kampanje.dmax.no Open in urlscan Pro
54.93.101.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paydesolutions.com/link.php?M=922647&N=151&L=53&F=H
Effective URL:
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f313...
Submission: On February 21 via api (February 21st 2020, 2:04:04 am UTC) from BE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 8 countries across 24 domains to perform 45 HTTP transactions. The main IP is 54.93.101.66, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is kampanje.dmax.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 23rd 2019. Valid for: 3 months.

This is the only time kampanje.dmax.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.171.233.3 185.171.233.3	206923 (SPOTRIX) (SPOTRIX)
1 1	212.32.249.98 212.32.249.98	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	209.41.64.220 209.41.64.220	3356 (LEVEL3) (LEVEL3)
1	54.93.101.66 54.93.101.66	16509 (AMAZON-02) (AMAZON-02)
2	13.35.253.25 13.35.253.25	16509 (AMAZON-02) (AMAZON-02)
13	13.35.254.222 13.35.254.222	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.202.124 143.204.202.124	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2a04:4e42:1b::84 2a04:4e42:1b::84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
1	52.233.196.115 52.233.196.115	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	23.210.248.189 23.210.248.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
5	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
45	20

1 185.171.233.3 (Latvia) 1 redirects

ASN206923 (SPOTRIX, LV)
PTR: paydesolutions.com

paydesolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.249.98 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

track.prizecontestant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.41.64.220 (Riverton, United States) 1 redirects

ASN3356 (LEVEL3, US)
PTR: 209-41-64-220.c7dc.com

bemediaor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.101.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com

kampanje.dmax.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-25.fra6.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.35.254.222 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-222.fra6.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.124 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-124.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::84 (Ascension Island)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.233.196.115 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

kunde.vitamail.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.189 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-189.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cloudfront.net d9hhrg4mnvzow.cloudfront.net	155 KB
5	snapchat.com tr.snapchat.com
5	gstatic.com fonts.gstatic.com	63 KB
2	facebook.com 1 redirects www.facebook.com	527 B
2	bing.com bat.bing.com	8 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	pinterest.com ct.pinterest.com	636 B
2	pinimg.com s.pinimg.com	47 KB
2	facebook.net connect.facebook.net	142 KB
2	unbounce.com builder-assets.unbounce.com	37 KB
1	atdmt.com cx.atdmt.com	319 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	191 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	161 B
1	adnxs.com secure.adnxs.com	589 B
1	googleapis.com fonts.googleapis.com	874 B
1	vitamail.no kunde.vitamail.no
1	googletagmanager.com www.googletagmanager.com	33 KB
1	sitescout.com pixel.sitescout.com	248 B
1	sc-static.net sc-static.net	5 KB
1	dmax.no kampanje.dmax.no	10 KB
1	bemediaor.com 1 redirects bemediaor.com	605 B
1	prizecontestant.com 1 redirects track.prizecontestant.com	235 B
1	paydesolutions.com 1 redirects paydesolutions.com	314 B
45	24

	Domain	Requested by
13	d9hhrg4mnvzow.cloudfront.net	kampanje.dmax.no
5	tr.snapchat.com	sc-static.net
5	fonts.gstatic.com	builder-assets.unbounce.com
2	www.facebook.com	1 redirects kampanje.dmax.no
2	bat.bing.com	www.googletagmanager.com kampanje.dmax.no
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	ct.pinterest.com	s.pinimg.com kampanje.dmax.no
2	s.pinimg.com	kampanje.dmax.no s.pinimg.com
2	connect.facebook.net	kampanje.dmax.no connect.facebook.net
2	builder-assets.unbounce.com	kampanje.dmax.no
1	cx.atdmt.com	kampanje.dmax.no
1	www.google.de	kampanje.dmax.no
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	secure.adnxs.com	www.googletagmanager.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	kunde.vitamail.no	kampanje.dmax.no
1	www.googletagmanager.com	kampanje.dmax.no
1	pixel.sitescout.com	kampanje.dmax.no
1	sc-static.net	kampanje.dmax.no
1	kampanje.dmax.no
1	bemediaor.com	1 redirects
1	track.prizecontestant.com	1 redirects
1	paydesolutions.com	1 redirects
45	24

This site contains no links.

