viewfrilans.no Open in urlscan Pro
91.189.120.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://netledgerfrilansregnskap.no/
Effective URL:
https://viewfrilans.no/hjem
Submission: On February 03 via automatic, source certstream-suspicious (February 3rd 2021, 10:07:10 am UTC)

Summary HTTP 69 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 8 countries across 17 domains to perform 69 HTTP transactions. The main IP is 91.189.120.202, located in Norway and belongs to NEXTHOP, NO. The main domain is viewfrilans.no.
TLS certificate: Issued by R3 on December 12th 2020. Valid for: 3 months.

This is the only time viewfrilans.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:5b40:0:2... 2a01:5b40:0:248::52	12996 (DOMENESHO...) (DOMENESHOP Oslo)
2 17	91.189.120.202 91.189.120.202	49788 (NEXTHOP) (NEXTHOP)
1	13.225.78.103 13.225.78.103	16509 (AMAZON-02) (AMAZON-02)
2	35.227.225.91 35.227.225.91	15169 (GOOGLE) (GOOGLE)
9	34.90.49.168 34.90.49.168	15169 (GOOGLE) (GOOGLE)
2	34.120.69.71 34.120.69.71	15169 (GOOGLE) (GOOGLE)
1	13.224.194.4 13.224.194.4	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.194.11 13.224.194.11	16509 (AMAZON-02) (AMAZON-02)
1 4	213.155.156.188 213.155.156.188	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	52.51.23.49 52.51.23.49	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
69	24

1 2a01:5b40:0:248::52 (Norway) 1 redirects

ASN12996 (DOMENESHOP Oslo, Norway, NO)

netledgerfrilansregnskap.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 91.189.120.202 (Norway) 2 redirects

ASN49788 (NEXTHOP, NO)
PTR: destinet.no

www.viewfrilans.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
viewfrilans.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.225.91 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 91.225.227.35.bc.googleusercontent.com

static.landbot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.90.49.168 (United States)

ASN15169 (GOOGLE, US)
PTR: 168.49.90.34.bc.googleusercontent.com

leadcaller.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.69.71 (United States)

ASN15169 (GOOGLE, US)
PTR: 71.69.120.34.bc.googleusercontent.com

chats.landbot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.4 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-4.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.188 (Ascension Island) 1 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com

tb.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.23.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-23-49.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	viewfrilans.no 2 redirects www.viewfrilans.no viewfrilans.no	660 KB
9	leadcaller.se leadcaller.se	193 KB
4	facebook.com www.facebook.com	548 B
4	adform.net 2 redirects track.adform.net s2.adform.net	30 KB
4	de17a.com 1 redirects tb.de17a.com	9 KB
4	landbot.io static.landbot.io chats.landbot.io	70 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	facebook.net connect.facebook.net	162 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
2	gstatic.com fonts.gstatic.com	27 KB
2	googleapis.com fonts.googleapis.com storage.googleapis.com	23 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	87 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	netledgerfrilansregnskap.no 1 redirects netledgerfrilansregnskap.no	147 B
69	17

	Domain	Requested by
16	viewfrilans.no	1 redirects viewfrilans.no
9	leadcaller.se	viewfrilans.no leadcaller.se
4	www.facebook.com	viewfrilans.no connect.facebook.net
4	tb.de17a.com	1 redirects viewfrilans.no tb.de17a.com
3	track.adform.net	2 redirects viewfrilans.no
3	www.google-analytics.com	viewfrilans.no www.google-analytics.com
3	connect.facebook.net	viewfrilans.no connect.facebook.net
2	stackpath.bootstrapcdn.com	leadcaller.se stackpath.bootstrapcdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	chats.landbot.io	static.landbot.io
2	static.landbot.io	viewfrilans.no
1	in.hotjar.com	script.hotjar.com
1	storage.googleapis.com	viewfrilans.no
1	fonts.googleapis.com	static.landbot.io
1	www.google.de	viewfrilans.no
1	www.google.com	viewfrilans.no
1	stats.g.doubleclick.net	www.google-analytics.com
1	s2.adform.net	viewfrilans.no
1	vars.hotjar.com	static.hotjar.com
1	www.googletagmanager.com	viewfrilans.no
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	viewfrilans.no
1	www.viewfrilans.no	1 redirects
1	netledgerfrilansregnskap.no	1 redirects
69	24

This site contains links to these domains. Also see Links.

Domain
www.viewledger.no
www.viewmaritime.no
www.viewtax.no
www.viewledger.se
www.viewfrilans.no

Subject Issuer	Validity	Valid
viewfrilans.no R3	`2020-12-12` - `2021-03-12`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
static.landbot.io R3	`2020-12-08` - `2021-03-08`	3 months	crt.sh
leadcaller.se R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
chats.landbot.io R3	`2021-01-30` - `2021-04-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://viewfrilans.no/hjem
Frame ID: F3BE41860E0E2444504B81684C9B256F
Requests: 61 HTTP requests in this frame

Frame: https://chats.landbot.io/v2/H-721811-GR2U5U9C8QFOYCWV/index.html
Frame ID: B66EE4225290C886878165B712E60DDD
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: DC01A7F63E5E24EA8756C586BC5F8987
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
Frame ID: 6A2DB382D5910EF39E56C643F4CB093F
Requests: 4 HTTP requests in this frame

Frame: https://static.landbot.io/landbot/files/bubble.svg
Frame ID: 746CF2C09563B27BDFEA07B25B51DB17
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: CD6CDCD29209E7297AD6671280141AE7
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fviewfrilans.no%2Fhjem%22%2C%22title%22%3A%22VIEW%20Frilans%20-%20nettbasert%20regnskap%20til%20fast%20lave%20priser%22%2C%22trackingAccountId%22%3A%221137%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 6D754A458D0A3B4478176518DF008C4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://netledgerfrilansregnskap.no/ HTTP 301
http://www.viewfrilans.no/ HTTP 301
https://viewfrilans.no/ HTTP 301
https://viewfrilans.no/hjem Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

