proff.no Open in urlscan Pro
13.51.113.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://proff.no/
Effective URL:
https://proff.no/
Submission: On May 24 via manual (May 24th 2022, 2:15:11 pm UTC) from NO — Scanned from NO

Summary HTTP 73 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 23 domains to perform 73 HTTP transactions. The main IP is 13.51.113.218, located in Stockholm, Sweden and belongs to AMAZON-02, US. The main domain is proff.no. The Cisco Umbrella rank of the primary domain is 691103.
TLS certificate: Issued by Amazon on May 11th 2022. Valid for: a year.

This is the only time proff.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	13.51.113.218 13.51.113.218	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1 8	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
4	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
4	23.35.228.210 23.35.228.210	16625 (AKAMAI-AS) (AKAMAI-AS)
6	65.9.63.9 65.9.63.9	16509 (AMAZON-02) (AMAZON-02)
4	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	64.233.184.155 64.233.184.155	15169 (GOOGLE) (GOOGLE)
1	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
6	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.63.104 65.9.63.104	16509 (AMAZON-02) (AMAZON-02)
1 3	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	195.181.175.55 195.181.175.55	60068 (CDN77 ^_^) (CDN77 ^_^)
1	99.86.4.78 99.86.4.78	16509 (AMAZON-02) (AMAZON-02)
2 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 2	18.159.9.226 18.159.9.226	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	63.35.168.36 63.35.168.36	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	65.9.63.20 65.9.63.20	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	213.155.156.188 213.155.156.188	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
1	195.181.174.6 195.181.174.6	60068 (CDN77 ^_^) (CDN77 ^_^)
1	18.195.72.208 18.195.72.208	16509 (AMAZON-02) (AMAZON-02)
73	30

17 13.51.113.218 (Stockholm, Sweden) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com

proff.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.proff.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.proff.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

hb.adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.63.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-9.fra56.r.cloudfront.net

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-104.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.164 (Uppsala, Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.175.55 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-53.cdn77.com

cdn.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-78.fra6.r.cloudfront.net

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Utrecht, Netherlands) 2 redirects

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.9.226 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-9-226.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.168.36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-168-36.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-20.fra56.r.cloudfront.net

sync.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.188 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com

sting.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.174.6 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-1.cdn77.com

sting-cdn.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.72.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-72-208.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	proff.no 1 redirects proff.no — Cisco Umbrella Rank: 691103 stats.proff.no www.proff.no — Cisco Umbrella Rank: 838467	312 KB
13	adform.net 1 redirects hb.adx.adform.net s1.adform.net — Cisco Umbrella Rank: 8427 adx.adform.net — Cisco Umbrella Rank: 4019 dmp.adform.net — Cisco Umbrella Rank: 2468	609 KB
8	de17a.com 1 redirects d5p.de17a.com — Cisco Umbrella Rank: 5262 cdn.de17a.com — Cisco Umbrella Rank: 958629 sting.de17a.com — Cisco Umbrella Rank: 389201 sting-cdn.de17a.com — Cisco Umbrella Rank: 390303	252 KB
8	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2100 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5533 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9812	275 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	498 KB
4	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1281	4 KB
4	google.com www.google.com — Cisco Umbrella Rank: 7	25 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	826 B
2	casalemedia.com 1 redirects dsum.casalemedia.com — Cisco Umbrella Rank: 1272	2 KB
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 435	583 B
2	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 520	658 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	userreport.com sync.userreport.com	587 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 932	424 B
1	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3052	178 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 918	354 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	2 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 987	10 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 92	434 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	265 B
73	23

	Domain	Requested by
15	proff.no	1 redirects proff.no quantcast.mgr.consensu.org
7	adx.adform.net	1 redirects proff.no s1.adform.net
6	www.gstatic.com	www.google.com www.gstatic.com
6	quantcast.mgr.consensu.org	proff.no quantcast.mgr.consensu.org
4	s1.adform.net	hb.adx.adform.net proff.no
4	pixel.mathtag.com	proff.no pixel.mathtag.com
4	www.google.com	proff.no www.gstatic.com www.google.com
3	d5p.de17a.com	1 redirects proff.no d5p.de17a.com
2	sting.de17a.com	d5p.de17a.com proff.no
2	sync.search.spotxchange.com	1 redirects d5p.de17a.com
2	ib.adnxs.com	2 redirects
2	ad.360yield.com	1 redirects d5p.de17a.com
2	dsum.casalemedia.com	1 redirects d5p.de17a.com
2	pixel.advertising.com	1 redirects d5p.de17a.com
2	sync.1rx.io	1 redirects d5p.de17a.com
2	cdn.de17a.com	proff.no sting.de17a.com
2	www.google-analytics.com	proff.no
1	www.proff.no	proff.no
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	sting-cdn.de17a.com	d5p.de17a.com
1	fonts.gstatic.com	www.google.com
1	pixel.rubiconproject.com	d5p.de17a.com
1	sync.userreport.com	d5p.de17a.com
1	dmp.adform.net	d5p.de17a.com
1	image2.pubmatic.com	d5p.de17a.com
1	usermatch.targeting.unrulymedia.com	1 redirects
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rules.quantcount.com	secure.quantserve.com
1	cdn.jsdelivr.net	s1.adform.net
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	match.adsrvr.org	proff.no
1	stats.proff.no	proff.no
1	hb.adx.adform.net	proff.no
73	34

This site contains links to these domains. Also see Links.