Subject Issuer	Validity	Valid
kampanje.dmax.no Let's Encrypt Authority X3	`2019-12-23` - `2020-03-22`	3 months	crt.sh
*.unbounce.com Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
faktura.vitamail.no Go Daddy Secure Certificate Authority - G2	`2020-02-12` - `2020-11-14`	9 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Frame ID: 8183DBD5BEA06BDE03002FE78868D8C1
Requests: 39 HTTP requests in this frame

Frame: https://kunde.vitamail.no/reviewlister.aspx?product=155&ArrowColor=2866F5
Frame ID: 65A8B41BB791A1A584EEE5EB0D1CEC08
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i
Frame ID: 538107869C0CF41D517243BEB43DF53D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 8477DCFDC20BAC2C2617FC7FADCBB996
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 70AA5DA2A8DC2E5D4354E9977774F946
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 4FE84551A03D4022BBB675634FA02D1F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: EB447FBA87E88760895CBB15511C0E07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://paydesolutions.com/link.php?M=922647&N=151&L=53&F=H HTTP 302
https://track.prizecontestant.com/click?pid=62&offer_id=1418 HTTP 302
https://bemediaor.com/click.track?CID=430471&AFID=427926&ADID=2244102&AffiliateReferenceID=5e4f3a8... HTTP 302
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

45
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

24
Subdomains

20
IPs

8
Countries

521 kB
Transfer

1202 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paydesolutions.com/link.php?M=922647&N=151&L=53&F=H HTTP 302
https://track.prizecontestant.com/click?pid=62&offer_id=1418 HTTP 302
https://bemediaor.com/click.track?CID=430471&AFID=427926&ADID=2244102&AffiliateReferenceID=5e4f3a80b1f3e90001ee2d7d HTTP 302
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1158067411&t=pageview&_s=1&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D427926%26click_id%3D02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be%26cid%3D430471%2B%2B&ul=en-us&de=UTF-8&dt=dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=273833568&gjid=918356679&cid=1487553267.1582250626&tid=UA-111350678-1&_gid=1952298738.1582250626&_r=1&gtm=2wg2c0PLPDLHC&z=1849004801 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_gid=1952298738.1582250626&gjid=918356679&_v=j81&z=1849004801 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_v=j81&z=1849004801 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_v=j81&z=1849004801&slf_rd=1&random=108970487

Request Chain 43

https://www.facebook.com/tr/?id=1970868136515269&ev=Microdata&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D427926%26click_id%3D02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be%26cid%3D430471%2B%2B&rl=&if=false&ts=1582250626356&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!%22%2C%22meta%3Akeywords%22%3A%22dmax%22%2C%22meta%3Adescription%22%3A%2240%20mikrogram%20vitamin%20D%20i%20hver%20kapsel.%20%20Myke%20vitaminsoler%20med%20deilig%20smak%20av%20appelsin.%20Dekker%20ogs%C3%A5%2050%25%20av%20ditt%20daglige%20behov%20for%20jod.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Pr%C3%B8v%20dmax%20tyggevitaminer%20gratis%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22Bra%20for%20immunforsvaret%2C%20energiniv%C3%A5et%20og%20mot%20vinterdepresjon%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi.imgur.com%2FrPjFXswg.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1582250625846.840491509&it=1582250625743&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=3674434428763217097&f=AYx3AxlXsFN3XXr9u9Emz2McVNdz6QG7QkIXUV5YRn2sC7al513x2jsaI09rUxr6rfuxfwCq8988sX2PWBSJ76vB&id=1970868136515269&l=3&v=0

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
kampanje.dmax.no/gratis/
Redirect Chain

http://paydesolutions.com/link.php?M=922647&N=151&L=53&F=H
https://track.prizecontestant.com/click?pid=62&offer_id=1418
https://bemediaor.com/click.track?CID=430471&AFID=427926&ADID=2244102&AffiliateReferenceID=5e4f3a80b1f3e90001ee2d7d
https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

61 KB
10 KB

132ms
27ms

Document
text/html

54.93.101.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.93.101.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6c16e0854bb0f22dc3adb5f4ab055f14427dce3440f33681289f623bd5bf00e5

Request headers

Host: kampanje.dmax.no
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 02:03:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
P3P: CP="This is not a privacy policy."
X-Unbounce-PageId: fb409f7b-6bfa-4c9a-a0fd-b04dd15b0aa2
ETag: ad928495842a398cc316530ff0dfa186
Content-Location: https://kampanje.dmax.no/gratis/
X-Unbounce-VisitorID: 85.159.237.661582260054148374
Last-Modified: Mon, 17 Feb 2020 14:47:58 GMT
X-Unbounce-Variant: r
Link: <https://kampanje.dmax.no/gratis/>; rel="canonical"
Set-Cookie: ubpv=r%2Cfb409f7b-6bfa-4c9a-a0fd-b04dd15b0aa2; Max-Age=15897600; Expires=Sun, 23 Aug 2020 02:03:45 GMT; Path=/gratis/ ubvs=85.159.237.661582260054148374; Max-Age=15552000; Expires=Wed, 19 Aug 2020 02:03:45 GMT; Path=/ ubvt=85.159.237.661582260054148374; Max-Age=259200; Expires=Mon, 24 Feb 2020 02:03:45 GMT; Path=/; Domain=dmax.no
Content-Encoding: gzip
X-Proxy-Backend: page-server