69
Requests

83 %
HTTPS

54 %
IPv6

17
Domains

24
Subdomains

24
IPs

8
Countries

1371 kB
Transfer

3257 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.viewledger.no/
Title: VIEW Ledger - SMB / SME

Search URL Search Domain Scan URL

URL: https://www.viewmaritime.no/
Title: VIEW Maritime - Maritim industri

Search URL Search Domain Scan URL

URL: https://www.viewtax.no/
Title: VIEW Tax - For utenlandske selskaper

Search URL Search Domain Scan URL

URL: https://www.viewledger.se/avdelningar/kalmar
Title: Kalmar

Search URL Search Domain Scan URL

URL: https://www.viewledger.se/avdelningar/j%c3%b6nk%c3%b6ping
Title: Jönköping

Search URL Search Domain Scan URL

URL: https://www.viewledger.se/avdelningar/stockholm
Title: Stockholm

Search URL Search Domain Scan URL

URL: http://www.viewfrilans.no/
Title: www.viewfrilans.no

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://netledgerfrilansregnskap.no/ HTTP 301
http://www.viewfrilans.no/ HTTP 301
https://viewfrilans.no/ HTTP 301
https://viewfrilans.no/hjem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 54

https://track.adform.net/Serving/TrackPoint/?pm=923144&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=162420668061&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fviewfrilans.no%2Fhjem HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=923144&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=162420668061&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fviewfrilans.no%2Fhjem

Request Chain 55

https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hjem Show response
viewfrilans.no/
Redirect Chain

https://netledgerfrilansregnskap.no/
http://www.viewfrilans.no/
https://viewfrilans.no/
https://viewfrilans.no/hjem

375 KB
47 KB

422ms
421ms

Document
text/html

91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

cea694f7525917487bca1050dd97faa06d87e111879200daad8952ee55f19fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: viewfrilans.no
:scheme: https
:path: /hjem
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache
date: Wed, 03 Feb 2021 10:06:53 GMT
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: -1
accept-ranges: none
server: Destinet
set-cookie: D=18141425183088307980; expires=Thu, 03-Feb-2022 10:06:53 GMT; path=/; secure; HttpOnly
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
accept-ch: Viewport-Width, Downlink
x-xss-protection: 0

Redirect headers

cache-control: no-cache
date: Wed, 03 Feb 2021 10:06:52 GMT
pragma: no-cache
expires: -1
location: https://viewfrilans.no:443/hjem
server: Microsoft-IIS/10.0 Destinet
content-length: 0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 hotjar-1672847.js Show response
static.hotjar.com/c/ 4 KB
2 KB 134ms
67ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1672847.js?sv=6

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

81670e97b16de54caaf97b2a2cb0c67415751cfe11e3dc38b90d213bcb5c6917

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/23978319d1796dd7f698f581279b845f
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1733
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
x-amz-cf-id: GXh7lpe5Cn8fX0FduoUhUKruSFqeXA5b93OAJ2x27Ihj7ZelgORTXA==

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Hind-Medium.woff
viewfrilans.no/f/ 134 KB
134 KB 164ms
164ms Font
application/x-font-woff 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/f/Hind-Medium.woff

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

273823abfb73fa3cb61a073cd6c15bd3d3ca132738ae4a0bfb33a6dec55c018a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Origin: https://viewfrilans.no
Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Mon, 18 Apr 2016 05:51:53 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: application/x-font-woff
cache-control: public
accept-ranges: none
content-length: 137264
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:53 GMT

GET
H2 200 Hind-Light.woff
viewfrilans.no/f/ 124 KB
124 KB 208ms
208ms Font
application/x-font-woff 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/f/Hind-Light.woff

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

5fe7cd7e86fa163f95338826630fd4faa13163228025dcda8797ff1cd68a1f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Origin: https://viewfrilans.no
Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Mon, 18 Apr 2016 05:51:58 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: application/x-font-woff
cache-control: public
accept-ranges: none
content-length: 126988
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:53 GMT

GET
H2 200 ViewFrilans-Mobil.svg
viewfrilans.no/d/Logo/ 1 KB
1 KB 265ms
264ms Image
image/svg+xml 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewfrilans.no/d/Logo/ViewFrilans-Mobil.svg

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

759a8b44d453594a8343a152f1b8e9655ba8bc6d90b827a2596892af449be5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Thu, 31 Oct 2019 08:21:02 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public
accept-ranges: none
content-length: 1253
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 check.png
viewfrilans.no/ 234 B
348 B 239ms
238ms Image
image/webp 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewfrilans.no/check.png?w=0&h=20&bg=ffffff

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

8d474513a5599ade6f9635d1bb30005f05b90abf397e3037d0b776326d5824e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Mon, 25 Jan 2021 10:07:13 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public
accept-ranges: none
content-length: 234
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 regnskapsf%C3%B8ring%20i%20tripletex.gif
viewfrilans.no/ 90 KB
90 KB 363ms
362ms Image
image/gif 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewfrilans.no/regnskapsf%C3%B8ring%20i%20tripletex.gif

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

ffef70229a98df8d2e53ad02b8d20684f90837c6999a6394624855e3fff3557c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Wed, 25 Sep 2019 10:33:47 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: public
accept-ranges: none
content-length: 92310
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 check.png
viewfrilans.no/ 194 B
237 B 238ms
237ms Image
image/webp 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewfrilans.no/check.png?w=0&h=15&bg=ffffff

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

7b84f40bbe3abf7c68db6cb1db388771d3392591b34f5f05254d54731e1b748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Mon, 25 Jan 2021 10:07:13 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public
accept-ranges: none
content-length: 194
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 landbot-widget-1.0.0.js Show response
static.landbot.io/landbot-widget/ 259 KB
62 KB 71ms
22ms Script
application/javascript 35.227.225.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.225.91 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