Domain
innsikt.proff.no
proff.se
proff.dk
proff.fi
www.proff.se
www.proff.dk
www.proff.fi
forvalt.no
windows.microsoft.com
www.google.com
www.mozilla.org
www.opera.com

Subject Issuer	Validity	Valid
proff.no Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.cmp.quantcast.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-20` - `2022-12-20`	a year	crt.sh
1072570458.rsc.cdn77.org R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
1147033924.rsc.cdn77.org R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://proff.no/
Frame ID: FFA34D8CDB83E1EB7EEA2A3E27E91196
Requests: 42 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=6fd0628c-e869-4600-a5db-a8882b9a3cff&no_iframe=1&mt_adid=192315&source=mathtag
Frame ID: BA9D6CDE2E815EC3A9B2443FDAC2F291
Requests: 2 HTTP requests in this frame

Frame: https://proff.no/consent.html
Frame ID: 1C97633AEBAAE8EA46E1D2D8E6C1F2F8
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/banners/scripts/adx.js
Frame ID: 1AAEBC46CE37EA1C4CCC6B20F02C1DFE
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/banners/scripts/adx.js
Frame ID: E132C9CA4152312879093CA262DD10DE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=522i7wi0t5yy
Frame ID: A2FEC224B5A94BA325E15FEBD85315DF
Requests: 8 HTTP requests in this frame

Frame: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Frame ID: 65634B45C73D10981E8BD44143454EA2
Requests: 12 HTTP requests in this frame

Frame: https://cdn.de17a.com/i6n.js?source=dogfight&override_url=https%3A%2F%2Fd5p.de17a.com%2Fcontrol-notify%2Fadform%3Fauction_id%3D1224337954_1823174_1653401707263_167673847_0
Frame ID: 68813DC771448BE9DA2B1CDF5315893B
Requests: 2 HTTP requests in this frame

Frame: https://sting.de17a.com/api/tags
Frame ID: FF743A54CD5060C01395078A74A00F68
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP
Frame ID: 73915787AB7C48E3D376C9932A755590
Requests: 3 HTTP requests in this frame

Frame: https://cdn.de17a.com/i6n.js?source=sting&rid=qcxdxpuiatvmohvwynxx
Frame ID: AF37CED6CA1F42B21B8EF4A078F29201
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proff® – Nøkkeltall, Regnskap og Roller for norske bedrifter

Page URL History Show full URLs

http://proff.no/ HTTP 301
https://proff.no/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

73
Requests

90 %
HTTPS

0 %
IPv6

23
Domains

34
Subdomains

30
IPs

8
Countries

2011 kB
Transfer

5643 kB
Size

29
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://innsikt.proff.no/kundeweb

Search URL Search Domain Scan URL

URL: https://proff.se/
Title: proff.se

Search URL Search Domain Scan URL

URL: https://proff.dk/
Title: proff.dk

Search URL Search Domain Scan URL

URL: https://proff.fi/
Title: proff.fi

Search URL Search Domain Scan URL

URL: https://www.proff.se/
Title: Proff Sverige

Search URL Search Domain Scan URL

URL: https://www.proff.dk/
Title: Proff Danmark

Search URL Search Domain Scan URL

URL: https://www.proff.fi/
Title: Proff Finland

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/proff-api/
Title: Proff® API

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/personvern/
Title: personopplysninger

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/om-proff/
Title: Om Proff®

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/samarbeidspartnere/
Title: Samarbeidspartnere

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/kilder/
Title: Kilder

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/sitemap/
Title: Nettsstedskart

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/rettigheter/
Title: Vilkår og rettigheter

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/integritetspolicy/
Title: Integritetspolicy

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/personvern
Title: Personvern - GDPR

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/hjelp-og-tips/
Title: Hjelp

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/kontakt/
Title: Ofte Stilte Spørsmål

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/om-proff/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/
Title: Bli Proff-kunde

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/markedspakker/
Title: Markedspakker

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/bedriftsovervaking/
Title: Overvåking

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/segmentering/
Title: Lister

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/display/
Title: Displayannonser

Search URL Search Domain Scan URL

URL: https://forvalt.no/
Title: Proff® Forvalt

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/ie
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/browser/desktop/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: http://www.mozilla.org/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: http://www.opera.com/
Title: Opera

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://proff.no/ HTTP 301
https://proff.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401706688_8889619025804867 HTTP 302
https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401706688_8889619025804867

Request Chain 39

https://d5p.de17a.com/victory/adform?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg HTTP 302
https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg

Request Chain 45

https://usermatch.targeting.unrulymedia.com/usermatch/delta/9054906404565546546 HTTP 302
https://sync.1rx.io/usersync/delta/9054906404565546546 HTTP 302
https://sync.1rx.io/usersync/delta/9054906404565546546?zcc=1&cb=1653401708094

Request Chain 46

https://pixel.advertising.com/ups/55955/sync?uid=9054906404565546546&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55955/sync?uid=9054906404565546546&_origin=1&verify=true

Request Chain 48

https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=9054906404565546546&expiration=1655993707 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=9054906404565546546&expiration=1655993707&C=1

Request Chain 49

https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=9054906404565546546&expiration=1655993707 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=9054906404565546546&expiration=1655993707

Request Chain 52

https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
https://d5p.de17a.com/setuid/appnexus?anxs_uid=3927942297952299733

Request Chain 53

https://sync.search.spotxchange.com/partner?adv_id=7326&uid=9054906404565546546&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=9054906404565546546&img=1&__user_check__=1&sync_id=ea36ef9d-db6b-11ec-9d43-13ae17dc0506

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
proff.no/
Redirect Chain

http://proff.no/
https://proff.no/

60 KB
18 KB

221ms
111ms

Document
text/html

13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 461271ba8a5ddd6d0452d1d7b53d7247dac6282b03c2918e61af03d55dbd7be5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-language: no-NO
content-length: 17635
content-type: text/html;charset=UTF-8
date: Tue, 24 May 2022 14:15:05 GMT

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Tue, 24 May 2022 14:15:05 GMT
Location: https://proff.no:443/
Server: awselb/2.0

GET
H2 200 roboto-fontface.css
proff.no/fonts/roboto-fontface/css/ 12 KB
1 KB 65ms
63ms Stylesheet
text/css 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/fonts/roboto-fontface/css/roboto-fontface.css
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: d03b6c530e790642376b53b015d6f3d4aaff4280d53516fb8ee0e117c1afd8bc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:14 GMT
etag: "1653428054966"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 718
expires: Tue, 24 May 2022 21:34:14 GMT

GET
H2 200 main.css
proff.no/stylesheets/css/ 291 KB
51 KB 67ms
65ms Stylesheet
text/css 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 5c1e3c8c463c7408661163e65494a1f0bfe02123044b77a266c5bb1b8f14f391

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:00 GMT
etag: "1653428040537"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 51170
expires: Tue, 24 May 2022 21:34:00 GMT