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Server: Microsoft-IIS/7.5
P3P: policyref="/p3p/P3P.bemediaor.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
X-AspNet-Version: 4.0.30319
Set-Cookie: LTTC6_430471=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be; expires=Sun, 22-Mar-2020 02:03:45 GMT; path=/; SameSite=None; secure
X-Powered-By: ASP.NET
Date: Fri, 21 Feb 2020 02:03:44 GMT
Content-Length: 267

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 83ms
21ms Stylesheet
text/css 13.35.253.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-25.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 10 Jan 2020 20:59:07 GMT
content-encoding: gzip
age: 3560679
x-cache: Hit from cloudfront
status: 200
content-length: 2902
last-modified: Tue, 17 Dec 2019 18:07:36 GMT
server: AmazonS3
etag: "b1439c4f65250fcd7303dd098ce50aec"
x-amz-version-id: DztZE6TiES9LWOLtrqswAKLrXkk8QocL
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: m6pnCucriiUyUqnjPDbAqvy4mLWI6vZ7PDgtxYqppGmvwt5jYxsvYQ==

GET
H2 200 transparent.gif
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 42 B
420 B 477ms
434ms Image
image/gif 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/transparent.gif
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 02:03:46 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
x-amz-version-id: Fxx9GqStsVpXeGTgNE0dK6Z8bUy0R4mt
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-amz-cf-id: Ne0yi1lGe1Gm0UQbho4Ch_HnPQXgXm4KmnDNNnd2wy1Qz9g7115DEw==

GET
H2 200 main.bundle-f7a4028.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 94ms
32ms Script
application/javascript 13.35.253.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-25.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7a4028c7c5f1214665f61e28c0935beaaf8e73c1d82691da265ce59b3e388c8

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Jan 2020 08:08:33 GMT
content-encoding: gzip
age: 3606913
x-cache: Hit from cloudfront
status: 200
content-length: 33687
last-modified: Tue, 17 Dec 2019 18:07:27 GMT
server: AmazonS3
etag: "8cce87c47015844577b6ae12c07fd890"
x-amz-version-id: 1oFJIn7UdWXBEt0MjbrJ.DPKz7fNJMtE
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Ppg5ZVvaa3SzcJJjfiqxXM6as04Im1UB1c_a7Z24XjW5wOsZdFKZ5A==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: hZgQb6oo/e1Cvs1xaNiYbPmTr5D8ZaMLE5hk2eU9IFc2QULU7nRAlkGeonGBNzd+pXb4J8jDVGUsP4H+uanTQA==
x-fb-trip-id: 420120009
date: Fri, 21 Feb 2020 02:03:45 GMT, Fri, 21 Feb 2020 02:03:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
5 KB 61ms
21ms Script
application/javascript 143.204.202.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.124 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-124.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 01:37:38 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 23:04:13 GMT
server: AmazonS3
age: 1569
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8n-HnIdyOSvfMzqoZoDRetnspxSVuKY21Z1_uKKp23FxVmJrbwIy2w==
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)

GET
H/1.1 204
No Content 10820510f51bad83
pixel.sitescout.com/iap/ 0
248 B 127ms
31ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/10820510f51bad83
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 02:03:45 GMT
Cache-Control: max-age=0,no-cache,no-store
Expires: Tue, 11 Oct 1977 12:34:56 GMT
Server: AC1.1
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 21ms
5ms Script
application/javascript 2a04:4e42:1b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 02:03:45 GMT
x-cdn: fastly
access-control-allow-origin: *
etag: "fdf03ac619d384023432225dbd221b25"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1097
fastly-restarts: 1
access-control-expose-headers: X-CDN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
33 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLPDLHC

Requested by

Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf24b4e0b40f71c1f89750c8f0a11633b080ea3e3a0de5f187a7a60ef7140a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 02:03:45 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33386
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Feb 2020 02:03:45 GMT

