urlscan.io logo urlscan.io
SecurityTrails logo

kampanje.dmax.no Open in urlscan Pro
54.93.101.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cdpembedded.com/link/4be499e1d6b551354c293fee6e3ec54d/dd0599a7f3b2baf00f78c2c9f1c4a6bf
Effective URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229...
Submission: On April 23 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 9 countries across 34 domains to perform 64 HTTP transactions. The main IP is 54.93.101.66, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is kampanje.dmax.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 2nd 2020. Valid for: 3 months.
This is the only time kampanje.dmax.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.15.253.167 12876 (Online SAS)
1 1 40.112.135.80 8075 (MICROSOFT...)
1 54.93.101.66 16509 (AMAZON-02)
2 13.224.194.36 16509 (AMAZON-02)
2 13.225.73.128 16509 (AMAZON-02)
13 13.225.78.205 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 13.225.73.37 16509 (AMAZON-02)
1 66.155.71.150 13768 (COGECO-PEER1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.233.196.115 8075 (MICROSOFT...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 185.33.221.53 29990 (ASN-APPNEX)
1 4 213.155.156.188 1299 (TELIANET ...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.5.133.184 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 23.213.164.234 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
5 35.186.226.184 15169 (GOOGLE)
1 69.173.144.136 26667 (RUBICONPR...)
2 2 216.58.206.2 15169 (GOOGLE)
2 213.155.156.168 1299 (TELIANET ...)
2 2 37.252.172.250 29990 (ASN-APPNEX)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 52.58.57.174 16509 (AMAZON-02)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 52.58.138.174 16509 (AMAZON-02)
1 2 54.194.225.191 16509 (AMAZON-02)
1 2 52.59.81.212 16509 (AMAZON-02)
1 2 37.157.4.29 198622 (ADFORM)
1 34.248.246.198 16509 (AMAZON-02)
1 2 23.213.15.82 16625 (AKAMAI-AS)
64 33
1    51.15.253.167 (France)

ASN12876 (Online SAS, FR)
PTR: cdpembedded.com
cdpembedded.com
1    40.112.135.80 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bemediaor.com
1    54.93.101.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
kampanje.dmax.no
2    13.224.194.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-36.fra2.r.cloudfront.net
builder-assets.unbounce.com
2    13.225.73.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-128.fra2.r.cloudfront.net
assets.ub-analytics.com
13    13.225.78.205 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-205.fra2.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.225.73.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-37.fra2.r.cloudfront.net
sc-static.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
2    2606:4700::6812:fb0 (United States)

ASN13335 (CLOUDFLARENET, US)
s.pinimg.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.233.196.115 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
kunde.vitamail.no
2    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    185.33.221.53 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
4    213.155.156.188 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, EU)
PTR: 213-155-156-188.teliacarrier-cust.com
tb.de17a.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:81a::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.5.133.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-133-184.compute-1.amazonaws.com
events.ub-analytics.com
5    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    23.213.164.234 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-234.deploy.static.akamaitechnologies.com
ct.pinterest.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net
cm.g.doubleclick.net
2    213.155.156.168 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, EU)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
2    37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    52.58.57.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
sync.search.spotxchange.com
1    52.58.138.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-174.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    54.194.225.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-225-191.eu-west-1.compute.amazonaws.com
sync.sxp.smartclip.net
2    52.59.81.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-81-212.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    34.248.246.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-246-198.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com
2    23.213.15.82 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-15-82.deploy.static.akamaitechnologies.com
dsum.casalemedia.com
Apex Domain
Subdomains		 Transfer
13 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
208 KB
6 de17a.com
tb.de17a.com
d5p.de17a.com
10 KB
6 adnxs.com
secure.adnxs.com
ib.adnxs.com
5 KB
5 snapchat.com
tr.snapchat.com
5 gstatic.com
fonts.gstatic.com
63 KB
3 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
1 KB
3 ub-analytics.com
assets.ub-analytics.com
events.ub-analytics.com
31 KB
2 casalemedia.com
dsum.casalemedia.com
2 KB
2 adform.net
dmp.adform.net
575 B
2 bidswitch.net
x.bidswitch.net
896 B
2 smartclip.net
sync.sxp.smartclip.net
1 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 360yield.com
ad.360yield.com
829 B
2 facebook.com
www.facebook.com
600 B
2 pinterest.com
ct.pinterest.com
636 B
2 bing.com
bat.bing.com
8 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 pinimg.com
s.pinimg.com
16 KB
2 facebook.net
connect.facebook.net
189 KB
2 unbounce.com
builder-assets.unbounce.com
37 KB
1 unrulymedia.com
usermatch.targeting.unrulymedia.com
290 B
1 advertising.com
pixel.advertising.com
124 B
1 pubmatic.com
image2.pubmatic.com
584 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 googleapis.com
fonts.googleapis.com
862 B
1 google.de
www.google.de
109 B
1 google.com
www.google.com
203 B
1 vitamail.no
kunde.vitamail.no
1 googletagmanager.com
www.googletagmanager.com
34 KB
1 sitescout.com
pixel.sitescout.com
248 B
1 sc-static.net
sc-static.net
6 KB
1 dmax.no
kampanje.dmax.no
10 KB
1 bemediaor.com
bemediaor.com
615 B
1 cdpembedded.com
cdpembedded.com
1 KB
64 34
Domain Requested by
13 d9hhrg4mnvzow.cloudfront.net kampanje.dmax.no
5 tr.snapchat.com sc-static.net
5 fonts.gstatic.com kampanje.dmax.no
4 tb.de17a.com 1 redirects kampanje.dmax.no
tb.de17a.com
4 secure.adnxs.com 2 redirects kampanje.dmax.no
2 dsum.casalemedia.com 1 redirects blank
2 dmp.adform.net 1 redirects blank
2 x.bidswitch.net 1 redirects blank
2 sync.sxp.smartclip.net 1 redirects blank
2 sync.search.spotxchange.com 1 redirects blank
2 ad.360yield.com 1 redirects blank
2 ib.adnxs.com 2 redirects
2 d5p.de17a.com blank
2 cm.g.doubleclick.net 2 redirects
2 www.facebook.com kampanje.dmax.no
2 ct.pinterest.com s.pinimg.com
kampanje.dmax.no
2 bat.bing.com www.googletagmanager.com
kampanje.dmax.no
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 s.pinimg.com kampanje.dmax.no
s.pinimg.com
2 connect.facebook.net kampanje.dmax.no
connect.facebook.net
2 assets.ub-analytics.com kampanje.dmax.no
assets.ub-analytics.com
2 builder-assets.unbounce.com kampanje.dmax.no
1 usermatch.targeting.unrulymedia.com blank
1 pixel.advertising.com blank
1 image2.pubmatic.com blank
1 pixel.rubiconproject.com blank
1 events.ub-analytics.com kampanje.dmax.no
1 fonts.googleapis.com builder-assets.unbounce.com
1 www.google.de kampanje.dmax.no
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 kunde.vitamail.no kampanje.dmax.no
1 www.googletagmanager.com kampanje.dmax.no
1 pixel.sitescout.com kampanje.dmax.no
1 sc-static.net kampanje.dmax.no
1 kampanje.dmax.no
1 bemediaor.com 1 redirects
1 cdpembedded.com 1 redirects
64 38

