C3%B8v%20Flex5x%20gratis%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22Flex5x%20gir%20musklene%20og%20leddene%20dine%20n%C3%A6ringen%20de%20trenger%20for%20%C3%A5%20holde%20seg%20myke%20og%20friske.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi.imgur.com%2Ffd3THPq.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1592556075006.1499272680&it=1592556074884&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: kampanje.flex5x.no
URL: https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kampanje.flex5x.no/?utm_source=orion&utm_medium=422872&clickid=06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5&a=430473&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 08:41:15 GMT, Fri, 19 Jun 2020 08:41:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 19 Jun 2020 08:41:15 GMT
getUid;c
tb.de17a.com/api/ Frame 88CB
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
61 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.10.1 /
Resource Hash
04ae75098719a84b9e55d649064fb4df59ebea9dd0e68ad24dc3fdcb26cfcfe7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 19 Jun 2020 08:41:16 GMT
server
nginx/1.10.1
content-type
application/json
content-length
61
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

Redirect headers

status
307
date
Fri, 19 Jun 2020 08:41:16 GMT
server
nginx/1.10.1
content-length
0
location
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
pageView
tb.de17a.com/api/ Frame 72E7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fkampanje.flex5x.no%2F%3Futm_source%3Dorion%26utm_medium%3D422872%26clickid%3D06_50572731_bd458bcf-364a-434e-b45a-708aca9658e5%26a%3D430473%26b%3D%22%2C%22title%22%3A%22Pr%C3%B8v%20Flex5x%20gratis%20%7C%20Flex5x%22%2C%22trackingAccountId%22%3A%2217065%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.10.1 /
Resource Hash
52e1d4d1ba94ed3b4d94e0ed497071eb13d440412e39e2e9dfc8ab0b1b8d97c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 19 Jun 2020 08:41:16 GMT
server
nginx/1.10.1
content-type
application/json
content-length
2355
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
tap.php
pixel.rubiconproject.com/ Frame 95FC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=1268154279446269952&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
google
d5p.de17a.com/cookies/ Frame 95FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc=
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI3BrZM1ZSoUQjSUhp5Sd1I&google_cver=1&google_ula=668382,0
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEI3BrZM1ZSoUQjSUhp5Sd1I&google_cver=1&google_ula=668382,0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.165 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-165.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Jun 2020 08:41:16 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d5p.de17a.com/cookies/google?google_gid=CAESEI3BrZM1ZSoUQjSUhp5Sd1I&google_cver=1&google_ula=668382,0
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
appnexus
d5p.de17a.com/setuid/ Frame 95FC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=1143518422084865468
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/setuid/appnexus?anxs_uid=1143518422084865468
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.165 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-165.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jun 2020 08:41:18 GMT
X-Proxy-Origin
165.231.142.36; 165.231.142.36; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid
3a83c46f-9c57-41b2-a944-089a070d5acd
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://d5p.de17a.com/setuid/appnexus?anxs_uid=1143518422084865468
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 95FC 		42 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=1268154279446269952
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 19 Jun 2020 08:41:16 GMT
X-lat
Pug22054:0:504
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42
match
ad.360yield.com/ul_cb/ Frame 95FC
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=1268154279446269952&expiration=1595148076
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=1268154279446269952&expiration=1595148076
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=1268154279446269952&expiration=1595148076
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.112.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-112-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 19 Jun 2020 08:41:16 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Fri, 19 Jun 2020 08:41:16 GMT
content-type
text/plain
content-length
0
location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=1268154279446269952&expiration=1595148076
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
partner
sync.search.spotxchange.com/ Frame 95FC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=1268154279446269952&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=1268154279446269952&img=1&__user_check__=1&sync_id=a3f05790-b208-11ea-a426-1974e5cf0806
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=1268154279446269952&img=1&__user_check__=1&sync_id=a3f05790-b208-11ea-a426-1974e5cf0806
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 08:41:16 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
100
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 19 Jun 2020 08:41:16 GMT
Server
nginx
Location
/partner?adv_id=7326&uid=1268154279446269952&img=1&__user_check__=1&sync_id=a3f05790-b208-11ea-a426-1974e5cf0806
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55955/ Frame 95FC
Redirect Chain
  • https://pixel.advertising.com/ups/55955/sync?uid=1268154279446269952&_origin=1
  • https://pixel.advertising.com/ups/55955/sync?uid=1268154279446269952&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55955/sync?uid=1268154279446269952&_origin=1&apid=UPa3e6dda5-b208-11ea-bd3b-06ed23be50da
  • https://ups.analytics.yahoo.com/ups/55955/sync?uid=1268154279446269952&_origin=1&apid=UPa3e6dda5-b208-11ea-bd3b-06ed23be50da&verify=true
0
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55955/sync?uid=1268154279446269952&_origin=1&apid=UPa3e6dda5-b208-11ea-bd3b-06ed23be50da&verify=true
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.113 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 08:41:17 GMT
Server
ATS/7.1.2.113
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Fri, 19 Jun 2020 08:41:16 GMT
Server
ATS/7.1.2.113
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55955/sync?uid=1268154279446269952&_origin=1&apid=UPa3e6dda5-b208-11ea-bd3b-06ed23be50da&verify=true
Connection
keep-alive
Content-Length
0
cs.gif
sync.userreport.com/ Frame 95FC 		43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.userreport.com/cs.gif?s=d3prj11&fk=1268154279446269952
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:c00:3:e7f4:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Thu, 25 Oct 2012 12:28:09 GMT
Date
Thu, 18 Jun 2020 23:18:35 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Jan 2014 09:18:47 GMT
Server
AmazonS3
Age
33762
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
Hit from cloudfront
x-amz-version-id
null
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
X-Amz-Cf-Id
uPuidREYEp6UVouB4dRDruODVHtBVugnuF2p8l18NGM_mBa-JgzkYw==
match
dmp.adform.net/serving/cookie/ Frame 95FC
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=1268154279446269952
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=1268154279446269952
35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=1268154279446269952
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jun 2020 08:41:16 GMT
server
nginx
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 19 Jun 2020 08:41:16 GMT
server
nginx
status
302
location
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=1268154279446269952
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
expires
-1
1268154279446269952
sync.1rx.io/usersync/delta/ Frame 95FC
Redirect Chain
  • https://usermatch.targeting.unrulymedia.com/usermatch/delta/1268154279446269952
  • https://sync.1rx.io/usersync/delta/1268154279446269952
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/delta/1268154279446269952
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jun 2020 08:41:17 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
nginx
Connection
keep-alive
Expires
0

