finansnord.no Open in urlscan Pro
51.15.83.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231
Effective URL:
https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Submission: On September 20 via api (September 20th 2022, 3:09:02 pm UTC) from BE — Scanned from US

Summary HTTP 53 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 53 HTTP transactions. The main IP is 51.15.83.162, located in Amsterdam, Netherlands and belongs to Online SAS, FR. The main domain is finansnord.no.
TLS certificate: Issued by R3 on September 11th 2022. Valid for: 3 months.

This is the only time finansnord.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.83.58.211 212.83.58.211	47447 (TTM) (TTM)
1 1	34.78.223.0 34.78.223.0	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	51.15.83.162 51.15.83.162	12876 (Online SAS) (Online SAS)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
2	172.105.93.105 172.105.93.105	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1	2a01:7c8:eb:0... 2a01:7c8:eb:0:149:210:170:139	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
5	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:d3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:49::40 2620:1ec:49::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
3	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	20.110.81.91 20.110.81.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
53	18

2 212.83.58.211 (Germany) 1 redirects

ASN47447 (TTM, DE)
PTR: maisonakira.net

clikredict.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.78.223.0 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 0.223.78.34.bc.googleusercontent.com

owenfeel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 51.15.83.162 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 162-83-15-51.instances.scw.cloud

finansnord.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.105.93.105 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 172-105-93-105.ip.linodeusercontent.com

administrator.digitalfinans.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:7c8:eb:0:149:210:170:139 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)

eas8.emediate.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:820::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d3b (United States)

ASN13335 (CLOUDFLARENET, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:49::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.81.91 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	finansnord.no finansnord.no	1005 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 d.clarity.ms — Cisco Umbrella Rank: 5189 c.clarity.ms — Cisco Umbrella Rank: 998	26 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	40 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	676 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 220	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	195 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	143 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	7 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	564 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	461 B
2	digitalfinans.no administrator.digitalfinans.no	351 KB
2	clikredict.us 1 redirects clikredict.us — Cisco Umbrella Rank: 795170	576 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 10644	53 KB
1	emediate.eu eas8.emediate.eu
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	921 B
1	owenfeel.com 1 redirects owenfeel.com	720 B
53	17

	Domain	Requested by
14	finansnord.no	clikredict.us finansnord.no
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com finansnord.no
4	www.facebook.com	finansnord.no
3	d.clarity.ms	www.clarity.ms
3	connect.facebook.net	clikredict.us connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com finansnord.no
3	www.googletagmanager.com	finansnord.no www.googletagmanager.com
3	cdnjs.cloudflare.com	finansnord.no cdnjs.cloudflare.com
2	c.clarity.ms	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	finansnord.no
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	administrator.digitalfinans.no	finansnord.no
2	clikredict.us	1 redirects
1	c.bing.com	1 redirects
1	www.clickcease.com	clikredict.us
1	eas8.emediate.eu	finansnord.no
1	fonts.googleapis.com	finansnord.no
1	owenfeel.com	1 redirects
53	20

This site contains links to these domains. Also see Links.

Domain
silktide.com
accounts.google.com
www.facebook.com
eas8.emediate.eu

Subject Issuer	Validity	Valid
finansnord.no R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
administrator.digitalfinans.no R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.emediate.eu R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-29` - `2022-09-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Frame ID: A77EC626038056AFB37C7A783FCB37A0
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Forbrukslån uten sikkerhet | Samle forbrukslån | lånekalkulator

Page URL History Show full URLs

http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231 Page URL
http://clikredict.us/track/c5538PhAaY262947PVSa25olL5646AElD231 HTTP 302
https://owenfeel.com/?a=3576&oc=11217&c=41509&m=3&s1=9&s2=231-5538&s3=262947-25-5646 HTTP 302
https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

96 %
HTTPS

68 %
IPv6

17
Domains

20
Subdomains

18
IPs

4
Countries

1867 kB
Transfer

2878 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://accounts.google.com/SignUp
Title: her

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FinansNord-1773467999618794/