91.225.227.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

1b2b55481432b5b847307152b62110ec5465436c2082a83138d41fd2c133426e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:50 GMT
content-encoding: gzip
age: 4
x-guploader-uploadid: ABg5-UwoQQC0Y1bzoLF5tmSX4D7qxsAj9YqoXcxuSfZP5mMtYw_xCfeYTysLwmbjj398d2OCiPd9iOQlglUYWr2nDog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 63314
last-modified: Wed, 07 Oct 2020 16:12:45 GMT
server: UploadServer
etag: "02eef6e2c44ee94a3ef578e39199c590"
strict-transport-security: max-age=31536000; includeSubDomains
x-goog-hash: crc32c=XqbOrA==, md5=Au724sRO6Uo+9XjjkZnFkA==
x-goog-generation: 1602087165766939
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=10,no-transform,public
x-goog-stored-content-length: 63314
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK calling.js Show response
leadcaller.se/admin/assets/js/ 3 KB
1 KB 118ms
35ms Script
application/javascript 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/assets/js/calling.js?auth=de4c4d60-362d-11eb-be88-42010aa40002&v=468994358

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

514de27065579aa8bd3c3ccfa82ba59dc6c135e94602be79626f96d0a8db8f23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 19 Jun 2020 06:45:00 GMT
Server: Apache
ETag: "ddc-5a86a3b71dcf3-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 870

GET
H2 200 viewresponsive.js Show response
viewfrilans.no/r/view/ 143 KB
48 KB 234ms
234ms Script
application/x-javascript 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/r/view/viewresponsive.js?v=6374673944

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

728fc947287b07a2ed99e294824b855c56e26d68ccfb4705602b00f4fbba8d4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 10:37:22 GMT
server: Destinet
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public
accept-ranges: none
content-length: 49095
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 jquery.mmenu.min.416.js Show response
viewfrilans.no/r/modules/MobileSidebar/ 14 KB
4 KB 240ms
240ms Script
application/x-javascript 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/r/modules/MobileSidebar/jquery.mmenu.min.416.js

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

ac91dda335978320087bb1d09a199f8e1f09d7f6c22b8130b3bb04448e977fcf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 12:37:37 GMT
server: Destinet
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public
accept-ranges: none
content-length: 4054
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 Footer%20-%20Frilans%20bunn%20m%C3%B8rk%20gr%C3%B8nn%202.png
viewfrilans.no/Footer/ 15 KB
15 KB 257ms
256ms Image
image/png 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewfrilans.no/Footer/Footer%20-%20Frilans%20bunn%20m%C3%B8rk%20gr%C3%B8nn%202.png

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

abe7b0e07f7c930a1af69e1f2eb94b9881af924282575b525ff8ec1ca46c187f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Wed, 20 Nov 2019 13:32:05 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public
accept-ranges: none
content-length: 15225
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 MaterialDesignIcons.woff
viewfrilans.no/r/icons/ 58 KB
58 KB 223ms
223ms Font
application/x-font-woff 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/r/icons/MaterialDesignIcons.woff

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

69769f3b171315ee1e3451c0cef7701bdc8cd52ee0598c50ce5ed4fbf31d1c44

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Origin: https://viewfrilans.no
Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Wed, 23 Sep 2020 12:37:36 GMT
server: Destinet
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: https://viewfrilans.no
cache-control: public
accept-ranges: none
content-length: 59184
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 Hind-Regular.woff
viewfrilans.no/f/ 132 KB
132 KB 247ms
247ms Font
application/x-font-woff 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/f/Hind-Regular.woff

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

8a050c2944c066ccbb2959a44709f35f1b81d0ec8e570ed5c26300f434ab3019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Origin: https://viewfrilans.no
Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Mon, 18 Apr 2016 05:51:48 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: application/x-font-woff
cache-control: public
accept-ranges: none
content-length: 135436
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
BLOB 200
OK acbe3444-5b0d-4708-a6e3-1871498130ab
https://viewfrilans.no/ 775 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/acbe3444-5b0d-4708-a6e3-1871498130ab
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3a1d1d65b718d3cbdd2224032e54e524b159b317972adadb83bc2b458a4c8db

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 775
Content-Type: text/css

GET
BLOB 200
OK fb7f4817-dc06-45d3-a96e-e5450d7b6280
https://viewfrilans.no/ 946 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/fb7f4817-dc06-45d3-a96e-e5450d7b6280
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eae54482d42dca97dfe88c06f2006f607ffb9a176612229600163d9fe8907cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 946
Content-Type: text/css

GET
BLOB 200
OK fe2d731e-bb76-4d0a-bf8c-913f9db0fd54
https://viewfrilans.no/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/fe2d731e-bb76-4d0a-bf8c-913f9db0fd54
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6eb91d9f2552547dc8098917336ffae2d3840d26cc31eb9e3c453b988c72c836

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 4802
Content-Type: text/css

GET
BLOB 200
OK 80c469c2-489a-446b-9786-e54dead11e26
https://viewfrilans.no/ 3 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/80c469c2-489a-446b-9786-e54dead11e26
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecb60e56cb76b6b33960aa2a8322bbf9640e6a261859875a40cb016f9629d8ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 2703
Content-Type: text/css

GET
BLOB 200
OK 3c42dc1b-caa0-4b07-8cf1-eda25c6a3ac4
https://viewfrilans.no/ 6 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/3c42dc1b-caa0-4b07-8cf1-eda25c6a3ac4
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a1d5e745e3af87c500465c51245fce7370f3ebf072a7c37a627f554b2aeca3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5986
Content-Type: text/css

GET
BLOB 200
OK 0d381969-3648-40ad-9f4c-44794cf2c556
https://viewfrilans.no/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/0d381969-3648-40ad-9f4c-44794cf2c556
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c253697241f8c8be8e1560cf835b6cf1c5459e33494fa4808c942a95996e2e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 2090
Content-Type: text/css

GET
BLOB 200
OK 61c8a62e-2d88-4b3f-9411-9f1456c36569
https://viewfrilans.no/ 956 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/61c8a62e-2d88-4b3f-9411-9f1456c36569
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47b5a8f8a15c952337518c820c308b9694faf5d0a1454f952fddc358a49cdb7a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 956
Content-Type: text/css