GET
H/1.1 200
OK Cookie set reviewlister.aspx
kunde.vitamail.no/ Frame 65A8 0
0 234ms
120ms Document
text/html 52.233.196.115
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.vitamail.no/reviewlister.aspx?product=155&ArrowColor=2866F5
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.233.196.115 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host: kunde.vitamail.no
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Response headers

Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Fri, 21 Feb 2020 02:04:45 GMT
Last-Modified: Fri, 21 Feb 2020 02:03:45 GMT
Vary: *
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=2sutbszrmrnq3hmeijrzhglk; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 21 Feb 2020 02:03:45 GMT
Content-Length: 19703

GET
H2 200 1ecb9ecc-bakgrunn-desktop_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 22 KB
22 KB 412ms
411ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/1ecb9ecc-bakgrunn-desktop_000000000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a63cbbec3bbf8ee90adf946f8ba53df5c63fe1d5bc9444aaa42fd5006e7c5ca4

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 02:03:47 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "cf78e200b0b4470e78ef9738a81096fe"
x-cache: Miss from cloudfront
x-amz-version-id: AQR9GpUDIq0Oz_624.lcQXAl6sVuNxcc
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 22618
x-amz-cf-id: HqvmrJKEeTsNFXdVZwOq9nPb9TyAg-H4V_d-XZ3EdXX5f8gj7d5keQ==

GET
BLOB 200
OK 9068bd5c-24f1-4092-ac74-26d88306150c
https://kampanje.dmax.no/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kampanje.dmax.no/9068bd5c-24f1-4092-ac74-26d88306150c
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 064fc1ddeedd985949045701d878ea254dd1947ed28b531783bf1323c34bfe93

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Content-Length: 5587
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 7 KB
874 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b153e6919fdfcfea07a4154bf17158bc3c35b7686044536d0df2ce0b0f551ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 02:03:45 GMT
server: ESF
date: Fri, 21 Feb 2020 02:03:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Feb 2020 02:03:45 GMT

GET
H2 200 4954d8bd-dmax-logo-gul_03g011000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 5 KB
5 KB 37ms
35ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/4954d8bd-dmax-logo-gul_03g011000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34b87bdec0a66e6126b427bbfa4e4c0aa530815e06aea41966887ee96a618637

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 21:10:52 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
age: 17574
etag: "7ba8ad07b43b4c31b2e2df68e4aa2729"
x-cache: Hit from cloudfront
x-amz-version-id: B0iw2Ey3MK6wbUX_eXcOQJlhcDsH2BO.
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 5056
x-amz-cf-id: v9JOdU6lKSPTiy2dy4M_csnNGrFTOZYAHlmreMJSphquE3OkxOWROA==

GET
H2 200 47f21d93-kundeserviceprisen-alene-logo-250511_032031000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 19 KB
19 KB 27ms
25ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/47f21d93-kundeserviceprisen-alene-logo-250511_032031000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1903ccf8888cb7315a483e28919c3340383606c45a5d9f27809156b46f3d4655

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 21:10:52 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
age: 17574
etag: "6b028c47388fb15699e890f93e6b8c77"
x-cache: Hit from cloudfront
x-amz-version-id: HnL4LaLE_vmRAtCZKmrTlLoKAO5LPU14
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 19298
x-amz-cf-id: 5mZqznZ3UJEXzFXqpCz6Q7vz8LeNp_0gQlLtLzwXL1IMD53Hd6OIlw==

GET
H2 200 e01e241a-kontakt_01k01h000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 1 KB
2 KB 36ms
34ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/e01e241a-kontakt_01k01h000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 387211ccad7938985e8c18bc82e560269caccedc8222cb51ddcf390bf7f34e79

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 21:10:52 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
age: 17574
etag: "89399cb6e53707fc6508640ad68e5a35"
x-cache: Hit from cloudfront
x-amz-version-id: Db51epd3e27.l5KX8eou1RRoduk5hdGT
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 1178
x-amz-cf-id: U8oQkCkOcHDTXn_x-mrrhGkcNdURDGbUM6X_l3ovsbgTypvtiHYusA==

GET
H2 200 011d0050-sirkel_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 368 B
755 B 38ms
36ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/011d0050-sirkel_000000000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e0d96a0c01d0823b84c25c2eb41277b158f8d7a8bd3b31dddff1b0007d00ff5

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 21:10:52 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
age: 17573
etag: "f743108315e67f684de0c615730e2e8c"
x-cache: Hit from cloudfront
x-amz-version-id: 4ZwuC1G0WZ13n9nCm155.4F2kUOEQF44
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 368
x-amz-cf-id: -D4TwjAe4FiT5RvNIvGgoJyWhYDyg77d2OE2OKFA3faX9QugqECoUQ==