This site contains no links.

Subject Issuer Validity Valid
kampanje.dmax.no
Let's Encrypt Authority X3		 2020-03-02 -
2020-05-31		 3 months crt.sh
*.unbounce.com
Amazon		 2020-04-08 -
2021-05-08		 a year crt.sh
*.ub-analytics.com
Amazon		 2019-07-06 -
2020-08-06		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.pinimg.com
DigiCert SHA2 High Assurance Server CA		 2019-05-29 -
2020-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
faktura.vitamail.no
Go Daddy Secure Certificate Authority - G2		 2020-02-12 -
2020-11-14		 9 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2019-12-03 -
2020-12-02		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2019-06-05 -
2020-07-22		 a year crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.smartclip.net
Amazon		 2020-02-29 -
2021-03-29		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.targeting.unrulymedia.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh

This page contains 10 frames:

Primary Page: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Frame ID: 39BBA99EEED257DF037592A06F3229CE
Requests: 44 HTTP requests in this frame

Frame: https://kunde.vitamail.no/reviewlister.aspx?product=155&ArrowColor=2866F5
Frame ID: 85072B8BF7FB0CF56ABCBE9138007039
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5828c62d-d179-4407-92f3-e65d4c36cb53
Frame ID: 12A2DE8E1D81BB7CD1353AB023E1C4A8
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: AB18FC730DF2D984CD288D60695FA7EA
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: AF78B60CF4B78BF14FD1224C0D2BDCBC
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: C187B35322CCE98D3CCC1D98D8D5C3F1
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 3624DD5A2C476ADBD5F676967D744891
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: DD403192DF8B1962D17203ABAD20AE0D
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D%22%2C%22title%22%3A%22dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!%22%2C%22trackingAccountId%22%3A%2217068%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 10FFF639182AF6E297599A256686BD72
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=8204279044797129786&expires=30
Frame ID: AF1141F6971D53DCF7637F14A3F04350
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cdpembedded.com/link/4be499e1d6b551354c293fee6e3ec54d/dd0599a7f3b2baf00f78c2c9f1c4a6bf HTTP 302
    https://bemediaor.com/click.track?CID=430471&AFID=426569&ADID=2421244&SID= HTTP 302
    https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21... Page URL

Page Statistics

64
Requests

98 %
HTTPS

29 %
IPv6

34
Domains

38
Subdomains

33
IPs

9
Countries

638 kB
Transfer

1512 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cdpembedded.com/link/4be499e1d6b551354c293fee6e3ec54d/dd0599a7f3b2baf00f78c2c9f1c4a6bf HTTP 302
    https://bemediaor.com/click.track?CID=430471&AFID=426569&ADID=2421244&SID= HTTP 302
    https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://secure.adnxs.com/px?id=1206315&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1206315%26t%3D1
Request Chain 16
  • https://secure.adnxs.com/seg?add=21177532&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21177532%26t%3D1
Request Chain 18
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=915054228&t=pageview&_s=1&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D&ul=en-us&de=UTF-8&dt=dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1565948390&gjid=638760347&cid=1818340435.1587667557&tid=UA-111350678-1&_gid=280418333.1587667557&_r=1&gtm=2wg4f0PLPDLHC&z=1057333718 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_gid=280418333.1587667557&gjid=638760347&_v=j81&z=1057333718 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_v=j81&z=1057333718 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_v=j81&z=1057333718&slf_rd=1&random=1026240145
Request Chain 49
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Request Chain 52
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc= HTTP 302
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHxmaz6VgW8lL7_uc0fpiLM&google_cver=1&google_ula=668382,0
Request Chain 53
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=5364305383649275274
Request Chain 55
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=8204279044797129786&expiration=1590259557 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=8204279044797129786&expiration=1590259557
Request Chain 56
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=8204279044797129786&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=8204279044797129786&img=1&__user_check__=1&sync_id=abc95679-8592-11ea-987e-11e121d61f06
Request Chain 58
  • https://sync.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=8204279044797129786 HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=8204279044797129786&ang_testid=1
Request Chain 59
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=8204279044797129786&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=8204279044797129786&expires=30
Request Chain 60
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=8204279044797129786 HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=8204279044797129786
Request Chain 62
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=8204279044797129786&expiration=1590259557 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=8204279044797129786&expiration=1590259557&C=1