GET
BLOB 200
OK feb9caaa-35a8-4bd4-9c37-ecd1e57a94fb
https://viewfrilans.no/ 3 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/feb9caaa-35a8-4bd4-9c37-ecd1e57a94fb
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02d46ef0f3c9b928d504a3e94fd7ecf7ca11f0b55d086c9872d8598c7c791230

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 2677
Content-Type: text/css

GET
BLOB 200
OK 7ab4ced7-d742-4b00-b85a-aca585d62fc1
https://viewfrilans.no/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/7ab4ced7-d742-4b00-b85a-aca585d62fc1
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31155ebc01eabc9ac812267c7ad8beb6e8b32d5598923339730ec2ee979104fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 4890
Content-Type: text/css

GET
BLOB 200
OK 5f1d8af3-1ddf-492d-abe0-179a19701357
https://viewfrilans.no/ 924 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/5f1d8af3-1ddf-492d-abe0-179a19701357
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0338d1b1445c2d9bdee7eca23f2f450e394d5953937a2ef8a6bcd7759e1c1fd9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 924
Content-Type: text/css

GET
BLOB 200
OK eddb2a5c-c01d-44b2-b592-066c51bbbdfb
https://viewfrilans.no/ 857 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/eddb2a5c-c01d-44b2-b592-066c51bbbdfb
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 009ab27ad725b3c6d98e8674c97c38ffda8aeb1362e2cdaa7ae239f7f900bb5e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 857
Content-Type: text/css

GET
BLOB 200
OK 9523a0cf-6852-4125-afc3-aadb9d905b0d
https://viewfrilans.no/ 616 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://viewfrilans.no/9523a0cf-6852-4125-afc3-aadb9d905b0d
Requested by: Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc310e1df488645c90bd70a5a60f0d693b33dd1169ea7b5952abf60355203588

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 616
Content-Type: text/css

GET
H2 200 index.json Show response
chats.landbot.io/v2/H-721811-GR2U5U9C8QFOYCWV/ 4 KB
5 KB 141ms
73ms Fetch
application/json 34.120.69.71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://chats.landbot.io/v2/H-721811-GR2U5U9C8QFOYCWV/index.json

Requested by

Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.69.71 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

71.69.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8f3a89b62c005ac46c2116cb9f357b3d151f5357fc75622d31cd16cfe0c986e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
x-guploader-uploadid: ABg5-Uxbqs6iJ3n4fdp1Prf3iqnfnKB0ntTMAfF0zLOOIo2zKMFuMHClPxJFRPdYTodav1RZDemSicNanBOK1VFITVM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 4298
last-modified: Sat, 30 Jan 2021 01:36:30 GMT
server: UploadServer
etag: "64b97cd0a1c5677d93da162c715d3c20"
strict-transport-security: max-age=31536000; includeSubDomains
x-goog-hash: crc32c=x4Ashw==, md5=ZLl80KHFZ32T2hYscV08IA==
x-goog-generation: 1611970590366769
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-store
x-goog-stored-content-length: 4298
accept-ranges: bytes
content-type: application/json
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 modules.76ada2ece072461377ab.js Show response
script.hotjar.com/ 223 KB
59 KB 108ms
36ms Script
application/javascript 13.224.194.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.76ada2ece072461377ab.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1672847.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.4 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-4.fra2.r.cloudfront.net

Software

Resource Hash

0691b33d62e112cce87b247d087564d44eee9c48f139b9ba0038b6b1127bf5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 08:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 438136
x-cache: Hit from cloudfront
content-length: 59805
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 08:22:55 GMT
etag: "40539391acbe5441f33312b664e43d52"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Gg5xAVk9uelqgH-cNrQnlxn0YM3NA5KfJHibujvWa2NOqQGDL4WhDQ==

POST
H2 200 1
viewfrilans.no/statisticslogging/load/18161342539020309116/ 0
27 B 56ms
55ms Other
text/plain 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to

Full URL

https://viewfrilans.no/statisticslogging/load/18161342539020309116/1

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/r/view/viewresponsive.js?v=6374673944

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
cache-control: private
server: Destinet
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
35 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJGXQV

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd3dc1b5fcd9e6493b3381fffa78d54c671fb875793569fa61e3e00ef9f4b2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35854
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Feb 2021 10:06:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: mulKUug7xZCeVP5u+1ADV7IfAB5mrQtx0xCYE5GQ2yWr6sqEVIvquas5+Q7OVVZ8hJfDfhcJt37DGEacAibo2A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Feb 2021 10:06:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3171
date: Wed, 03 Feb 2021 09:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 03 Feb 2021 11:14:03 GMT

GET
H2 200 v_frilans%20png.png
viewfrilans.no/d/Logo/ 2 KB
2 KB 61ms
60ms Image
image/webp 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewfrilans.no/d/Logo/v_frilans%20png.png?w=150

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

25a3d40141384f7830a8e36f763e11f70878486f184625eda9e845bb92914a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Mon, 25 Jan 2021 09:09:57 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public
accept-ranges: none
content-length: 2304
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 Tripletex%20logo.png
viewfrilans.no/ 2 KB
3 KB 62ms
61ms Image
image/webp 91.189.120.202
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://viewfrilans.no/Tripletex%20logo.png?w=1280&h=200&bg=ffffff&r=box&w=640

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.189.120.202 , Norway, ASN49788 (NEXTHOP, NO),

Reverse DNS

destinet.no

Software

Destinet /

Resource Hash

a9f21433b107eb51672c5011273f07699e514204aff96ca87ee339cc8278f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:53 GMT
last-modified: Mon, 25 Jan 2021 10:07:17 GMT
server: Destinet
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: public
accept-ranges: none
content-length: 2516
x-xss-protection: 0
expires: Thu, 03 Feb 2022 10:06:54 GMT