GET
H2 200 af6d6a3a-strek1_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 456 B
843 B 37ms
36ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/af6d6a3a-strek1_000000000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6db155444dfb09fd6663496845b93b632378c483822b3a3a88b667efb9664b7

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 21:10:53 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
age: 17573
etag: "e51eaf176a737ca499d4b7eb9ccc1676"
x-cache: Hit from cloudfront
x-amz-version-id: Rv_2YjfiBtrRW8z5mtAbrZ9nZdVCCz11
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 456
x-amz-cf-id: kbY0iuoATuYuCXBbzajApXtZflVdL6cXn3ba-5C88DJXF3P18Xs2FQ==

GET
H2 200 13be437d-strek2_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 1 KB
2 KB 38ms
37ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/13be437d-strek2_000000000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b669b5db0edb00cbd3298181125e79b2d0fe7cbb2874b2033fd42f3ff99eee9

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 21:10:53 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
age: 17573
etag: "4bc762c6e048a298d57e56f5d50e09b6"
x-cache: Hit from cloudfront
x-amz-version-id: X1hRhRlKzI9m9S0AwpwQdNAVgcoNFM3f
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 1235
x-amz-cf-id: qME7DA1lO8lEORoUszf32L23AfpgksnJ5SszFwOQn_ehMWe33Eq2hg==

GET
H2 200 91e66b6d-vertikal-strek_000000000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 156 B
536 B 398ms
396ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/91e66b6d-vertikal-strek_000000000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4926ef7634543c137ff3ba20f3bd8c2417acea3f83c5da61a86a9ff38fa4a96a

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 02:03:47 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "5c20f8bc0075363aad35fc576fc93416"
x-cache: Miss from cloudfront
x-amz-version-id: 2qT4vfeOs9BFJL043xrd8qJJvrpXwD.c
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 156
x-amz-cf-id: inLjDqX7in2-b-VwEDPI7pOKyAlKzdbz_s0v1Ea7YBrRr7MKVkYUJQ==

GET
H2 200 1f1fb7df-sol3_02p030000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 4 KB
5 KB 410ms
409ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/1f1fb7df-sol3_02p030000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ead3d6843f97ecb1657b7cbe15b90764a4ce9cc6a2d1f8193db6c84341b06889

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 02:03:47 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "8a5c80ec662badae0817b10cadb6ff83"
x-cache: Miss from cloudfront
x-amz-version-id: tMe7LJRBz1I1Tpt1PIsHfC6fQ8XwuZd6
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4490
x-amz-cf-id: ez3xpJzu1HfhbkNMopIwrfxg9SC4CYs1XpFoQj70umvl6PwdY6OyFg==

GET
H2 200 14485c77-overskrift_0b60cf0b60bt00000b001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 26 KB
26 KB 425ms
424ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/14485c77-overskrift_0b60cf0b60bt00000b001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01143b1d96b3125dc30ea6cd170b7f8c00ec1af9a19f027384b5a57db79e1751

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 02:03:47 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "a7d18bab737655a8ea8bb7f045d124a7"
x-cache: Miss from cloudfront
x-amz-version-id: qpKh4Lh1oERXJSw3JB4vZg7uattukC.P
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 26408
x-amz-cf-id: _DEFIybjxhuP35lNGqQQvCyORET5k8xK6PbyU9DwyYbqjhWwt162UQ==

GET
H2 200 e0ac095d-dmax-logo_02z00w000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 2 KB
2 KB 425ms
424ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/e0ac095d-dmax-logo_02z00w000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f400a0f5274821805944b570d1b6fc37d0d15b7c0618927e09c14b1f2f26b73b

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 02:03:47 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "8e9f18dfae3b577c670d8f3979c45dd4"
x-cache: Miss from cloudfront
x-amz-version-id: sEPLTZbkWWW4b0HyqNRB27u7emdazFbK
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2116
x-amz-cf-id: Lt96APzSnURa7J1Ruk7NX_PFcFtBECLhcv4La8AtaVT2DPkgknD4Mw==

GET
H2 200 e23e0a21-mann_0a8069000000000000001.png
d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/ 69 KB
69 KB 41ms
40ms Image
image/png 13.35.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/kampanje.dmax.no/gratis/e23e0a21-mann_0a8069000000000000001.png
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-222.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43935c02df66c9d54d5f3ee8f5b3b50c45fa9299a7dd3173029957f0f0174112