GET
H2 200 default.css
proff.no/stylesheets/css/ 20 KB
5 KB 121ms
119ms Stylesheet
text/css 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/stylesheets/css/default.css?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 22b23b9c137b0288305c383dd3c8c87bf82d5ff87966c8fbef24c5c6fece9c7e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:00 GMT
etag: "1653428040527"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 4694
expires: Tue, 24 May 2022 21:34:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 562ms
79ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2420
date: Tue, 24 May 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 24 May 2022 15:34:46 GMT

GET
H2 200 4395.js Show response
hb.adx.adform.net/hb/ 17 KB
4 KB 209ms
56ms Script
application/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.adx.adform.net/hb/4395.js

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

942c52b43f6bb3b48ceec027594c2bfce6e34029cc1d485983b2f8e00c7a1034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Host
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=3600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: Tue, 24 May 2022 15:15:05 GMT

GET
H2 200 vendor.js Show response
proff.no/js/lib/ 414 KB
117 KB 122ms
121ms Script
application/javascript 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/vendor.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: fa7318c53b32446d37cec15c70bf7dbec1db5d946cf876fcc02de429233361ce

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:14 GMT
etag: "1653428054998"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 119346
expires: Tue, 24 May 2022 21:34:14 GMT

GET
H2 200 menu.js Show response
proff.no/js/lib/ 5 KB
2 KB 182ms
181ms Script
application/javascript 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/menu.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: e8b4623a433dc3d0a2f2f985e51cbd97b222ba9d66ca9b58ab8b133f4f8715bd

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:00 GMT
etag: "1653428040529"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 1736
expires: Tue, 24 May 2022 21:34:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 907 B
993 B 605ms
90ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=addCaptchaCb&render=explicit&hl=no

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

9842713db52e17ba6a1edde841d5eb36f94c00252d7e26c9f130d29aa0bce779

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Tue, 24 May 2022 14:15:06 GMT

GET
H2 200 search.js Show response
proff.no/js/lib/ 10 KB
3 KB 182ms
181ms Script
application/javascript 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/search.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 142cfecbbe6b0c3605072d997fe3a1d199af6f4d7a7c9408e6ecd00b2f40a6cf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:00 GMT
etag: "1653428040530"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 2915
expires: Tue, 24 May 2022 21:34:00 GMT

GET
H2 200 pa.min.js Show response
stats.proff.no/ 1 KB
2 KB 73ms
60ms Script
application/javascript 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.proff.no/pa.min.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 0085b22dee76d92814ecfc0ff69e7d83678eb40ce28565d4746e6fbfa8f0f8be

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
cache-control: max-age=86400
last-modified: Mon, 02 May 2022 12:00:54 GMT
accept-ranges: bytes
content-length: 1459
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript

GET
H2 200 analytics.js Show response
proff.no/js/lib/ 2 KB
1 KB 182ms
182ms Script
application/javascript 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/analytics.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 15ac477a33c97d1562572d037318cfb6930df1e612229377a29a1d25ffdafdbb

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:15 GMT
etag: "1653428055472"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 749
expires: Tue, 24 May 2022 21:34:15 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 2 KB
2 KB 311ms
130ms Script
text/javascript 23.35.228.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1200265&mt_adid=192315&s1=https://www.proff.no
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-210.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master zrh-pixel-x3 config:1.0.0 /
Resource Hash: 99200150de80e68d9d45c25f9a79efd635340e0c25adb1ab3359c798a3c9fa1c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 14:15:06 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1988
Expires: Tue, 24 May 2022 14:15:05 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/ 5 KB
2 KB 575ms
75ms Script
application/javascript 65.9.63.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/choice.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c5c7922ed40e9d4f2e4576bc8092aed89df49ab2790d5f84632cb4a97bac847

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: br
last-modified: Tue, 31 Aug 2021 13:44:14 GMT
server: AmazonS3
age: 10
etag: W/"3517e82c281f90e0212e505792a3be1d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6Z3lg4UBfp14el8OlFnUdMorRZKgU481FvNNFCVZjdZPugb7e_e5MQ==

GET
H2 200 prebid.4.latest.js Show response
s1.adform.net/banners/scripts/ 2 MB
527 KB 251ms
80ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/prebid.4.latest.js
Requested by: Host: hb.adx.adform.net
URL: https://hb.adx.adform.net/hb/4395.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f940358fee2cba0546b93557937fd06423a93d5534c395ef854c4470edd4b26e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 12:09:49 GMT
server: nginx
etag: W/"5f58c60d-18c2d7"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
24 KB 591ms
421ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adx.adform.net
URL: https://hb.adx.adform.net/hb/4395.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 polyfills.js Show response
proff.no/js/lib/ 18 KB
7 KB 67ms
66ms Script
application/javascript 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/polyfills.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: a8d9f2a4a3ef5baf61c43ef328bc45c3279ec7334e62e50624bae12c743f90b1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:15 GMT
etag: "1653428055177"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 6465
expires: Tue, 24 May 2022 21:34:15 GMT

GET
H2 200 page_bg.png
proff.no/img/v3/ 1 KB
2 KB 57ms
57ms Image
image/png 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proff.no/img/v3/page_bg.png
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 2d7f2c49b8acf4fa9dfc186527ea2586d0634b58bb9d496e6efbee67ddb87e7a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
last-modified: Tue, 24 May 2022 09:34:15 GMT
etag: "1653428055447"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: image/png;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 1092
expires: Tue, 24 May 2022 21:34:15 GMT

GET
H2 200 sprite_general_6.png
proff.no/img/v3/ 14 KB
14 KB 58ms
58ms Image
image/png 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proff.no/img/v3/sprite_general_6.png
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: e1abbbc7891f4f485fb5b9c26fa241b6503282f8bff9ef129da09251be61755f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:35:21 GMT
etag: "1653428121130"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: image/png;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 14187
expires: Tue, 24 May 2022 21:35:21 GMT

GET
H2 200 ss-standard.woff
proff.no/fonts/ 26 KB
27 KB 58ms
57ms Font
application/font-woff 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/fonts/ss-standard.woff
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: e47e764298124c12ec246cc3f33a5ece1cf82cacbef043ea83ebe58089b40287

Request headers

Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
Origin: https://proff.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:16 GMT
etag: "1653428056465"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/font-woff;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 27083
expires: Tue, 24 May 2022 21:34:16 GMT