Redirect headers

date
Fri, 19 Jun 2020 08:41:16 GMT
status
302
server
nginx
location
https://sync.1rx.io/usersync/delta/1268154279446269952
allow
GET
p3p
CP="CUR IVDo OUR IND"
access-control-allow-origin
*
cache-control
no-store, no-transform
access-control-allow-credentials
true
content-type
text/html
content-length
0
rum
dsum.casalemedia.com/ Frame 95FC
Redirect Chain
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=1268154279446269952&expiration=1595148076
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=1268154279446269952&expiration=1595148076&C=1
43 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=1268154279446269952&expiration=1595148076&C=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jun 2020 08:41:17 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Jun 2020 08:41:17 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jun 2020 08:41:17 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=1268154279446269952&expiration=1595148076&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Fri, 19 Jun 2020 08:41:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
netdna.bootstrapcdn.com
URL
http://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Domain
netdna.bootstrapcdn.com
URL
http://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.ttf?v=4.0.3

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| lp object| ub object| module object| dataLayer function| ssc_init function| ssc_scrollArray function| ssc_wheel function| ssc_keydown function| ssc_mousedown function| ssc_setCache function| ssc_overflowingAncestor function| ssc_addEvent function| ssc_removeEvent function| ssc_isNodeName function| ssc_directionCheck function| ssc_pulse_ function| ssc_pulse number| ssc_framerate number| ssc_animtime number| ssc_stepsize boolean| ssc_pulseAlgorithm number| ssc_pulseScale number| ssc_pulseNormalize boolean| ssc_keyboardsupport number| ssc_arrowscroll boolean| ssc_frame object| ssc_direction boolean| ssc_initdone boolean| ssc_fixedback object| ssc_root object| ssc_activeElement object| ssc_key object| ssc_que boolean| ssc_pending object| ssc_cache function| ssc_uniqueID boolean| ischrome object| google_tag_manager object| google_tag_data object| uetq string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| snaptr object| r object| _d7 object| gaplugins object| gaGlobal object| gaData object| GlobalSnowplowNamespace function| snowplow function| UET object| Snowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| La object| scpixel boolean| K

16 Cookies

Domain/Path Name / Value
kunde.vitamail.no/ Name: ASP.NET_SessionId
Value: ui5ecv0mkmw1i2hm404isopa
kampanje.flex5x.no/ Name: _sp_id.4c46
Value: 9e558536-1e0c-4ae5-af32-096bf7f56f4b.1592556075.1.1592556075.1592556075.3ab33ce0-617f-4db8-8f45-ddd343abc14b
kampanje.flex5x.no/ Name: _sp_ses.4c46
Value: *
.flex5x.no/ Name: _scid
Value: 1aa188ab-311d-4999-b984-055d7b1e3d03
.flex5x.no/ Name: _fbp
Value: fb.1.1592556075006.1499272680
.flex5x.no/ Name: _gat_UA-137506799-6
Value: 1
.flex5x.no/ Name: _gid
Value: GA1.2.261287408.1592556075
.flex5x.no/ Name: _ga
Value: GA1.2.1898247820.1592556075
.flex5x.no/ Name: ubvt
Value: 165.231.142.361593132097941872
.flex5x.no/ Name: _uetsid
Value: eb8fb72b-872f-e5c0-a6bd-de0b9995a75e
.flex5x.no/ Name: _gcl_au
Value: 1.1.1323552872.1592556075
kampanje.flex5x.no/ Name: ubrs
Value: weighted
kampanje.flex5x.no/ Name: ubvs
Value: 165.231.142.361593132097941872
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AMAQEwIkkKp43jmi3MHzvhrezM4XvuHjRpBCUZ5wOu+OduwdlQGhi9QO9xjLlMgAAAA==
.flex5x.no/ Name: _uetvid
Value: fe5d6e78-19da-ec4b-c7b2-af348a65733a
kampanje.flex5x.no/ Name: ubpv
Value: k%2Ce0b5053c-aa17-4aaf-a2e5-c4f7e2ed0f03