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 21:10:54 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 14:47:58 GMT
server: AmazonS3
age: 17572
etag: "3deab3e3feb4bb53804769813ccd324e"
x-cache: Hit from cloudfront
x-amz-version-id: nI4zsTm8LkHGO9o0NkU8rNYi7OZRf1tG
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 70538
x-amz-cf-id: 8X6Bs0U88li7fu8SsvVq7K61SfTY__ZC_WqoW6hQRCe4gkh1FiDZfw==

GET
H2 200 1970868136515269 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 77ms
77ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1970868136515269?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9c8745a39db6df2dd6a59e36f1840f1b64f68009fff1f7b4abd9706c92a3f63

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: /nElmh3BRJfKJjelL9CYJrlWxIcQDebdJW+tp6rJ2BlVVDWNifsAUv/GD6vOhvBZpf83JzaXrl9DZaTL3gqfAQ==
x-fb-trip-id: 420120009
date: Fri, 21 Feb 2020 02:03:45 GMT, Fri, 21 Feb 2020 02:03:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.a37a8bbc.js Show response
s.pinimg.com/ct/lib/ 45 KB
45 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.a37a8bbc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 02:03:45 GMT
x-cdn: fastly
access-control-allow-origin: *
etag: "dca924303eac8ed14b9cb0fa8819af3d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 46316
fastly-restarts: 1
access-control-expose-headers: X-CDN

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin: https://kampanje.dmax.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 02:02:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 1468893
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Wed, 03 Feb 2021 02:02:12 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin: https://kampanje.dmax.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 14:44:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 1682368
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Sun, 31 Jan 2021 14:44:17 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin: https://kampanje.dmax.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 13:39:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:39 GMT
server: sffe
age: 1686236
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13912
x-xss-protection: 0
expires: Sun, 31 Jan 2021 13:39:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin: https://kampanje.dmax.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 16:28:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 1416944
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11012
x-xss-protection: 0
expires: Wed, 03 Feb 2021 16:28:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:regular,700,300%7CRoboto:900,700
Origin: https://kampanje.dmax.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1818806
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
354 B 229ms
187ms XHR
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614470462737&cb=1582250625774

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a37a8bbc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Origin: https://kampanje.dmax.no
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 02:03:45 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: https://kampanje.dmax.no
access-control-expose-headers: Epik
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
content-length: 35
x-pinterest-rid: 4955796839691655
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
282 B 234ms
192ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614470462737&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D427926%26click_id%3D02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be%26cid%3D430471%2B%2B%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1582250625775

Requested by

Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 02:03:45 GMT
x-cdn: akamai
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 5469214981839968
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPDLHC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 915
date: Fri, 21 Feb 2020 01:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 21 Feb 2020 03:48:30 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 45ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPDLHC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 02:03:45 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: BE95074CB5B941F59347A080983B8FC7 Ref B: FRAEDGE1118 Ref C: 2020-02-21T02:03:45Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7297

GET
H/1.1 200
OK px Show response
secure.adnxs.com/ 0
589 B 65ms
21ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?id=1206315&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPDLHC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 02:03:47 GMT
AN-X-Request-Uuid: 532934e6-d607-4697-a4ad-1da70bdfa652
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 85.159.237.66; 85.159.237.66; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 i
tr.snapchat.com/cm/ Frame 5381 0
0 78ms
39ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Response headers

status: 200
server: nginx/1.17.3
date: Fri, 21 Feb 2020 02:03:45 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1158067411&t=pageview&_s=1&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D427926%26click_id%3D02_50676985_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_gid=1952298738.1582250626&gjid=918356679&_v=j81&z=1849004801
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_v=j81&z=1849004801
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_v=j81&z=1849004801&slf_rd=1&random=108970487

42 B
109 B

16ms
15ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_v=j81&z=1849004801&slf_rd=1&random=108970487

Requested by

Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 02:03:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 02:03:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-111350678-1&cid=1487553267.1582250626&jid=273833568&_v=j81&z=1849004801&slf_rd=1&random=108970487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ Frame 8477 0
0 75ms
52ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 426
pragma: no-cache
cache-control: no-cache
origin: https://kampanje.dmax.no
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
accept-encoding: gzip, deflate, br
accept-language: en-US
Origin: https://kampanje.dmax.no
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Response headers

status: 200
server: nginx/1.17.3
date: Fri, 21 Feb 2020 02:03:45 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAB3EwQ0AMAQAwIkkKMI4VDuF4Zv0HneSqWtf+IlJQTQtcFPpjKySmCF1ZkVjHXwYBi2aMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 p
tr.snapchat.com/ Frame 70AA 0
0 66ms
44ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 426
pragma: no-cache
cache-control: no-cache
origin: https://kampanje.dmax.no
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
accept-encoding: gzip, deflate, br
accept-language: en-US
Origin: https://kampanje.dmax.no
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Response headers