GET
H2 200 proffglobal-bold-webfont.woff
proff.no/fonts/ 50 KB
51 KB 74ms
74ms Font
application/font-woff 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/fonts/proffglobal-bold-webfont.woff
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 9c828769c82976773b3b8704e27cf5753cb3aa7f87edde89395b4a662b534aa5

Request headers

Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
Origin: https://proff.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:05 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:34:16 GMT
etag: "1653428056476"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/font-woff;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 51131
expires: Tue, 24 May 2022 21:34:16 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame BA9D 631 B
994 B 89ms
89ms Document
text/html 23.35.228.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=6fd0628c-e869-4600-a5db-a8882b9a3cff&no_iframe=1&mt_adid=192315&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1200265&mt_adid=192315&s1=https://www.proff.no
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-210.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master zrh-pixel-x27 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 631
Content-Type: text/html
Date: Tue, 24 May 2022 14:15:06 GMT
Expires: Tue, 24 May 2022 14:15:05 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4419 e1034d5 master zrh-pixel-x27 config:1.0.0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 271ms
82ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=k4lpo8g&ttd_tpi=1
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 181ms
92ms Image
image/gif 23.35.228.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-210.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master zrh-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 14:15:06 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 24 May 2022 14:15:05 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame BA9D 43 B
525 B 131ms
83ms Image
image/gif 23.35.228.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=6fd0628c-e869-4600-a5db-a8882b9a3cff&no_iframe=1&mt_adid=192315&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-210.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master zrh-pixel-x12 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=6fd0628c-e869-4600-a5db-a8882b9a3cff&no_iframe=1&mt_adid=192315&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 14:15:06 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 24 May 2022 14:15:05 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 549ms
68ms XHR
text/plain 64.233.184.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3244641-3&cid=1282028139.1653401706&jid=846952874&gjid=2132795422&_gid=631246571.1653401706&_u=IGBAgEADAAAAAE~&z=439793070

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 24 May 2022 14:15:06 GMT
content-type: text/plain
access-control-allow-origin: https://proff.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 79ms
78ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1107698775&t=pageview&_s=1&dl=https%3A%2F%2Fproff.no%2F&ul=en-us&de=UTF-8&dt=Proff%C2%AE%20%E2%80%93%20N%C3%B8kkeltall%2C%20Regnskap%20og%20Roller%20for%20norske%20bedrifter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAD~&jid=846952874&gjid=2132795422&cid=1282028139.1653401706&tid=UA-3244641-3&_gid=631246571.1653401706&z=1705692523

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 20:27:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64046
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 569ms
79ms Script
application/javascript 91.228.74.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 31 May 2022 14:15:06 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 105ms
105ms Script
text/javascript 65.9.63.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: br
age: 13
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:37 GMT
server: AmazonS3
etag: W/"1d55b13d85c9837da884d1e8594cc025"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: _UTV9QcSv0_9PxMkIHhzaO1SsFCR7tntO02jdVoKE06MHpiJ1XYikA==

GET
H2 200 recaptcha__no.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 364 KB
144 KB 559ms
78ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=addCaptchaCb&render=explicit&hl=no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://proff.no/
Origin: https://proff.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 07:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147066
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 07:48:09 GMT

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 14 KB
2 KB 488ms
58ms XHR
application/json 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/prebid.4.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14785
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-bma1668-BMA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCprCk1F%2FnQJwaXpyjQjzsezBQ4baU66ktNKgrTkSyM9VTiilxGmdFbLQDJlEJ7cenaGqncOt2%2Bp4d0yRCcORjp4GTcRCno37bWPvNvS%2BJUj9DFoGvLGqD6ndQiDMO4P5Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7106a43c9c5b0b69-OSL

GET
H2 200 consent.html Show response
proff.no/ Frame 1C97 4 KB
2 KB 55ms
54ms Document
text/html 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/consent.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 9648602e46ca07cf53fe8ff07088110d712862147dbb4c5303d1676eb242d288

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43200
content-encoding: gzip
content-length: 1069
content-type: text/html;charset=UTF-8
date: Tue, 24 May 2022 14:15:06 GMT
etag: "1653428041625"
expires: Tue, 24 May 2022 21:34:01 GMT
last-modified: Tue, 24 May 2022 09:34:01 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401706688_8889619025804867
https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401706688_8889619025804867

929 B
1 KB

55ms
55ms

Script
text/javascript

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401706688_8889619025804867

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

203b57eb4cd293c9e08cc1eb7ad20ab6638eaf79d5a18544061b6b72d3ef8ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:06 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401706688_8889619025804867
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 1AAE 58 KB
24 KB 54ms
54ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:06 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 552ms
107ms XHR
application/json 65.9.63.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a

Request headers

Accept: application/json, text/plain, */*
Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 03:00:31 GMT
content-encoding: br
age: 40477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 03:00:27 GMT
server: AmazonS3
etag: W/"e357936593cc8ed65091e13f59db4400"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: e9AJ6UxlK6u8qWXI3UdT8lK7mSWu_93u7pl3UlTYIUU_tH1Z20A2rQ==

GET
H2 200 / Show response
adx.adform.net/adx/ 874 B
1 KB 56ms
55ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc3NTkwOA&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401706984_38422944309974194

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

12a01d000b4b734344771a74d8c50448cbfde005b0f703e59aa9575fc20df24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame E132 58 KB
24 KB 61ms
61ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:07 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 rules-p-B0t1hzyq1UTeN.js Show response
rules.quantcount.com/ 2 B
354 B 545ms
75ms Script
application/javascript 65.9.63.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-B0t1hzyq1UTeN.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:07:07 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server: AmazonS3
age: 479
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-length: 2
x-amz-cf-id: OJU9oaWP9QAiJQRrk-F9qfqDETTbEzT8o05nA3jdr_4Gg4BhMMbVSQ==

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 125ms
125ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc3Nzk5Mw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653401707220_6444282750845902

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

673cdc12aafa32976c6f3379fa37db4cfbded7c29319b478f88bdce5f089ec46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A2FE 43 KB
23 KB 96ms
96ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=522i7wi0t5yy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

19f8f69b2419099db52a8f57e20d461a70f2774aaaa5f5932a37b84d8fc3180a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rpOwkm4FikCiD0L04BeEyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22774
content-security-policy: script-src 'report-sample' 'nonce-rpOwkm4FikCiD0L04BeEyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 14:15:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

adform;c Show response
d5p.de17a.com/victory/ Frame 6563
Redirect Chain

https://d5p.de17a.com/victory/adform?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzc...
https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSN...