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kampanje.dmax.no/gratis/
Redirect Chain
  • http://cdpembedded.com/link/4be499e1d6b551354c293fee6e3ec54d/dd0599a7f3b2baf00f78c2c9f1c4a6bf
  • https://bemediaor.com/click.track?CID=430471&AFID=426569&ADID=2421244&SID=
  • https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
62 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.93.101.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3bda8f645e3c969e7fe2429a6db31214d283c953b8ebee9fc3606f96546a070e

Request headers

Host
kampanje.dmax.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:56 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
fb409f7b-6bfa-4c9a-a0fd-b04dd15b0aa2
etag
bea8df5b0a2b2bb6a8f2210426a37279
content-location
https://kampanje.dmax.no/gratis/
x-unbounce-visitorid
194.99.105.991588436365732731
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
x-unbounce-variant
r
link
<https://kampanje.dmax.no/gratis/>; rel="canonical"
set-cookie
ubpv=r%2Cfb409f7b-6bfa-4c9a-a0fd-b04dd15b0aa2; Max-Age=15897600; Expires=Sat, 24 Oct 2020 18:45:56 GMT; Path=/gratis/ ubrs=weighted; Path=/gratis/ ubvs=194.99.105.991588436365732731; Max-Age=15552000; Expires=Tue, 20 Oct 2020 18:45:56 GMT; Path=/ ubvt=194.99.105.991588436365732731; Max-Age=259200; Expires=Sun, 26 Apr 2020 18:45:56 GMT; Path=/; Domain=dmax.no
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

Server
nginx
Date
Thu, 23 Apr 2020 18:45:55 GMT
Content-Type
text/html; charset=utf-8
Content-Length
269
Connection
keep-alive
Cache-Control
private
Location
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
P3P
policyref="/p3p/P3P.bemediaor.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
X-AspNet-Version
4.0.30319
Set-Cookie
LTTC6_430471=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164; expires=Sat, 23-May-2020 18:45:55 GMT; path=/; SameSite=None; secure
X-Powered-By
ASP.NET
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-36.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 23:39:45 GMT
content-encoding
gzip
age
4302372
x-cache
Hit from cloudfront
status
200
content-length
2902
last-modified
Wed, 04 Mar 2020 22:45:14 GMT
server
AmazonS3
etag
"c840c3d549f745d3142417845de68270"
x-amz-version-id
gJqOFtzKpY5_MpSOYwBhAXEJLqR0Gl7t
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
-1aCsbypWUp_dAjefw5RI5LIa7jX9b7_JbwxN45SxPtWAWtue-ah9Q==
ub.js
assets.ub-analytics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/ub.js
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7505e46ab2e49e3e2fc13ffba0ec2d5df74ffa30315350d30dc426d9d90bac9f

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
OanTGPSOWpRrxISsaZOfHknukxTm64Z9
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
last-modified
Fri, 03 Apr 2020 19:55:10 GMT
server
AmazonS3
age
256
etag
"cedecf75128cbb8706375b87142d37ca"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=300
date
Thu, 23 Apr 2020 18:41:41 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
4553
x-amz-cf-id
uthJdtlUV5bH5oxS5reAFMclxig2fEMFgomGWGxQjQ-emUo58GMIJg==
transparent.gif
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		42 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/transparent.gif
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"d89746888da2d9510b64a9f031eaecd5"
x-cache
Miss from cloudfront
x-amz-version-id
i_9WiVd3K0vgiZM9OxBZlNmz8IOh4uJC
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/gif
content-length
42
x-amz-cf-id
h_5_BJVA_K4qx8CouWl1UDQeTayRgG1UTY1ex7ETa9RsYUtpX5d09Q==
main.bundle-81f56cf.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-36.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81f56cff112636ed46cb7837be66b7a9906dad73841a8f0f733e929ad5a16bf8

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 23:29:12 GMT
content-encoding
gzip
age
4303005
x-cache
Hit from cloudfront
status
200
content-length
33644
last-modified
Wed, 04 Mar 2020 22:45:08 GMT
server
AmazonS3
etag
"9356a4b0d011c5a2bd739b87d31b814e"
x-amz-version-id
w6Q3AhO1ySRAZ6Dp5abtKcYbFfJpb9jE
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-vx6wXzEvHCdtfMOVPXhAafM6DMA89sNDtt3pveu-o61sgNe802KDw==
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f220735682253606c6f4b885706516109a48fbd522f9928c717ae7864f0ae8e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
53887
x-xss-protection
0
pragma
public
x-fb-debug
4GNh0TVxKt7GPrymURhEZtDrpqP/IQK4ysJx+AxBnl+wqVQq0KoJSxam2kUPQMugO/JyjhgJlJZ55yHBBKHBEA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Thu, 23 Apr 2020 18:45:56 GMT, Thu, 23 Apr 2020 18:45:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-37.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 01:17:49 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 22:48:01 GMT
server
AmazonS3
age
62889
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oBEn1xreG1EapJvtU921SnlsTc-dSxMkNLvPq-2tIUJaFQUIugSvJQ==
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
10820510f51bad83
pixel.sitescout.com/iap/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/10820510f51bad83
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:56 GMT
Cache-Control
max-age=0,no-cache,no-store
Server
AC1.1
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Expires
Tue, 11 Oct 1977 12:34:56 GMT
core.js
s.pinimg.com/ct/ 		1 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:56 GMT
content-encoding
br
x-cdn
cloudflare
status
200
etag
W/"fdf03ac619d384023432225dbd221b25"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-cdn
cache-control
max-age=1209600
cf-ray
5889be952943dfbf-FRA
cf-request-id
0249f571350000dfbf738dd200000001
server
cloudflare
gtm.js
www.googletagmanager.com/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPDLHC
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2c99b5d98be6451adafc1d393883157b99ff891870b8d999660e24148788aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:56 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
34880
x-xss-protection
0
last-modified
Thu, 23 Apr 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Apr 2020 18:45:56 GMT
Cookie set reviewlister.aspx
kunde.vitamail.no/ Frame 8507 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://kunde.vitamail.no/reviewlister.aspx?product=155&ArrowColor=2866F5
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.233.196.115 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host
kunde.vitamail.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=