GET
H2 200 index.html
chats.landbot.io/v2/H-721811-GR2U5U9C8QFOYCWV/ Frame B66E 0
0 200ms
144ms Document
text/html 34.120.69.71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://chats.landbot.io/v2/H-721811-GR2U5U9C8QFOYCWV/index.html

Requested by

Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.69.71 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

71.69.120.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: chats.landbot.io
:scheme: https
:path: /v2/H-721811-GR2U5U9C8QFOYCWV/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://viewfrilans.no/hjem
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://viewfrilans.no/hjem

Response headers

x-guploader-uploadid: ABg5-Uynqp0LWQlw1BZxGE3MmEQqbDgs4HfHdUmvkJK0CvRLgpk72jbCr6i5j4xny_GB0wVxH6pGIsOKvoWEbC6YL2A
date: Wed, 03 Feb 2021 10:06:54 GMT
cache-control: no-store
expires: Thu, 03 Feb 2022 10:06:54 GMT
last-modified: Sat, 30 Jan 2021 01:36:30 GMT
etag: "61bc22b5fc3bada2c0a2ceec5d26f0e1"
x-goog-generation: 1611970590199864
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2627
content-type: text/html
content-encoding: gzip
x-goog-hash: crc32c=82PqeA== md5=Ybwitfw7raLAos7sXSbw4Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2627
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear

GET
H2 200 210531129867643 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/210531129867643?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

791838fdd791ee4257464e93dbc3334d2e4fcd1816dc9ea6d2765f053afb592e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: dhRcouJ/YjCN3BWeRMzqh9UiueVyMYl4bdLexNmXz1eqeA20cSM8ilrzAGxYYkRigWDlQzeWLT+k8NJWPgZhlQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Feb 2021 10:06:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1626857069
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
387 B 48ms
14ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=789083025&t=pageview&_s=1&dl=https%3A%2F%2Fviewfrilans.no%2Fhjem&ul=en-us&de=UTF-8&dt=VIEW%20Frilans%20-%20nettbasert%20regnskap%20til%20fast%20lave%20priser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1553282404&gjid=1887493125&cid=672802541.1612346814&tid=256621404&_gid=1336685310.1612346814&_r=1&_slc=1&z=2121536032

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 10:06:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://viewfrilans.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame DC01 0
0 97ms
32ms Document
text/html 13.224.194.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1672847.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-11.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://viewfrilans.no/hjem
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://viewfrilans.no/hjem

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: rxdGsQD592PROoQJX59O5A5SbrEZ92VcVvGkDAgQAlO_x9OacGMV2A==
age: 6195951

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=789083025&t=pageview&_s=1&dl=https%3A%2F%2Fviewfrilans.no%2Fhjem&ul=en-us&de=UTF-8&dt=VIEW%20Frilans%20-%20nettbasert%20regnskap%20til%20fast%20lave%20priser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=210664719&gjid=1763551672&cid=672802541.1612346814&tid=UA-38699043-1&_gid=1336685310.1612346814&_r=1&gtm=2wg1k0PJGXQV&z=530546462

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 10:06:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://viewfrilans.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d7.js Show response
tb.de17a.com/ 17 KB
6 KB 170ms
58ms Script
application/javascript 213.155.156.188
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.de17a.com/d7.js
Requested by: Host: viewfrilans.no
URL: https://viewfrilans.no/hjem
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.10.1 /
Resource Hash: 718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 08:20:27 GMT
server: nginx/1.10.1
etag: W/"XhSF2LHLZEYXhSEqCyb0So--gzip"
vary: Accept-Encoding, User-Agent
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
cache-control: must-revalidate, private
content-type: application/javascript
content-length: 6265

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

134ms
44ms

Script
application/x-javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: viewfrilans.no
URL: https://viewfrilans.no/hjem
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 11:55:12 GMT
server: nginx
etag: W/"60057720-13dce"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 03 Feb 2021 10:06:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-38699043-1&cid=672802541.1612346814&jid=210664719&gjid=1763551672&_gid=1336685310.1612346814&_u=aEDAAEABAAAAAC~&z=670901893

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Feb 2021 10:06:54 GMT
content-type: text/plain
access-control-allow-origin: https://viewfrilans.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1885875474967706 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 46ms
46ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1885875474967706?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ed7264c8ce87f109eb937084ecb7dc3d8533a1945a5542154a5d86fb1d0d6fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: JAmOgHMYO19MOCuocme4h7iZM/jrDZjJjRrZb//OT1B4oDWnI4Ksg0AHlBjHenAHQegypjLU1WzGQIH9agMNxw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Feb 2021 10:06:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1385082115
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
333 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210531129867643&ev=PageView&dl=https%3A%2F%2Fviewfrilans.no%2Fhjem&rl=&if=false&ts=1612346814339&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1612346814337.1667776712&it=1612346814261&coo=false&rqm=GET

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Feb 2021 10:06:54 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-38699043-1&cid=672802541.1612346814&jid=210664719&_u=aEDAAEABAAAAAC~&z=966722799

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 10:06:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-38699043-1&cid=672802541.1612346814&jid=210664719&_u=aEDAAEABAAAAAC~&z=966722799

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 10:06:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A2D 6 KB
815 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i

Requested by

Host: static.landbot.io
URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec5a405aedfabf2ce85ea90ee3b5aac0134d53c9a7d5effaf4a7b80096a26dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 10:06:54 GMT
server: ESF
date: Wed, 03 Feb 2021 10:06:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 10:06:54 GMT

GET
H2 200 helloumi.png
storage.googleapis.com/media.helloumi.com/brands/ Frame 6A2D 22 KB
23 KB 51ms
31ms Image
image/png 2a00:1450:4001:825::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.helloumi.com/brands/helloumi.png
Requested by: Host: viewfrilans.no
URL: https://viewfrilans.no/hjem
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3254f8493a6ae69a7bc7bbfb7b008362b34840c4f5d10a7e736f1a9739733290