3 KB
3 KB

60ms
60ms

Document
text/html

213.155.156.164
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.164 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-164.teliacarrier-cust.com
Software: /
Resource Hash: 379052d3dba900b702b18ab145285d3bec80325ebcecc9079ba266c799e93d2c

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-length: 3077
content-type: text/html;charset=utf-8
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

content-length: 0
location: /victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 i6n.js Show response
cdn.de17a.com/ Frame 6881 13 KB
3 KB 571ms
66ms Script
application/javascript 195.181.175.55
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.de17a.com/i6n.js?source=dogfight&override_url=https%3A%2F%2Fd5p.de17a.com%2Fcontrol-notify%2Fadform%3Fauction_id%3D1224337954_1823174_1653401707263_167673847_0
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-53.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-nzt: AcO1rzWwsIj/ygEAAA
x-accel-expires: @1653401849
date: Tue, 24 May 2022 14:15:07 GMT
content-encoding: br
etag: W/"5c6e6493-3319"
last-modified: Thu, 21 Feb 2019 08:42:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: LuAo+xt4x4Q
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-cache: HIT
x-age: 458
x-77-pop: frankfurtDE

GET
H2 200 /
adx.adform.net/adx/ssp/imp/ Frame 6881 35 B
535 B 53ms
52ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adx.adform.net/adx/ssp/imp/?data=YtautBHD0att5QeXrVCg6mjrTL_3zW4WPbl1lZdKiUr4yP9Xjlqlo0a_0phLS8h-DGe-Nxl_kVgEWZeN-d8kFe5SS2YJpjE-PvKAdycz4K3NaAE1zfhr7XpwnUk07bA0uhk2MnKGM1la5TYFTPNJ6Eu4Z9NOXXZ08GRSSdFFDuu1c1n77acf1Q2&adxvars=HUbtNr86afNVfQCLwx1t7MMzB2AjQrr9XMvrYe0FLiAB0_BRuHfj8Hu4BIUZ_v3-yyZEAwdQLKbbl40ics3S4QECrVCxOSBHcZ7EiHPDJRgaLGk8g7Kfw85wq7G0_C-Q17VFnWzsoWcojWDF7zE0H3KXHMLZfTIC7gTM39vbuOsJIhGLVZe8WB0oXE55UawV27kv7lahyslJXMIIfilOCMWjAexNyLOV0&ord=521334

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame A2FE 51 KB
24 KB 580ms
103ms Stylesheet
text/css 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=522i7wi0t5yy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 14:11:17 GMT

GET
H2 200 recaptcha__no.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame A2FE 364 KB
144 KB 673ms
198ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 07:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147066
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 07:48:09 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 555ms
82ms XHR
application/json 99.86.4.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-78.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57

Request headers

Accept: application/json, text/plain, */*
Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 03:00:41 GMT
content-encoding: gzip
age: 40468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 19 May 2022 19:52:29 GMT
server: AmazonS3
etag: W/"50900028e353b5405beb46af660d5881"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: IX6ESpJaeLGXuWQu6Zw9OjFVEOp9d7q.
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA6-C1
content-type: application/json
x-amz-cf-id: CVfnxpDmZ1U_eyBdfDjPXGpmOALplMk09csAQb57QMuWTJw-fbKFog==

GET
H2

200

9054906404565546546
sync.1rx.io/usersync/delta/ Frame 6563
Redirect Chain

https://usermatch.targeting.unrulymedia.com/usermatch/delta/9054906404565546546
https://sync.1rx.io/usersync/delta/9054906404565546546
https://sync.1rx.io/usersync/delta/9054906404565546546?zcc=1&cb=1653401708094

43 B
172 B

63ms
63ms

Image
image/gif

213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/delta/9054906404565546546?zcc=1&cb=1653401708094
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: H2
Server: 213.19.147.44 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:08 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:08 GMT
server: Tengine
etag: RXe4371552ee344e26b6a2a41d6d22cdb2003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync/delta/9054906404565546546?zcc=1&cb=1653401708094
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H2

404

sync
pixel.advertising.com/ups/55955/ Frame 6563
Redirect Chain

https://pixel.advertising.com/ups/55955/sync?uid=9054906404565546546&_origin=1
https://pixel.advertising.com/ups/55955/sync?uid=9054906404565546546&_origin=1&verify=true

0
255 B

87ms
87ms

Image
text/plain

18.159.9.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55955/sync?uid=9054906404565546546&_origin=1&verify=true

Requested by

Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg

Protocol

Server

18.159.9.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-9-226.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:07 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55955/sync?uid=9054906404565546546&_origin=1&verify=true
date: Tue, 24 May 2022 14:15:07 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 6563 42 B
424 B 280ms
70ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=9054906404565546546
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 6563
Redirect Chain

https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=9054906404565546546&expiration=1655993707
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=9054906404565546546&expiration=1655993707&C=1

43 B
1004 B

94ms
94ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=9054906404565546546&expiration=1655993707&C=1
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 May 2022 14:15:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 24 May 2022 14:15:08 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 May 2022 14:15:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=9054906404565546546&expiration=1655993707&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 305
Expires: Tue, 24 May 2022 14:15:07 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6563
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=9054906404565546546&expiration=1655993707
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=9054906404565546546&expiration=1655993707

43 B
423 B

104ms
104ms

Image
image/gif

63.35.168.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=9054906404565546546&expiration=1655993707
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: H2
Server: 63.35.168.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-168-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 24 May 2022 14:15:07 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=9054906404565546546&expiration=1655993707
date: Tue, 24 May 2022 14:15:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 match
dmp.adform.net/serving/cookie/ Frame 6563 35 B
477 B 262ms
56ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match?party=1124&cid=9054906404565546546