Response headers

Cache-Control
public, max-age=60
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Thu, 23 Apr 2020 18:46:56 GMT
Last-Modified
Thu, 23 Apr 2020 18:45:56 GMT
Vary
*
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=bnceeosapmn1is12fi4o2gfz; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Thu, 23 Apr 2020 18:45:57 GMT
Content-Length
22429
1ecb9ecc-bakgrunn-desktop_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/1ecb9ecc-bakgrunn-desktop_000000000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a63cbbec3bbf8ee90adf946f8ba53df5c63fe1d5bc9444aaa42fd5006e7c5ca4

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"cf78e200b0b4470e78ef9738a81096fe"
x-cache
Miss from cloudfront
x-amz-version-id
gyiFq2Msoq4Ka166kvwMpSv3gpkJFlEc
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
22618
x-amz-cf-id
9HbKTYcXhSfghHnyFutKrIw-Kfj_F5AtDAfSLI1TPHs46Jtpy7kZRQ==
sp-2.9.0.js
assets.ub-analytics.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ub-analytics.com/sp-2.9.0.js
Requested by
Host: assets.ub-analytics.com
URL: https://assets.ub-analytics.com/ub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 20:39:14 GMT
content-encoding
gzip
age
17100403
x-cache
Hit from cloudfront
status
200
content-length
25747
last-modified
Tue, 16 Jul 2019 16:36:37 GMT
server
AmazonS3
etag
"ca3734b973941d7734d9116b823f868b"
x-amz-version-id
EYCPJnlZccivTrgOYeEuIt6iQVaAC0Td
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
iphwmTb7d3qXsElT1RU9xVnYCkUUmFySKq-sFcuC8aRduqKAjW4-bw==
1970868136515269
connect.facebook.net/signals/config/ 		524 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1970868136515269?v=2.9.16&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49d5a46bbe413bcce91b35470490a23ba735c39687f5fbc78346d7d2d2582dfd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
pdag97J/a6SU8jTAFKxpLHYfwN1/B0zzHEVmBEOg8DnPgAilt1zeIpi0WnmkRsHLOvmUg92fe93KaqE9oGROvQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Thu, 23 Apr 2020 18:45:56 GMT, Thu, 23 Apr 2020 18:45:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPDLHC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4042
date
Thu, 23 Apr 2020 17:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 23 Apr 2020 19:38:34 GMT
bat.js
bat.bing.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPDLHC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:55 GMT
content-encoding
gzip
last-modified
Mon, 13 Apr 2020 22:01:50 GMT
x-msedge-ref
Ref A: 4C8E18E6FF0F4145BB70EA0A1AC7A362 Ref B: FRAEDGE0708 Ref C: 2020-04-23T18:45:56Z
status
200
etag
"0db222df11d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7610
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1206315&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1206315%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1206315%26t%3D1
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:58 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.243:80
AN-X-Request-Uuid
078218a5-ec23-4563-a995-950bd9592a5d
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:58 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid
4d86a517-b343-423a-911b-1270726d8f60
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1206315%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=21177532&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21177532%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21177532%26t%3D1
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:58 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid
1039fc94-2d38-46eb-a9b4-a1c070a5ccb5
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:58 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.21:80
AN-X-Request-Uuid
b3f86faf-fb73-41dc-802f-ae705046e9b1
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21177532%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d7.js
tb.de17a.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:56 GMT
content-encoding
gzip
last-modified
Tue, 14 Apr 2020 08:33:43 GMT
server
nginx/1.4.6 (Ubuntu)
etag
W/"XhGaROBke6UXhGbNJe2pGk--gzip"
vary
Accept-Encoding, User-Agent
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
status
200
cache-control
must-revalidate, private
content-type
application/javascript
content-length
6265
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=915054228&t=pageview&_s=1&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0c...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_gid=280418333.1587667557&gjid=638760347&_v=j81&z=1057333718
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_v=j81&z=1057333718
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_v=j81&z=1057333718&slf_rd=1&random=1026240145
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_v=j81&z=1057333718&slf_rd=1&random=1026240145
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 18:45:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Apr 2020 18:45:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1818340435.1587667557&jid=1565948390&_v=j81&z=1057333718&slf_rd=1&random=1026240145
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
45d4dd1a-29d8-43fa-843a-23f354365eb4
https://kampanje.dmax.no/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://kampanje.dmax.no/45d4dd1a-29d8-43fa-843a-23f354365eb4
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		7 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b153e6919fdfcfea07a4154bf17158bc3c35b7686044536d0df2ce0b0f551ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Apr 2020 18:45:56 GMT
server
ESF
date
Thu, 23 Apr 2020 18:45:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Apr 2020 18:45:56 GMT
4954d8bd-dmax-logo-gul_03g011000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/4954d8bd-dmax-logo-gul_03g011000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34b87bdec0a66e6126b427bbfa4e4c0aa530815e06aea41966887ee96a618637