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
x-guploader-uploadid: ABg5-UzBHXYkN6l672d13wAo9aNPrctT0MIkZ9Z2OQQzsXrSJyFG_qUyaYjgesL2i699nJeMBmVwvnwt5FHUju-PcaoX-eQZtw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22507
last-modified: Tue, 21 Aug 2018 16:50:16 GMT
server: UploadServer
etag: "f5caf51e2d9b49aa6bb1e8e675046f76"
x-goog-hash: crc32c=I0okIg==, md5=9cr1Hi2bSaprsejmdQRvdg==
x-goog-generation: 1534870216260432
cache-control: max-age=120,no-transform
x-goog-stored-content-length: 22507
accept-ranges: bytes
content-type: image/png
expires: Wed, 03 Feb 2021 10:08:54 GMT

GET
H2 200 bubble.svg
static.landbot.io/landbot/files/ Frame 746C 2 KB
2 KB 22ms
22ms Image
image/svg+xml 35.227.225.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.landbot.io/landbot/files/bubble.svg

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.225.91 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

91.225.227.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ab0486c768d64d3337d1ad8fad2a25d1823cb6de7de62a5ae377e3486f2c7b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 09:16:56 GMT
age: 2998
x-guploader-uploadid: ABg5-Ux1Y43k3ySpphF_llstzuSBWq21M8hb53jLBRWDWFGAvnRW5LYc-DAdu5NPjO-ERvxE23BLl6nmddQTPsefpVM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2135
last-modified: Tue, 17 Jul 2018 09:33:33 GMT
server: UploadServer
etag: "ce67c373a59f2710d24347427fc2b333"
strict-transport-security: max-age=31536000; includeSubDomains
x-goog-hash: crc32c=JxzBHQ==, md5=zmfDc6WfJxDSQ0dCf8KzMw==
x-goog-generation: 1531820013675418
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 2135
accept-ranges: bytes
content-type: image/svg+xml

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 6A2D 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://viewfrilans.no
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 08:43:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 5015
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Thu, 03 Feb 2022 08:43:19 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 6A2D 13 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://viewfrilans.no
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 146732
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1885875474967706&ev=PageView&dl=https%3A%2F%2Fviewfrilans.no%2Fhjem&rl=&if=false&ts=1612346814403&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1612346814337.1667776712&it=1612346814261&coo=false&rqm=GET

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Feb 2021 10:06:54 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1672847/ 152 B
305 B 117ms
43ms XHR
application/json 52.51.23.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1672847/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.76ada2ece072461377ab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.23.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-23-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Feb 2021 10:06:54 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=923144&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=162420668061&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=923144&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=162420668061&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmo...

143 B
608 B

45ms
44ms

Script
text/javascript

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=923144&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=162420668061&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fviewfrilans.no%2Fhjem

Requested by

Host: viewfrilans.no
URL: https://viewfrilans.no/hjem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

21e8c2135906526ba74095a94fa9ec8bf2b1268d90858c8a7f095bf84222c88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 10:06:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 202
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 10:06:54 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=923144&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=162420668061&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fviewfrilans.no%2Fhjem
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

getUid;c Show response
tb.de17a.com/api/ Frame CD6C
Redirect Chain

https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1

61 B
214 B

53ms
52ms

Script
application/json

213.155.156.188
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.10.1 /
Resource Hash: 7076f07bedf4554ff93db5ffcdf49ee6c9ceb8f4f02e637b7218d814b2bc7f83

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
server: nginx/1.10.1
content-type: application/json
content-length: 61
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

Redirect headers

location: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
date: Wed, 03 Feb 2021 10:06:54 GMT
server: nginx/1.10.1
content-length: 0
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

GET
H2 200 pageView Show response
tb.de17a.com/api/ Frame 6D75 2 KB
2 KB 74ms
74ms Script
application/json 213.155.156.188
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fviewfrilans.no%2Fhjem%22%2C%22title%22%3A%22VIEW%20Frilans%20-%20nettbasert%20regnskap%20til%20fast%20lave%20priser%22%2C%22trackingAccountId%22%3A%221137%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by: Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.10.1 /
Resource Hash: 865ea7132726d6cf266bd3e70952f3797853dfd6ecaf8a9892b97643ebaa5d83

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:54 GMT
server: nginx/1.10.1
content-type: application/json
content-length: 1969
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

POST
H2 200 /
www.facebook.com/tr/ 0
83 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywl5cghSz81PinZZB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 03 Feb 2021 10:06:54 GMT
content-type: text/plain
access-control-allow-origin: https://viewfrilans.no
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBIROqnReLcEbcGMd

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 03 Feb 2021 10:06:54 GMT
content-type: text/plain
access-control-allow-origin: https://viewfrilans.no
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK lc_calls_wo.js Show response
leadcaller.se/admin/assets/js/ 146 KB
41 KB 150ms
82ms Script
application/javascript 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/calling.js?auth=de4c4d60-362d-11eb-be88-42010aa40002&v=468994358

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

aa2978fd2e02a222953ab889d2e24e9354bf52332455dec6fb3d413621fdc591

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 21 Jan 2021 07:42:08 GMT
Server: Apache
ETag: "249ae-5b9643577f45a-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 41730

GET
H/1.1 200
OK intlTelInput.css
leadcaller.se/admin/assets/css/ 19 KB
3 KB 35ms
34ms Stylesheet
text/css 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/assets/css/intlTelInput.css?4

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

f422b11354228585c0515267ccb0f9dfa157110a2b209568975557b928ac7922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 19158
Server: Apache
Etag: W/"PSA-aj-r-m33bYykp"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=94
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2888
Keep-Alive: timeout=5, max=99
Expires: Wed, 03 Feb 2021 10:08:34 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK lcbootstrap.js Show response
leadcaller.se/admin/assets/js/ 36 KB
10 KB 71ms
36ms Script
application/javascript 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/assets/js/lcbootstrap.js?9.6