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK cs.gif
sync.userreport.com/ Frame 6563 43 B
587 B 621ms
66ms Image
image/gif 65.9.63.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.userreport.com/cs.gif?s=d3prj11&fk=9054906404565546546
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 25 Oct 2012 12:28:09 GMT
x-amz-version-id: null
Via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jan 2014 09:18:47 GMT
Server: AmazonS3
Age: 36615
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Date: Tue, 24 May 2022 04:04:54 GMT
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: 89GZwsnTq51qwPujqTsSFty67JvbxiaocJUtReoOTvzHF5NjxnieCA==

GET
H2

200

appnexus
d5p.de17a.com/setuid/ Frame 6563
Redirect Chain

https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
https://d5p.de17a.com/setuid/appnexus?anxs_uid=3927942297952299733

35 B
199 B

70ms
70ms

Image
image/gif

213.155.156.164
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/setuid/appnexus?anxs_uid=3927942297952299733
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: H2
Server: 213.155.156.164 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-164.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Tue, 24 May 2022 14:15:07 GMT
X-Proxy-Origin: 178.255.148.170; 178.255.148.170; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bb57d236-9db5-4581-9c39-a1a8a7de6712
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://d5p.de17a.com/setuid/appnexus?anxs_uid=3927942297952299733
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 6563
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7326&uid=9054906404565546546&img=1
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=9054906404565546546&img=1&__user_check__=1&sync_id=ea36ef9d-db6b-11ec-9d43-13ae17dc0506

43 B
548 B

92ms
92ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7326&uid=9054906404565546546&img=1&__user_check__=1&sync_id=ea36ef9d-db6b-11ec-9d43-13ae17dc0506
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 14:15:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 15
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 24 May 2022 14:15:07 GMT
Server: nginx
Location: /partner?adv_id=7326&uid=9054906404565546546&img=1&__user_check__=1&sync_id=ea36ef9d-db6b-11ec-9d43-13ae17dc0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 43
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 6563 0
239 B 336ms
78ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=9054906404565546546&expires=30
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2 200 ctrl.js Show response
sting.de17a.com/ Frame 6563 47 KB
17 KB 273ms
125ms Script
application/javascript 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL

https://sting.de17a.com/ctrl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

213-155-156-188.teliacarrier-cust.com

Software

nginx/1.18.0 /

Resource Hash

204c8a77b6387ed0f4f572c209fd6f53b2682e863fe3271ee297c7267cecfff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 05:16:55 GMT
server: nginx/1.18.0
etag: "bbd017e2384d558"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
expires: Mon, 09 May 2022 19:34:24 GMT
cache-control: must-revalidate, private, max-age=0
x-proxy-cache: HIT

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 327 KB
38 KB 89ms
88ms XHR
application/json 65.9.63.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b4a056bfa3f8317b9ba5aa9b1719971779672b0277107b45699add1db387e90

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 03:00:35 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40474
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 03:00:33 GMT
server: AmazonS3
etag: W/"f83f06b16bc8a3f2f85a6c82ec5700eb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: C5YQMsdKpumD7-_Dy8ksuEB6HUVI2NNwFMXpduxxjhYULQAiQWDxog==

GET
H2 200 purposes-NO.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 26 KB
4 KB 68ms
67ms XHR
application/json 65.9.63.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/purposes-NO.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f55f0bac8143ff8978e73cb65298124d0cecc55c7204ec1974e8033e97b02d09

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 03:00:39 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 03:00:33 GMT
server: AmazonS3
etag: W/"d0019502e06dfd5af4b9e79c72df651c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mq1D9pXcFCpLZe-PWit1TH6GMXWMVynqBp1ZzjzSZyQoL4VHH3wanA==

GET
H2 200 cmp2ui-no.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 470 KB
123 KB 81ms
81ms Script
text/javascript 65.9.63.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-no.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d414cb2ce08a4dc9232a80cbe1abdffa0681474beed6257bac44fd9517c99a9f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 20:55:13 GMT
content-encoding: br
age: 62396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:53 GMT
server: AmazonS3
etag: W/"345c5f67779d1bf2f68fb77385f5ac9d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: X4hOGuRfbmwnKsrQQs8SR0sB0XOkmAwNKkCsN2Nhlvrlm09uX6Vt-g==

GET
DATA 200
OK truncated
/ Frame A2FE 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A2FE 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A2FE 2 KB
2 KB 79ms
79ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 412499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 26 May 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A2FE 15 KB
16 KB 546ms
79ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 10623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 24 May 2023 11:18:05 GMT

POST
H2 200 tags Show response
sting.de17a.com/api/ Frame FF74 2 KB
1 KB 51ms
50ms Document
text/html 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://sting.de17a.com/api/tags
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.18.0 /
Resource Hash: 4a7fcc3c07f647236519b2645c8e01f287707f1e7aaf7bfbf4055d9702d1fc7f

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://d5p.de17a.com
Referer: https://d5p.de17a.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 24 May 2022 14:15:08 GMT
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV" CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
server: nginx/1.18.0

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame A2FE 102 B
204 B 85ms
85ms Other
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

4556056ae0b97237e430120fab528fdc692b0dc2af865e8bed4694dfb8cc1654

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=522i7wi0t5yy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 24 May 2022 14:15:08 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7391 7 KB
1 KB 88ms
87ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

b0aef8fe743ca61c7e73f12e512247a919629d25bd180cdb878b63fd1e7e80f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2gReh77ISxcaRGJCPSuNjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-2gReh77ISxcaRGJCPSuNjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 14:15:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 i6n.js Show response
cdn.de17a.com/ Frame AF37 13 KB
3 KB 69ms
69ms Script
application/javascript 195.181.175.55
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.de17a.com/i6n.js?source=sting&rid=qcxdxpuiatvmohvwynxx
Requested by: Host: sting.de17a.com
URL: https://sting.de17a.com/ctrl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-53.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-nzt: AcO1rzW2Leb/ywEAAA
x-accel-expires: @1653401849
date: Tue, 24 May 2022 14:15:08 GMT
content-encoding: br
etag: W/"5c6e6493-3319"
last-modified: Thu, 21 Feb 2019 08:42:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: YkrLy8bSoNc
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-cache: HIT
x-age: 459
x-77-pop: frankfurtDE