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"7ba8ad07b43b4c31b2e2df68e4aa2729"
x-cache
Miss from cloudfront
x-amz-version-id
tTsXKX1ldMuWfHSOFfRuzOkRViyNtBja
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
5056
x-amz-cf-id
EQVHtRyny8bIvS2d1dlRZc0eCsLWC4t60A_9s-L0-K3log1uz_TSEw==
47f21d93-kundeserviceprisen-alene-logo-250511_032031000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/47f21d93-kundeserviceprisen-alene-logo-250511_032031000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1903ccf8888cb7315a483e28919c3340383606c45a5d9f27809156b46f3d4655

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"6b028c47388fb15699e890f93e6b8c77"
x-cache
Miss from cloudfront
x-amz-version-id
DvNOpqNoOwUkubWJCilvnZB6HhPJaUYq
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
19298
x-amz-cf-id
dR5JQViNboGMAizCG04TbdnUPjaDw5ekn2L1-60C7GxWyOLkh7psWA==
e01e241a-kontakt_01k01h000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/e01e241a-kontakt_01k01h000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
387211ccad7938985e8c18bc82e560269caccedc8222cb51ddcf390bf7f34e79

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"89399cb6e53707fc6508640ad68e5a35"
x-cache
Miss from cloudfront
x-amz-version-id
ke3aXXEDi6QbYUaTUsrKdz6eGKPk2vtA
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
1178
x-amz-cf-id
6pvdXN5i_BYt-EUS2GNIeMGoXHHWFVZyZEIaF3A0bXUBYGTGU42uIg==
011d0050-sirkel_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		368 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/011d0050-sirkel_000000000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e0d96a0c01d0823b84c25c2eb41277b158f8d7a8bd3b31dddff1b0007d00ff5

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"f743108315e67f684de0c615730e2e8c"
x-cache
Miss from cloudfront
x-amz-version-id
JvcjxiusTVnpD2k86r51lopO1lUj0.db
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
368
x-amz-cf-id
0699s31n25hh8r6WiB8E9EE8MWgSDF6qaLraI0NABBw_V49WJwsnnw==
af6d6a3a-strek1_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		456 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/af6d6a3a-strek1_000000000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6db155444dfb09fd6663496845b93b632378c483822b3a3a88b667efb9664b7

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"e51eaf176a737ca499d4b7eb9ccc1676"
x-cache
Miss from cloudfront
x-amz-version-id
sevTFKoQnHWOL3toy5Al.hIP0vA2oL79
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
456
x-amz-cf-id
F96ahSA2u-KL0IK8vO6-hhlbMG1W19Qy8GMmuVDOZS4YZVA_zfXvng==
13be437d-strek2_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/13be437d-strek2_000000000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b669b5db0edb00cbd3298181125e79b2d0fe7cbb2874b2033fd42f3ff99eee9

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"4bc762c6e048a298d57e56f5d50e09b6"
x-cache
Miss from cloudfront
x-amz-version-id
1vibjLjCovA.xJQhrH7nRxv.hsHFBxlP
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
1235
x-amz-cf-id
dLKmZFCYjY7903QURla6YE74GydHuuxOoYKXrLr4wDvogZ5XwFSlMA==
91e66b6d-vertikal-strek_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		156 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/91e66b6d-vertikal-strek_000000000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4926ef7634543c137ff3ba20f3bd8c2417acea3f83c5da61a86a9ff38fa4a96a

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"5c20f8bc0075363aad35fc576fc93416"
x-cache
Miss from cloudfront
x-amz-version-id
sNrJGEMRHfqEU7OqmEXr_cFWBIqfRlmg
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
156
x-amz-cf-id
cbDlPmrtv3U9fnCxV4DowTkyYWtBKdpCRENRweDH0ZPXN4b0KvUDZQ==
1f1fb7df-sol3_04g04y000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/1f1fb7df-sol3_04g04y000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b4b0eb718614e5a5e14c4f051adb484ba689c11209e64525a364c77d1456884

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"df0f4bac81131dced9a97e200b968727"
x-cache
Miss from cloudfront
x-amz-version-id
MOSm2akAetkiF7A1.NTpk6lBpVlS_4GW
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
7757
x-amz-cf-id
SMaUe2a47g22cfjxmukADZ49m1sFnlY5oWGoPG0Ow1jH2wYOaNOjbw==
14485c77-overskrift_0b60cf0b60bt00000b001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/14485c77-overskrift_0b60cf0b60bt00000b001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01143b1d96b3125dc30ea6cd170b7f8c00ec1af9a19f027384b5a57db79e1751

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"a7d18bab737655a8ea8bb7f045d124a7"
x-cache
Miss from cloudfront
x-amz-version-id
NI.tjwVyW.fOuU3Gs5ztoWZTp3sEebFl
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
26408
x-amz-cf-id
2wfbVDKq5aeXd4Ilm3CHQcmB2K0QoivUBkT7JOkLHMxwuTTgNFeoEQ==
e0ac095d-dmax-logo_02z00w000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/e0ac095d-dmax-logo_02z00w000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f400a0f5274821805944b570d1b6fc37d0d15b7c0618927e09c14b1f2f26b73b