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

490529d566522a876a09061aad477863777e916e5333afdead62085f46106ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 36854
Connection: Keep-Alive
Content-Length: 9580
Last-Modified: Tue, 29 Dec 2020 08:38:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "8ff6-5b7964fb53b0d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 03 Feb 2021 10:07:11 GMT

GET
H/1.1 200
OK intlTelInput.js Show response
leadcaller.se/admin/assets/js/ 85 KB
20 KB 129ms
62ms Script
application/javascript 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/assets/js/intlTelInput.js?15

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

0014df222fc0fe209878feb90a44b0eebe96ed2e69f0371093d11861f1b43cba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 18 Aug 2020 06:43:22 GMT
Server: Apache
ETag: "15295-5ad2134136f40-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20384

GET
H/1.1 200
OK utils.js Show response
leadcaller.se/admin/assets/js/ 216 KB
50 KB 180ms
113ms Script
application/javascript 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/assets/js/utils.js?22

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

94b36d75bae2eb3e3a5715e055f6e962ab63f6297dbe73eac83b5b3806e65d5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 11 Mar 2020 10:34:13 GMT
Server: Apache
ETag: "35e21-5a091c705104f-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 50603

GET
H/1.1 200
OK lcselectpicker.js Show response
leadcaller.se/admin/assets/js/ 3 KB
2 KB 104ms
36ms Script
application/javascript 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/assets/js/lcselectpicker.js?1.9

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

117a2f53eecfdb4fa19139b4bef36915c876f90078ac9d88f0477bcfd029cd48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 2870
Connection: Keep-Alive
Content-Length: 1111
Last-Modified: Tue, 29 Dec 2020 08:13:39 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "b36-5b795f7dbc481-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 03 Feb 2021 10:09:18 GMT

GET
H/1.1 200
OK de4c4d60-362d-11eb-be88-42010aa40002 Show response
leadcaller.se/admin/Admin/Script/getbuttonCode/ 102 KB
18 KB 214ms
145ms XHR
text/html 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/Admin/Script/getbuttonCode/de4c4d60-362d-11eb-be88-42010aa40002?preview=undefined&isForDemo=false

Requested by

Host: leadcaller.se
URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache / PHP/7.3.9

Resource Hash

a7af599fed3f4f92b63e52e919928a632fc05acfe8c649e151d6756aa43d9acc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.9
X-Mod-Pagespeed: 1.13.35.2-0
Connection: Keep-Alive
Content-Length: 17373
Pragma: no-cache
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
Server: Apache
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, POST,OPTIONS
Content-Type: text/html; charset=ISO-8859-1
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, s-maxage=10
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 206
Partial Content LC_Sound_4.mp3
leadcaller.se/admin/uploads/audio_file/ 48 KB
48 KB 35ms
35ms Media
audio/mpeg 34.90.49.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://leadcaller.se/admin/uploads/audio_file/LC_Sound_4.mp3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.90.49.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

168.49.90.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

429861d41f7c3090c2b07fe7ddfb993ea5b61116bfcac2f83e70729e9b7b9705

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://viewfrilans.no/hjem
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 03 Feb 2021 10:06:59 GMT
Last-Modified: Wed, 23 Dec 2020 07:10:13 GMT
Server: Apache
ETag: "bf25-5b71c61eeec52"
X-Frame-Options: SAMEORIGIN
Content-Type: audio/mpeg
Content-Range: bytes 0-48932/48933
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 48933

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 26ms
11ms Font
font/woff2 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://viewfrilans.no
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.viewfrilans.no/	1970-01-19 15:52:28	Name: _hjAbsoluteSessionInProgress Value: 0
viewfrilans.no/	1970-01-19 15:52:26	Name: _hjIncludedInPageviewSample Value: 1
.viewfrilans.no/	1970-01-19 15:52:28	Name: _hjFirstSeen Value: 1
.viewfrilans.no/	1970-01-19 15:52:26	Name: _gat Value: 1
.viewfrilans.no/	1970-01-20 00:38:02	Name: _hjid Value: e90180b0-bcee-461b-ab3e-a220a98f2ed2
.viewfrilans.no/	1970-01-19 18:02:02	Name: _fbp Value: fb.1.1612346814337.1667776712
.viewfrilans.no/	1970-01-19 15:52:26	Name: _gat_UA-38699043-1 Value: 1
.viewfrilans.no/	1970-01-19 15:53:53	Name: _gid Value: GA1.2.1336685310.1612346814
.viewfrilans.no/	1970-01-20 09:23:38	Name: _ga Value: GA1.2.672802541.1612346814
viewfrilans.no/	1970-01-20 00:38:02	Name: D Value: 18141425183088307980

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://leadcaller.se/admin/assets/js/calling.js?auth=de4c4d60-362d-11eb-be88-42010aa40002&v=468994358(Line 2) Message: viewfrilans.no
console-api	log	URL: https://viewfrilans.no/hjem(Line 394) Message: Lazyload image /d/Logo/v_frilans%20png.png
console-api	log	URL: https://viewfrilans.no/hjem(Line 394) Message: Lazyload image /Tripletex%20logo.png?w=1280&h=200&bg=ffffff&r=box
console-api	log	URL: https://static.landbot.io/landbot-widget/landbot-widget-1.0.0.js(Line 1) Message: SENDING HIDDEN FIELDS [object Object]
console-api	log	URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002(Line 11) Message: viewfrilans.no
console-api	log	URL: https://leadcaller.se/admin/assets/js/lc_calls_wo.js?=0.2875052421039521&auth=de4c4d60-362d-11eb-be88-42010aa40002(Line 46) Message: Success
console-api	log	(Line 5) Message: Y