GET
H2 200 980x600.png
sting-cdn.de17a.com/files/1630613802000/001/012/145/ Frame AF37 223 KB
223 KB 512ms
65ms Image
image/png 195.181.174.6
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sting-cdn.de17a.com/files/1630613802000/001/012/145/980x600.png
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=1224337954_1823174_1653401707263_167673847_0&bp=3yoQno.BTnQmEJgIax0YueBMo.B3ppwoNfxOTw&creative_id=762239&dfh=09&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoSNzczNjMxMjA4NTc1NjExMTczMP6FXTkzMzMzM6NOQEAFSg8xNzguMjU1LjE0OC4xNzBQVFosMTIyNDMzNzk1NF8xODIzMTc0XzE2NTM0MDE3MDcyNjNfMTY3NjczODQ3XzBg1Ado2ARwAXgAgAHYptcEkAHWoeeoDJgB.9Dw9wipAbH43QoICBVAsQH3bGoUfaEKQLkB........IUDJAQAAAAAAAAAA-Q_CgAoAg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-1.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 51ccdb0f55ce684ed0cb70267befa351d5044e33ed03bf408544fd5aad841b19

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 24 May 2022 14:15:08 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 81673
alt-svc: quic="195.181.174.5:443"; ma=2592000; v="44,43,39"
content-length: 228051
x-77-nzt: AcO1rgVt5gn/CT8BAA
x-accel-expires: @1653406435
server: CDN77-Turbo
x-77-nzt-ray: fvJ0aUVNTi4
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 208ms
65ms XHR
text/plain 18.195.72.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22B0t1hzyq1UTeN%22%2C%22domain%22%3A%22proff.no%22%2C%22publisher%22%3A%22proff.no%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22ljS8kudZi43yRAwB1RnkQg%22%2C%22clientTimestamp%22%3A1653401708456%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-pi16wg5cbr31ng5jvhb2%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-no.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.72.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-72-208.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 24 May 2022 14:15:08 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 proff-logo-header-2020.png
www.proff.no/img/ 8 KB
9 KB 96ms
55ms Image
image/png 13.51.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proff.no/img/proff-logo-header-2020.png
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.113.218 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-113-218.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 74425d6a23825882584b8fc4ce285c8bbf7aa81303e468e80c8e4a905925dea9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:15:08 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 09:33:56 GMT
etag: "1653428036797"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: image/png;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 8102
expires: Tue, 24 May 2022 21:33:56 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 7391 51 KB
24 KB 79ms
79ms Stylesheet
text/css 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 14:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 14:11:17 GMT

GET
H2 200 recaptcha__no.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 7391 364 KB
144 KB 88ms
87ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 07:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147066
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 07:48:09 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ 35 B
483 B 54ms
54ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1653401708619

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://proff.no
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ 35 B
483 B 55ms
55ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1653401708620