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"8e9f18dfae3b577c670d8f3979c45dd4"
x-cache
Miss from cloudfront
x-amz-version-id
l8QyqQXR3oLIi3HrhuSSzo5JHG7vE6mZ
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
2116
x-amz-cf-id
5oq40-JJ3m4LinumhXOWxwL3eNkrhAmYipEGMzbvBfZXoVfLQ7tbEA==
79503217-dmax-med-appelsin_09f08q000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/79503217-dmax-med-appelsin_09f08q000000000000001.png
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.205 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-205.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d56d224775864ca7727869f3eb28f2e22634b664f14cb94dc3d0f11c4495174c

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 08:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"2125f6c4c1c7a56e041d83cfdbd2f8ec"
x-cache
Miss from cloudfront
x-amz-version-id
26Ruk_Cx0anRK_CZOR82vP2FcPoIQ52K
status
200
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
120997
x-amz-cf-id
Xk26umTc0stsydXh3H0dwyCRfkaf2oBa8on6eAX-Eau4gyQosjLsPA==
main.a37a8bbc.js
s.pinimg.com/ct/lib/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.a37a8bbc.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:56 GMT
content-encoding
br
x-cdn
cloudflare
status
200
etag
W/"dca924303eac8ed14b9cb0fa8819af3d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-cdn
cache-control
max-age=1209600
cf-ray
5889be957a24dfbf-FRA
cf-request-id
0249f5716a0000dfbf738e3200000001
server
cloudflare
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=19001652&Ver=2&mid=d771e559-e528-3361-0382-66976b17b6dc&sid=acaede4b-fe62-0f49-05d6-acc614aa5f70&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!&kw=dmax&p=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D&r=&lt=2235&evt=pageLoad&msclkid=N&sv=1&rn=225241
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 23 Apr 2020 18:45:55 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 55741D7FCF20422189BCCA2C9790678B Ref B: FRAEDGE0708 Ref C: 2020-04-23T18:45:56Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
events.ub-analytics.com/ 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1587667556721&e=pv&url=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D&page=dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!&tv=js-2.9.0&tna=cf&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=2506686c-a2ac-4506-8693-d2a62d8bb1a6&dtm=1587667556719&vp=1600x1200&ds=1585x1722&vid=1&sid=20ca3e31-ce5d-4497-b901-bc0110352e20&duid=9eb97ba2-7e5f-4e57-88e6-165c9f78f72d&fp=2919171567&uid=194.99.105.991588436365732731&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmI0MDlmN2ItNmJmYS00YzlhLWEwZmQtYjA0ZGQxNWIwYWEyIiwidmFyaWFudElkIjoiciIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.133.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-133-184.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:57 GMT
server
akka-http/10.0.9
status
200
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
image/gif
content-length
43
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin
https://kampanje.dmax.no

Response headers

date
Wed, 08 Apr 2020 19:25:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
1293620
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11012
x-xss-protection
0
expires
Thu, 08 Apr 2021 19:25:36 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin
https://kampanje.dmax.no

Response headers

date
Wed, 01 Apr 2020 22:55:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
1885840
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Thu, 01 Apr 2021 22:55:16 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin
https://kampanje.dmax.no

Response headers

date
Wed, 01 Apr 2020 19:40:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
age
1897551
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13912
x-xss-protection
0
expires
Thu, 01 Apr 2021 19:40:05 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin
https://kampanje.dmax.no

Response headers

date
Sat, 04 Apr 2020 10:25:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1671624
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Sun, 04 Apr 2021 10:25:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin
https://kampanje.dmax.no

Response headers

date
Fri, 17 Apr 2020 00:29:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
584165
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Sat, 17 Apr 2021 00:29:51 GMT
/
ct.pinterest.com/user/ 		35 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614470462737&cb=1587667556752
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a37a8bbc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.164.234 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 18:45:57 GMT
x-cdn
akamai
status
200
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
https://kampanje.dmax.no
access-control-expose-headers
Epik
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
6234308670967639
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614470462737&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1587667556753
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.164.234 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 18:45:57 GMT
x-cdn
akamai
status
200
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
content-length
35
x-pinterest-rid
2484850077271592
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1970868136515269&ev=PageView&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D&rl=&if=false&ts=1587667556775&sw=1600&sh=1200&v=2.9.16&r=stable&ec=0&o=30&fbp=fb.1.1587667556774.1012796599&it=1587667556650&coo=false&rqm=GET
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:56 GMT, Thu, 23 Apr 2020 18:45:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 23 Apr 2020 18:45:56 GMT
i
tr.snapchat.com/cm/ Frame 12A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=5828c62d-d179-4407-92f3-e65d4c36cb53
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=5828c62d-d179-4407-92f3-e65d4c36cb53
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=

Response headers

status
200
server
nginx/1.17.3
date
Thu, 23 Apr 2020 18:45:56 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
p
tr.snapchat.com/ Frame AB18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
424
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://kampanje.dmax.no
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://kampanje.dmax.no
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=

Response headers

status
200
server
nginx/1.17.3
date
Thu, 23 Apr 2020 18:45:56 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm8R+HXOJSmMHx3sQU5Y9KFKynXoBgllIXDxbE1X7fYgjvMvPkD1ZGOrTIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
p
tr.snapchat.com/ Frame AF78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
424
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://kampanje.dmax.no
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://kampanje.dmax.no
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=

Response headers

status
200
server
nginx/1.17.3
date
Thu, 23 Apr 2020 18:45:56 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgRGAIAwDwIl6F5QkdRylMEWH998EkndFjX3FfM6KFBx4d9UCpvx1D6Ylk2r8Ll6wqjIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
p
tr.snapchat.com/ Frame C187 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
424
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://kampanje.dmax.no
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://kampanje.dmax.no
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=