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chats.landbot.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
leadcaller.se
netledgerfrilansregnskap.no
s2.adform.net
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
static.landbot.io
stats.g.doubleclick.net
storage.googleapis.com
tb.de17a.com
track.adform.net
vars.hotjar.com
viewfrilans.no
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.viewfrilans.no
13.224.194.11
13.224.194.4
13.225.78.103
2001:4de0:ac19::1:b:1b
213.155.156.188
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:821::200e
2a00:1450:4001:824::2008
2a00:1450:4001:825::2010
2a00:1450:400c:c00::9c
2a01:5b40:0:248::52
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.69.71
34.90.49.168
35.227.225.91
37.157.4.28
37.157.5.71
52.51.23.49
91.189.120.202
0014df222fc0fe209878feb90a44b0eebe96ed2e69f0371093d11861f1b43cba
009ab27ad725b3c6d98e8674c97c38ffda8aeb1362e2cdaa7ae239f7f900bb5e
02d46ef0f3c9b928d504a3e94fd7ecf7ca11f0b55d086c9872d8598c7c791230
0338d1b1445c2d9bdee7eca23f2f450e394d5953937a2ef8a6bcd7759e1c1fd9
0691b33d62e112cce87b247d087564d44eee9c48f139b9ba0038b6b1127bf5b0
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
117a2f53eecfdb4fa19139b4bef36915c876f90078ac9d88f0477bcfd029cd48
1b2b55481432b5b847307152b62110ec5465436c2082a83138d41fd2c133426e
21e8c2135906526ba74095a94fa9ec8bf2b1268d90858c8a7f095bf84222c88f
25a3d40141384f7830a8e36f763e11f70878486f184625eda9e845bb92914a88
273823abfb73fa3cb61a073cd6c15bd3d3ca132738ae4a0bfb33a6dec55c018a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31155ebc01eabc9ac812267c7ad8beb6e8b32d5598923339730ec2ee979104fa
3254f8493a6ae69a7bc7bbfb7b008362b34840c4f5d10a7e736f1a9739733290
429861d41f7c3090c2b07fe7ddfb993ea5b61116bfcac2f83e70729e9b7b9705
47b5a8f8a15c952337518c820c308b9694faf5d0a1454f952fddc358a49cdb7a
490529d566522a876a09061aad477863777e916e5333afdead62085f46106ca3
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
514de27065579aa8bd3c3ccfa82ba59dc6c135e94602be79626f96d0a8db8f23
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd
5ed7264c8ce87f109eb937084ecb7dc3d8533a1945a5542154a5d86fb1d0d6fd
5fe7cd7e86fa163f95338826630fd4faa13163228025dcda8797ff1cd68a1f97
69769f3b171315ee1e3451c0cef7701bdc8cd52ee0598c50ce5ed4fbf31d1c44
6c253697241f8c8be8e1560cf835b6cf1c5459e33494fa4808c942a95996e2e1
6eb91d9f2552547dc8098917336ffae2d3840d26cc31eb9e3c453b988c72c836
7076f07bedf4554ff93db5ffcdf49ee6c9ceb8f4f02e637b7218d814b2bc7f83
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
728fc947287b07a2ed99e294824b855c56e26d68ccfb4705602b00f4fbba8d4e
759a8b44d453594a8343a152f1b8e9655ba8bc6d90b827a2596892af449be5a0
791838fdd791ee4257464e93dbc3334d2e4fcd1816dc9ea6d2765f053afb592e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b84f40bbe3abf7c68db6cb1db388771d3392591b34f5f05254d54731e1b748f
7eae54482d42dca97dfe88c06f2006f607ffb9a176612229600163d9fe8907cc
81670e97b16de54caaf97b2a2cb0c67415751cfe11e3dc38b90d213bcb5c6917
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865ea7132726d6cf266bd3e70952f3797853dfd6ecaf8a9892b97643ebaa5d83
8a050c2944c066ccbb2959a44709f35f1b81d0ec8e570ed5c26300f434ab3019
8d474513a5599ade6f9635d1bb30005f05b90abf397e3037d0b776326d5824e7
8f3a89b62c005ac46c2116cb9f357b3d151f5357fc75622d31cd16cfe0c986e2
94b36d75bae2eb3e3a5715e055f6e962ab63f6297dbe73eac83b5b3806e65d5d
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a7af599fed3f4f92b63e52e919928a632fc05acfe8c649e151d6756aa43d9acc
a9f21433b107eb51672c5011273f07699e514204aff96ca87ee339cc8278f154
aa2978fd2e02a222953ab889d2e24e9354bf52332455dec6fb3d413621fdc591
ab0486c768d64d3337d1ad8fad2a25d1823cb6de7de62a5ae377e3486f2c7b26
abe7b0e07f7c930a1af69e1f2eb94b9881af924282575b525ff8ec1ca46c187f
ac91dda335978320087bb1d09a199f8e1f09d7f6c22b8130b3bb04448e977fcf
bc310e1df488645c90bd70a5a60f0d693b33dd1169ea7b5952abf60355203588
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
c9a1d5e745e3af87c500465c51245fce7370f3ebf072a7c37a627f554b2aeca3
cd3dc1b5fcd9e6493b3381fffa78d54c671fb875793569fa61e3e00ef9f4b2fa
cea694f7525917487bca1050dd97faa06d87e111879200daad8952ee55f19fdc
d3a1d1d65b718d3cbdd2224032e54e524b159b317972adadb83bc2b458a4c8db
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ec5a405aedfabf2ce85ea90ee3b5aac0134d53c9a7d5effaf4a7b80096a26dd4
ecb60e56cb76b6b33960aa2a8322bbf9640e6a261859875a40cb016f9629d8ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f422b11354228585c0515267ccb0f9dfa157110a2b209568975557b928ac7922
ffef70229a98df8d2e53ad02b8d20684f90837c6999a6394624855e3fff3557c

viewfrilans.no Open in urlscan Pro 91.189.120.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

83 %HTTPS

54 %IPv6

17 Domains

24 Subdomains

24 IPs

8 Countries

1371 kBTransfer

3257 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

viewfrilans.no Open in urlscan Pro
91.189.120.202 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

83 %
HTTPS

54 %
IPv6

17
Domains

24
Subdomains

24
IPs

8
Countries

1371 kB
Transfer

3257 kB
Size

10
Cookies

69 HTTP transactions
1 data transactions