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 24 May 2022 14:15:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://proff.no
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proff.no/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9028C185AD14ECC749C4068523C99BE3
proff.no/	1970-01-20 20:49:20	Name: _pa Value: PA7.895459863777439
.mathtag.com/	1970-01-20 12:42:36	Name: uuid Value: 6fd0628c-e869-4600-a5db-a8882b9a3cff
.mathtag.com/	1970-01-20 03:59:53	Name: mt_misc Value: mt_bt:1
.proff.no/	1970-01-20 20:47:53	Name: _ga Value: GA1.2.1282028139.1653401706
.proff.no/	1970-01-20 03:18:08	Name: _gid Value: GA1.2.631246571.1653401706
.proff.no/	1970-01-20 03:16:41	Name: _gat Value: 1
proff.no/	1970-01-20 03:26:46	Name: AWSALB Value: 1tKPUgzcvOwYXJT8t3VORq+nsfK+iDH0p8bKyh/HTDh6WjGshXN01BR6duvVbe97q8l1Hmzol7RPMjZN4mmJAT9MBn5CC/whYoY5bvAW/xLtpDFaScifHskS4lqR
proff.no/	1970-01-20 03:26:46	Name: AWSALBCORS Value: 1tKPUgzcvOwYXJT8t3VORq+nsfK+iDH0p8bKyh/HTDh6WjGshXN01BR6duvVbe97q8l1Hmzol7RPMjZN4mmJAT9MBn5CC/whYoY5bvAW/xLtpDFaScifHskS4lqR
.adform.net/	1970-01-20 04:01:20	Name: C Value: 1
.adform.net/	1970-01-20 04:43:05	Name: uid Value: 773631208575611173
.de17a.com/	1970-01-20 11:55:05	Name: guid2 Value: 1.9054906404565546546
.adnxs.com/	1970-01-20 05:26:17	Name: uuid2 Value: 3927942297952299733
.advertising.com/	1970-01-20 12:03:44	Name: APID Value: UPea2bdf26-db6b-11ec-9812-02998f9e7684
.pubmatic.com/	1970-01-20 03:59:53	Name: KRTBCOOKIE_336 Value: 5844-9054906404565546546
.pubmatic.com/	1970-01-20 03:59:53	Name: PugT Value: 1653401707
.360yield.com/	1970-01-20 05:26:17	Name: tuuid Value: 34500b49-5517-4a29-ad3a-e971659ef4ae
.360yield.com/	1970-01-20 05:26:17	Name: tuuid_lu Value: 1653401707
.spotxchange.com/	1970-01-20 12:02:21	Name: audience Value: ea36ef5a-db6b-11ec-9d43-13ae17dc0506
.casalemedia.com/	1970-01-20 12:02:17	Name: CMID Value: Yozoa6s5SEQ-aWy-cVDh4wAA
.casalemedia.com/	1970-01-20 05:26:17	Name: CMPS Value: 660
.360yield.com/	1970-01-20 05:26:17	Name: um Value: !61,7LeoC2-oIjcBYDSYFiieWo7wORpyeXZ1HvNbLMpdQsKE,1655993707
.360yield.com/	1970-01-20 05:26:17	Name: umeh Value: !61,0,1715609707,-1
.casalemedia.com/	1970-01-20 05:26:17	Name: CMPRO Value: 706
.casalemedia.com/	1970-01-20 03:18:08	Name: CMST Value: YozobGKM6GwA
.casalemedia.com/	1970-01-20 12:02:17	Name: CMRUM3 Value: af628ce86c27609054906404565546546
www.proff.no/	1970-01-20 03:26:46	Name: AWSALB Value: yzopcNGZcFmj/w6qOMDX+gbzuGHMv+h0PrEW/eFFclrOSMUWOTOHJ/SnDGyFS8G88wLRjETjPn7MRgotpDzdGEOaok8q45H/80jzFSJJAwwdYhJWkRWDFF2s0182
www.proff.no/	1970-01-20 03:26:46	Name: AWSALBCORS Value: yzopcNGZcFmj/w6qOMDX+gbzuGHMv+h0PrEW/eFFclrOSMUWOTOHJ/SnDGyFS8G88wLRjETjPn7MRgotpDzdGEOaok8q45H/80jzFSJJAwwdYhJWkRWDFF2s0182
www.proff.no/	1969-12-31 23:59:59	Name: JSESSIONID Value: B2EF1283F3B53F8B30EEFF06675E91B3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pixel.advertising.com/ups/55955/sync?uid=9054906404565546546&_origin=1&verify=true Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
adx.adform.net
audit-tcfv2.quantcast.mgr.consensu.org
cdn.de17a.com
cdn.jsdelivr.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
fonts.gstatic.com
hb.adx.adform.net
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
proff.no
quantcast.mgr.consensu.org
rules.quantcount.com
s1.adform.net
secure.quantserve.com
stats.g.doubleclick.net
stats.proff.no
sting-cdn.de17a.com
sting.de17a.com
sync.1rx.io
sync.search.spotxchange.com
sync.userreport.com
test.quantcast.mgr.consensu.org
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.proff.no
104.16.85.20
13.51.113.218
142.250.184.228
142.250.185.163
142.250.185.78
142.250.74.195
18.159.9.226
18.195.72.208
185.33.221.15
185.64.189.110
185.94.180.126
195.181.174.6
195.181.175.55
213.155.156.164
213.155.156.188
213.19.147.44
23.35.228.210
23.35.236.247
35.71.131.137
37.157.3.30
37.157.4.29
37.157.6.235
63.35.168.36
64.233.184.155
65.9.63.104
65.9.63.20
65.9.63.9
69.173.144.139
91.228.74.198
99.86.4.78
0085b22dee76d92814ecfc0ff69e7d83678eb40ce28565d4746e6fbfa8f0f8be
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e
12a01d000b4b734344771a74d8c50448cbfde005b0f703e59aa9575fc20df24d
142cfecbbe6b0c3605072d997fe3a1d199af6f4d7a7c9408e6ecd00b2f40a6cf
15ac477a33c97d1562572d037318cfb6930df1e612229377a29a1d25ffdafdbb
19f8f69b2419099db52a8f57e20d461a70f2774aaaa5f5932a37b84d8fc3180a
1b4a056bfa3f8317b9ba5aa9b1719971779672b0277107b45699add1db387e90
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a
203b57eb4cd293c9e08cc1eb7ad20ab6638eaf79d5a18544061b6b72d3ef8ccb
204c8a77b6387ed0f4f572c209fd6f53b2682e863fe3271ee297c7267cecfff6
22b23b9c137b0288305c383dd3c8c87bf82d5ff87966c8fbef24c5c6fece9c7e
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3
29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a
2d7f2c49b8acf4fa9dfc186527ea2586d0634b58bb9d496e6efbee67ddb87e7a
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
379052d3dba900b702b18ab145285d3bec80325ebcecc9079ba266c799e93d2c
3c5c7922ed40e9d4f2e4576bc8092aed89df49ab2790d5f84632cb4a97bac847
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4556056ae0b97237e430120fab528fdc692b0dc2af865e8bed4694dfb8cc1654
461271ba8a5ddd6d0452d1d7b53d7247dac6282b03c2918e61af03d55dbd7be5
4a7fcc3c07f647236519b2645c8e01f287707f1e7aaf7bfbf4055d9702d1fc7f
51ccdb0f55ce684ed0cb70267befa351d5044e33ed03bf408544fd5aad841b19
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c1e3c8c463c7408661163e65494a1f0bfe02123044b77a266c5bb1b8f14f391
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
673cdc12aafa32976c6f3379fa37db4cfbded7c29319b478f88bdce5f089ec46
6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74425d6a23825882584b8fc4ce285c8bbf7aa81303e468e80c8e4a905925dea9
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
942c52b43f6bb3b48ceec027594c2bfce6e34029cc1d485983b2f8e00c7a1034
9648602e46ca07cf53fe8ff07088110d712862147dbb4c5303d1676eb242d288
9842713db52e17ba6a1edde841d5eb36f94c00252d7e26c9f130d29aa0bce779
99200150de80e68d9d45c25f9a79efd635340e0c25adb1ab3359c798a3c9fa1c
9c828769c82976773b3b8704e27cf5753cb3aa7f87edde89395b4a662b534aa5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8d9f2a4a3ef5baf61c43ef328bc45c3279ec7334e62e50624bae12c743f90b1
b0aef8fe743ca61c7e73f12e512247a919629d25bd180cdb878b63fd1e7e80f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03b6c530e790642376b53b015d6f3d4aaff4280d53516fb8ee0e117c1afd8bc
d414cb2ce08a4dc9232a80cbe1abdffa0681474beed6257bac44fd9517c99a9f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1abbbc7891f4f485fb5b9c26fa241b6503282f8bff9ef129da09251be61755f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47e764298124c12ec246cc3f33a5ece1cf82cacbef043ea83ebe58089b40287
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8b4623a433dc3d0a2f2f985e51cbd97b222ba9d66ca9b58ab8b133f4f8715bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55f0bac8143ff8978e73cb65298124d0cecc55c7204ec1974e8033e97b02d09
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f940358fee2cba0546b93557937fd06423a93d5534c395ef854c4470edd4b26e
fa7318c53b32446d37cec15c70bf7dbec1db5d946cf876fcc02de429233361ce

proff.no Open in urlscan Pro 13.51.113.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

90 %HTTPS

0 %IPv6

23 Domains

34 Subdomains

30 IPs

8 Countries

2011 kBTransfer

5643 kBSize

29 Cookies

29 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

proff.no Open in urlscan Pro
13.51.113.218 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

90 %
HTTPS

0 %
IPv6

23
Domains

34
Subdomains

30
IPs

8
Countries

2011 kB
Transfer

5643 kB
Size

29
Cookies

73 HTTP transactions
2 data transactions