Response headers

status
200
server
nginx/1.17.3
date
Thu, 23 Apr 2020 18:45:57 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBiREAIAgDsIm4Q4RS18FnCoY3sclB+BMoTHxRhXopZ/tB7aiy1T2CCWQEWj+XXqcNMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
p
tr.snapchat.com/ Frame 3624 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
424
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://kampanje.dmax.no
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://kampanje.dmax.no
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=

Response headers

status
200
server
nginx/1.17.3
date
Thu, 23 Apr 2020 18:45:56 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgRHAIAgDwIm4Q5TEjCNtnYLh+8+vplhuoXBbUcfOwLUJPXoXN666R24CzET7D5HN97IyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1970868136515269&ev=Microdata&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D&rl=&if=false&ts=1587667557277&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!%22%2C%22meta%3Akeywords%22%3A%22dmax%22%2C%22meta%3Adescription%22%3A%2240%20mikrogram%20vitamin%20D%20i%20hver%20kapsel.%20%20Myke%20vitaminsoler%20med%20deilig%20smak%20av%20appelsin.%20Dekker%20ogs%C3%A5%2050%25%20av%20ditt%20daglige%20behov%20for%20jod.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Pr%C3%B8v%20dmax%20tyggevitaminer%20gratis%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22Bra%20for%20immunforsvaret%2C%20energiniv%C3%A5et%20og%20mot%20vinterdepresjon%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi.imgur.com%2FrPjFXswg.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.16&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1587667557277.206307891&it=1587667556650&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=426569&clickid=04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164&a=430471&b=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:57 GMT, Thu, 23 Apr 2020 18:45:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 23 Apr 2020 18:45:57 GMT
getUid;c
tb.de17a.com/api/ Frame DD40
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
61 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
3872e4f3aaa211e3bdfc5e64f45092c2d817659e002d4e7091fe614734a789c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 18:45:57 GMT
server
nginx/1.4.6 (Ubuntu)
content-type
application/json
content-length
61
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

Redirect headers

status
307
date
Thu, 23 Apr 2020 18:45:57 GMT
server
nginx/1.4.6 (Ubuntu)
content-length
0
location
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
pageView
tb.de17a.com/api/ Frame 10FF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D426569%26clickid%3D04_45499484_0cc881d4-4a21-4adc-8adc-47687c229164%26a%3D430471%26b%3D%22%2C%22title%22%3A%22dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!%22%2C%22trackingAccountId%22%3A%2217068%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
7b51ee725b1609d195cd4b2f8eff23288eeda6a4beaf04a53673502e42660029

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 18:45:57 GMT
server
nginx/1.4.6 (Ubuntu)
content-type
application/json
content-length
2560
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
tap.php
pixel.rubiconproject.com/ Frame AF11 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=8204279044797129786&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
google
d5p.de17a.com/cookies/ Frame AF11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc=
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHxmaz6VgW8lL7_uc0fpiLM&google_cver=1&google_ula=668382,0
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEHxmaz6VgW8lL7_uc0fpiLM&google_cver=1&google_ula=668382,0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.168 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-168.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Apr 2020 18:45:58 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d5p.de17a.com/cookies/google?google_gid=CAESEHxmaz6VgW8lL7_uc0fpiLM&google_cver=1&google_ula=668382,0
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
appnexus
d5p.de17a.com/setuid/ Frame AF11
Redirect Chain
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=5364305383649275274
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/setuid/appnexus?anxs_uid=5364305383649275274
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.168 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),
Reverse DNS
213-155-156-168.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:46:00 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
f0876edd-d957-4683-84c2-adb3d920265d
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://d5p.de17a.com/setuid/appnexus?anxs_uid=5364305383649275274
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AF11 		42 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=8204279044797129786
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:58 GMT
X-lat
Pug22015:0:398
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42
match
ad.360yield.com/ul_cb/ Frame AF11
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=8204279044797129786&expiration=1590259557
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=8204279044797129786&expiration=1590259557
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=8204279044797129786&expiration=1590259557
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.57.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 18:46:02 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Thu, 23 Apr 2020 18:46:00 GMT
content-type
text/plain
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=61&external_user_id=8204279044797129786&expiration=1590259557
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
partner
sync.search.spotxchange.com/ Frame AF11
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=8204279044797129786&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=8204279044797129786&img=1&__user_check__=1&sync_id=abc95679-8592-11ea-987e-11e121d61f06
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=8204279044797129786&img=1&__user_check__=1&sync_id=abc95679-8592-11ea-987e-11e121d61f06
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 18:45:58 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
141
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 23 Apr 2020 18:45:58 GMT
Server
nginx
Location
/partner?adv_id=7326&uid=8204279044797129786&img=1&__user_check__=1&sync_id=abc95679-8592-11ea-987e-11e121d61f06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
8
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55955/ Frame AF11 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=8204279044797129786&_origin=1
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.138.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-138-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Thu, 23 Apr 2020 18:45:58 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.sxp.smartclip.net/ Frame AF11
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=8204279044797129786
  • https://sync.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=8204279044797129786&ang_testid=1
42 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=8204279044797129786&ang_testid=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.225.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-225-191.eu-west-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 18:45:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