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ajax.googleapis.com
assets.ub-analytics.com
assets.unbounce.com
bat.bing.com
builder-assets.unbounce.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
d9hhrg4mnvzow.cloudfront.net
dmp.adform.net
dsum.casalemedia.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
healthcarehighlights.com
ib.adnxs.com
image2.pubmatic.com
kampanje.flex5x.no
kunde.vitamail.no
netdna.bootstrapcdn.com
newsletter.sams3d.com
orcheckmed.com
pixel.advertising.com
pixel.rubiconproject.com
sc-static.net
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.userreport.com
tb.de17a.com
tr.snapchat.com
ups.analytics.yahoo.com
usermatch.targeting.unrulymedia.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
netdna.bootstrapcdn.com
13.225.87.104
13.225.87.29
13.226.154.87
13.226.154.89
13.226.156.176
172.217.16.130
18.195.112.7
185.33.220.243
185.64.189.110
185.94.180.126
213.155.156.165
213.155.156.188
213.19.147.150
23.210.249.164
2600:9000:2156:c00:3:e7f4:6f40:93a1
2606:4700:3030::ac43:9d7d
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:815::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
35.158.60.52
35.186.226.184
37.157.4.41
40.112.135.80
52.204.146.66
52.233.196.115
54.93.101.66
69.173.144.138
99.81.58.150
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
04ae75098719a84b9e55d649064fb4df59ebea9dd0e68ad24dc3fdcb26cfcfe7
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11493d1ae147c87b5f9520bee99dd2baf043183c91f8967fe42f3dbe89a5a2f7
28435dc694d3abcf3c92c21d516529f1d4036e717bc10549eef07259a5b2d97e
387211ccad7938985e8c18bc82e560269caccedc8222cb51ddcf390bf7f34e79
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
52e1d4d1ba94ed3b4d94e0ed497071eb13d440412e39e2e9dfc8ab0b1b8d97c1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5717722ec734d0830ea9f5dba04494fbdca1b9fb26cdb011bb64f099eb61527b
5b2aab88b4f715bbc2e23066500da6e70abc3e59ca3f15530456bb8119f7f168
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e0d96a0c01d0823b84c25c2eb41277b158f8d7a8bd3b31dddff1b0007d00ff5
5ebecd013a1baab6c0c5e5ffcb5c0b4f0849fdd6424dafd15a6f909756b225ce
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eb363a0b13a7240dd53dc523c3f7c1266e809faa19e42573dc72a4ff89af84f
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e5da1fc1ec85e78560b46c7b47e3c489b1cbbfb5509be438237ab604393e568
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847e50389dfdca6543bffbb1a19cdfa23cfd1d8f2b434df18049284a90bb6076
84a3ebf039ccbb2c7546ffa7f693658acb5af4344c9d7758119cd99935b5f281
8b669b5db0edb00cbd3298181125e79b2d0fe7cbb2874b2033fd42f3ff99eee9
8d5a7707a30d42f6f88418d5fafd906fe4fad2f5ea7d70c2ea0c1fe648abaa8c
9ad6f8b62373f2126461025930200d4a285b3e7bf94467dd91bc77bad0970ff2
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a45f94c35731af921fc7c5ae7897f0a352ea42ead7f265118b179f552486f7e2
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6330fb650d006871ce249586428ec0cd0c485045f725aef0b1a70fc8c8279ef
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
ab2196a338e61bc2f6fff339c84d1ed899779e589b0c998b6eb3e3eea3e74e1c
ac36e179848cf0e3cacbf3defb532db0b9b5a5d29f5fdfdb2fc3fcf369ec785d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9
b2227acab53038575027afaad79701cc3aa446cb257b0118ddbea9296576bbab
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
c928276dde657e8a3be15590b11541e651d7c11af06c049a5303ce4bd9010b94
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6b37741a953cbd590ccaa61357bf51f2dc237a5b88aaf7f24b6d119882aad8a
d96ddcaf34c2e2a77a6c71c68f62f9aa69f570d9af4ec216b3f16dd91d80c949
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa40b16555ccbfde80d0c2aa57034c382e9186dbc482163f1efeac033d8d8f58
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955