status: 200
server: nginx/1.17.3
date: Fri, 21 Feb 2020 02:03:45 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm8px9inIqmMHx3eepxlNFZCRJMoRj6SK7knu7BVt1DHVA2aPMH9mODoTIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 p
tr.snapchat.com/ Frame 4FE8 0
0 67ms
47ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 426
pragma: no-cache
cache-control: no-cache
origin: https://kampanje.dmax.no
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
accept-encoding: gzip, deflate, br
accept-language: en-US
Origin: https://kampanje.dmax.no
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Response headers

status: 200
server: nginx/1.17.3
date: Fri, 21 Feb 2020 02:03:45 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlItFAfxyHULRj+7wLvHb/XeqdbSLISYZXyRqg+9sxmAlwHnPUD+puiLzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 p
tr.snapchat.com/ Frame EB44 0
0 60ms
41ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 426
pragma: no-cache
cache-control: no-cache
origin: https://kampanje.dmax.no
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
accept-encoding: gzip, deflate, br
accept-language: en-US
Origin: https://kampanje.dmax.no
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Response headers

status: 200
server: nginx/1.17.3
date: Fri, 21 Feb 2020 02:03:45 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at="v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItI2CLoziHiFxxvex+rizKPli0JptKzygTu2t6JGcQhw5Mx/gEbSt60MgAAAA==; SameSite=None";Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=19001652&Ver=2&mid=550a2a8d-ab4c-db26-5b61-2d63a6932bec&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=dmax%20%7C%20Pr%C3%B8v%20dmax%20gratis!&kw=dmax&p=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D427926%26click_id%3D02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be%26cid%3D430471%2B%2B&r=&lt=1601&evt=pageLoad&msclkid=N&rn=421915
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Fri, 21 Feb 2020 02:03:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: BA6F274CFBCD422D8C3B07D25C20FAB5 Ref B: FRAEDGE1118 Ref C: 2020-02-21T02:03:45Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1970868136515269&ev=PageView&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D427926%26click_id%3D02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be%26cid%3D430471%2B%2B&rl=&if=false&ts=1582250625846&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582250625846.840491509&it=1582250625743&coo=false&rqm=GET

Requested by

Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 02:03:45 GMT, Fri, 21 Feb 2020 02:03:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 21 Feb 2020 02:03:45 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1970868136515269&ev=Microdata&dl=https%3A%2F%2Fkampanje.dmax.no%2Fgratis%2F%3Futm_source%3Dorion%26utm_medium%3D427926%26click_id%3D02_50676985_92ca23f5-a13e-4031-8f...
https://cx.atdmt.com/?c=3674434428763217097&f=AYx3AxlXsFN3XXr9u9Emz2McVNdz6QG7QkIXUV5YRn2sC7al513x2jsaI09rUxr6rfuxfwCq8988sX2PWBSJ76vB&id=1970868136515269&l=3&v=0