Location
https://sync.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=8204279044797129786&ang_testid=1
Date
Thu, 23 Apr 2020 18:45:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sync
x.bidswitch.net/ul_cb/ Frame AF11
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=8204279044797129786&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=8204279044797129786&expires=30
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=8204279044797129786&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.81.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-81-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 18:45:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Thu, 23 Apr 2020 18:45:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=8204279044797129786&expires=30
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
dmp.adform.net/serving/cookie/ Frame AF11
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=8204279044797129786
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=8204279044797129786
35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=8204279044797129786
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 18:45:58 GMT
server
nginx
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 23 Apr 2020 18:45:58 GMT
server
nginx
status
302
location
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=8204279044797129786
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
expires
-1
8204279044797129786
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame AF11 		0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/delta/8204279044797129786
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.246.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-246-198.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 18:45:58 GMT
server
nginx
status
200
allow
GET
p3p
CP="CUR IVDo OUR IND"
access-control-allow-origin
*
cache-control
no-store, no-transform
access-control-allow-credentials
true
content-type
text/html
content-length
0
rum
dsum.casalemedia.com/ Frame AF11
Redirect Chain
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=8204279044797129786&expiration=1590259557
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=8204279044797129786&expiration=1590259557&C=1
43 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=8204279044797129786&expiration=1590259557&C=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-15-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:58 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 23 Apr 2020 18:45:58 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 18:45:58 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=8204279044797129786&expiration=1590259557&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Thu, 23 Apr 2020 18:45:58 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ub object| module function| fbq function| _fbq function| snaptr object| r string| ssaUrl function| pintrk object| dataLayer object| GlobalSnowplowNamespace function| snowplow object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq object| _d7 object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| UET object| Snowplow string| tagId number| index function| La boolean| K

3 Cookies

Domain/Path Name / Value
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiREAIAgDsIm4Q4RS18FnCoY3sclB+BMoTHxRhXopZ/tB7aiy1T2CCWQEWj+XXqcNMgAAAA==
kunde.vitamail.no/ Name: ASP.NET_SessionId
Value: bnceeosapmn1is12fi4o2gfz
.dmax.no/ Name: _fbp
Value: fb.1.1587667557277.206307891

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 1970868136515269.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
assets.ub-analytics.com
bat.bing.com
bemediaor.com
builder-assets.unbounce.com
cdpembedded.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d5p.de17a.com
d9hhrg4mnvzow.cloudfront.net
dmp.adform.net
dsum.casalemedia.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
kampanje.dmax.no
kunde.vitamail.no
pixel.advertising.com
pixel.rubiconproject.com
pixel.sitescout.com
s.pinimg.com
sc-static.net
secure.adnxs.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.sxp.smartclip.net
tb.de17a.com
tr.snapchat.com
usermatch.targeting.unrulymedia.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
13.224.194.36
13.225.73.128
13.225.73.37
13.225.78.205
185.33.221.53
185.64.189.110
185.94.180.125
213.155.156.168
213.155.156.188
216.58.206.2
23.213.15.82
23.213.164.234
2606:4700::6812:fb0
2607:f8b0:4006:81a::2003
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:806::200a
2a00:1450:4001:809::2004
2a00:1450:4001:814::2003
2a00:1450:4001:818::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.248.246.198
35.186.226.184
37.157.4.29
37.252.172.250
40.112.135.80
51.15.253.167
52.233.196.115
52.5.133.184
52.58.138.174
52.58.57.174
52.59.81.212
54.194.225.191
54.93.101.66
66.155.71.150
69.173.144.136
01143b1d96b3125dc30ea6cd170b7f8c00ec1af9a19f027384b5a57db79e1751
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1903ccf8888cb7315a483e28919c3340383606c45a5d9f27809156b46f3d4655
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
2b4b0eb718614e5a5e14c4f051adb484ba689c11209e64525a364c77d1456884
2f220735682253606c6f4b885706516109a48fbd522f9928c717ae7864f0ae8e
34b87bdec0a66e6126b427bbfa4e4c0aa530815e06aea41966887ee96a618637
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
387211ccad7938985e8c18bc82e560269caccedc8222cb51ddcf390bf7f34e79
3872e4f3aaa211e3bdfc5e64f45092c2d817659e002d4e7091fe614734a789c3
3bda8f645e3c969e7fe2429a6db31214d283c953b8ebee9fc3606f96546a070e
4926ef7634543c137ff3ba20f3bd8c2417acea3f83c5da61a86a9ff38fa4a96a
49d5a46bbe413bcce91b35470490a23ba735c39687f5fbc78346d7d2d2582dfd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e0d96a0c01d0823b84c25c2eb41277b158f8d7a8bd3b31dddff1b0007d00ff5
5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
7505e46ab2e49e3e2fc13ffba0ec2d5df74ffa30315350d30dc426d9d90bac9f
7b51ee725b1609d195cd4b2f8eff23288eeda6a4beaf04a53673502e42660029
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
81f56cff112636ed46cb7837be66b7a9906dad73841a8f0f733e929ad5a16bf8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b669b5db0edb00cbd3298181125e79b2d0fe7cbb2874b2033fd42f3ff99eee9
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a63cbbec3bbf8ee90adf946f8ba53df5c63fe1d5bc9444aaa42fd5006e7c5ca4
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b153e6919fdfcfea07a4154bf17158bc3c35b7686044536d0df2ce0b0f551ecd
c2c99b5d98be6451adafc1d393883157b99ff891870b8d999660e24148788aab
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d56d224775864ca7727869f3eb28f2e22634b664f14cb94dc3d0f11c4495174c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f400a0f5274821805944b570d1b6fc37d0d15b7c0618927e09c14b1f2f26b73b
f6db155444dfb09fd6663496845b93b632378c483822b3a3a88b667efb9664b7