42 B
319 B

40ms
39ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=3674434428763217097&f=AYx3AxlXsFN3XXr9u9Emz2McVNdz6QG7QkIXUV5YRn2sC7al513x2jsaI09rUxr6rfuxfwCq8988sX2PWBSJ76vB&id=1970868136515269&l=3&v=0
Requested by: Host: kampanje.dmax.no
URL: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://kampanje.dmax.no/gratis/?utm_source=orion&utm_medium=427926&click_id=02_50676985_92ca23f5-a13e-4031-8f00-fbc9f31316be&cid=430471++
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 21 Feb 2020 02:03:46 GMT, Fri, 21 Feb 2020 02:03:46 GMT, Fri, 21 Feb 2020 02:03:46 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-24=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 02:03:46 GMT, Fri, 21 Feb 2020 02:03:46 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=3674434428763217097&f=AYx3AxlXsFN3XXr9u9Emz2McVNdz6QG7QkIXUV5YRn2sC7al513x2jsaI09rUxr6rfuxfwCq8988sX2PWBSJ76vB&id=1970868136515269&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-24=":443"; ma=3600
content-length: 0
expires: 0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dmax.no/	1970-01-19 09:40:26	Name: _fbp Value: fb.1.1582250625846.840491509
kampanje.dmax.no/	1970-01-19 17:00:37	Name: _scid Value: c8fbf508-990b-4c25-a5f3-8cebe0a7419e
.dmax.no/	1970-01-19 07:30:50	Name: _gat_UA-111350678-1 Value: 1
.dmax.no/	1970-01-19 07:32:17	Name: _gid Value: GA1.2.1952298738.1582250626
.dmax.no/	1970-01-19 07:35:09	Name: ubvt Value: 85.159.237.661582260054148374
.dmax.no/	1970-01-20 01:02:02	Name: _ga Value: GA1.2.1487553267.1582250626
.dmax.no/	1970-01-19 09:40:26	Name: _gcl_au Value: 1.1.1929419214.1582250626
.snapchat.com/	1970-01-19 16:52:26	Name: sc_at Value: v2\|H4sIAAAAAAAAAB3EwQ0AMAQAwIkkKMI4VDuF4Zv0HneSqWtf+IlJQTQtcFPpjKySmCF1ZkVjHXwYBi2aMgAAAA==
kampanje.dmax.no/	1970-01-19 11:50:02	Name: ubvs Value: 85.159.237.661582260054148374
kunde.vitamail.no/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2sutbszrmrnq3hmeijrzhglk
kampanje.dmax.no/gratis/	1970-01-19 11:55:48	Name: ubpv Value: r%2Cfb409f7b-6bfa-4c9a-a0fd-b04dd15b0aa2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1970868136515269.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bemediaor.com
builder-assets.unbounce.com
connect.facebook.net
ct.pinterest.com
cx.atdmt.com
d9hhrg4mnvzow.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
kampanje.dmax.no
kunde.vitamail.no
paydesolutions.com
pixel.sitescout.com
s.pinimg.com
sc-static.net
secure.adnxs.com
stats.g.doubleclick.net
tr.snapchat.com
track.prizecontestant.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.35.253.25
13.35.254.222
143.204.202.124
185.171.233.3
209.41.64.220
212.32.249.98
23.210.248.189
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81f::2008
2a00:1450:4001:821::2003
2a00:1450:4001:821::2004
2a00:1450:4001:825::200e
2a00:1450:400c:c04::9c
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::84
35.186.226.184
37.252.172.250
52.233.196.115
54.93.101.66
66.155.71.25
01143b1d96b3125dc30ea6cd170b7f8c00ec1af9a19f027384b5a57db79e1751
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
064fc1ddeedd985949045701d878ea254dd1947ed28b531783bf1323c34bfe93
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1903ccf8888cb7315a483e28919c3340383606c45a5d9f27809156b46f3d4655
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
34b87bdec0a66e6126b427bbfa4e4c0aa530815e06aea41966887ee96a618637
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
387211ccad7938985e8c18bc82e560269caccedc8222cb51ddcf390bf7f34e79
43935c02df66c9d54d5f3ee8f5b3b50c45fa9299a7dd3173029957f0f0174112
4926ef7634543c137ff3ba20f3bd8c2417acea3f83c5da61a86a9ff38fa4a96a
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e0d96a0c01d0823b84c25c2eb41277b158f8d7a8bd3b31dddff1b0007d00ff5
5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da
6c16e0854bb0f22dc3adb5f4ab055f14427dce3440f33681289f623bd5bf00e5
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8b669b5db0edb00cbd3298181125e79b2d0fe7cbb2874b2033fd42f3ff99eee9
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a63cbbec3bbf8ee90adf946f8ba53df5c63fe1d5bc9444aaa42fd5006e7c5ca4
a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9
b153e6919fdfcfea07a4154bf17158bc3c35b7686044536d0df2ce0b0f551ecd
ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913
cf24b4e0b40f71c1f89750c8f0a11633b080ea3e3a0de5f187a7a60ef7140a7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead3d6843f97ecb1657b7cbe15b90764a4ce9cc6a2d1f8193db6c84341b06889
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f400a0f5274821805944b570d1b6fc37d0d15b7c0618927e09c14b1f2f26b73b
f6db155444dfb09fd6663496845b93b632378c483822b3a3a88b667efb9664b7
f7a4028c7c5f1214665f61e28c0935beaaf8e73c1d82691da265ce59b3e388c8
f9c8745a39db6df2dd6a59e36f1840f1b64f68009fff1f7b4abd9706c92a3f63

kampanje.dmax.no Open in urlscan Pro 54.93.101.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

50 %IPv6

24 Domains

24 Subdomains

20 IPs

8 Countries

521 kBTransfer

1202 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kampanje.dmax.no Open in urlscan Pro
54.93.101.66 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

24
Subdomains

20
IPs

8
Countries

521 kB
Transfer

1202 kB
Size

11
Cookies

45 HTTP transactions
0 data transactions