Search URL Search Domain Scan URL

URL: https://eas8.emediate.eu/eas?camp=257114;ty=ct

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231 Page URL
http://clikredict.us/track/c5538PhAaY262947PVSa25olL5646AElD231 HTTP 302
https://owenfeel.com/?a=3576&oc=11217&c=41509&m=3&s1=9&s2=231-5538&s3=262947-25-5646 HTTP 302
https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9B3CF2AD453A402A8C4FB760AC46BCDD&RedC=c.clarity.ms&MXFR=0DEC5EC28ABA626926264CE78EBA6C0F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B3CF2AD453A402A8C4FB760AC46BCDD&MUID=3D1309EF059D675C305F1BCA043566BB

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c5538PhAaY262947PVSa25olL5646AElD231
clikredict.us/rd/ 243 B
360 B 283ms
127ms Document
text/html 212.83.58.211
TTM

General

Check archive.org

Show headers Download Go to

Full URL: http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231
Protocol: HTTP/1.1
Server: 212.83.58.211 , Germany, ASN47447 (TTM, DE),
Reverse DNS: maisonakira.net
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Length: 243
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Sep 2022 15:08:52 GMT

GET
H2

200

Primary Request / Show response
finansnord.no/
Redirect Chain

http://clikredict.us/track/c5538PhAaY262947PVSa25olL5646AElD231
https://owenfeel.com/?a=3576&oc=11217&c=41509&m=3&s1=9&s2=231-5538&s3=262947-25-5646
https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

77 KB
13 KB

1105ms
603ms

Document
text/html

51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Requested by: Host: clikredict.us
URL: http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 / PHP/7.2.34
Resource Hash: 7efe148d82a0f4c3a6280fadcc5fa643261e06b34effdf4cbf6ae8f61724eeb5

Request headers

Referer: http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 20 Sep 2022 15:08:54 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Tue, 20 Sep 2022 15:08:54 GMT
pragma: no-cache
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
x-powered-by: PHP/7.2.34

Redirect headers

cache-control: private
content-length: 195
content-type: text/html; charset=utf-8
date: Tue, 20 Sep 2022 15:08:53 GMT
location: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 2bae6f9fc23ce119a6b8f9b289f25861.css
finansnord.no/media/plg_jchoptimize/assets/nz/1/0/ 118 KB
118 KB 489ms
486ms Stylesheet
text/css 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/media/plg_jchoptimize/assets/nz/1/0/2bae6f9fc23ce119a6b8f9b289f25861.css
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 / PHP/7.2.34
Resource Hash: 1b78ecae2b8f28a37931a4b8d83f1af0c59c1efe06d2f3dd0af64b77db2c2b8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
etag: 478683e5a32f398408f6a7ed548defd4
last-modified: Wed, 24 Aug 2022 16:22:50 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: Public
accept-ranges: bytes
expires: Thu, 24 Aug 2023 16:22:50 GMT

GET
H2 200 settings.css
finansnord.no/media/com_uniterevolution2/assets/rs-plugin/css/ 54 KB
54 KB 137ms
134ms Stylesheet
text/css 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: 2217ac02bd86aee02692ee45f7af3b038fdb7b37869a8ad0aa43623b3459db64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
last-modified: Thu, 20 Dec 2018 13:21:29 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "d822-57d74022cd511"
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 55330
expires: Wed, 20 Sep 2023 15:08:54 GMT

GET
H2 200 index.php
finansnord.no/ 12 KB
12 KB 608ms
605ms Stylesheet
text/css 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/index.php?option=com_uniterevolution2&action=getcaptions
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 / PHP/7.2.34
Resource Hash: a21b55199697ba21aef09328addaf3dd5575ae974fcacd3a807239043b52161a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
x-powered-by: PHP/7.2.34
content-type: text/css;charset=UTF-8

GET
H2 200 static-captions.css
finansnord.no/media/com_uniterevolution2/assets/rs-plugin/css/ 230 B
278 B 137ms
134ms Stylesheet
text/css 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/media/com_uniterevolution2/assets/rs-plugin/css/static-captions.css
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: f8a0f48e4e0fd7defec1b6e4edd1c39498e49160685635f0cc45a3176a0c3081

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
last-modified: Thu, 20 Dec 2018 13:21:29 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "e6-57d74022cd511"
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 230
expires: Wed, 20 Sep 2023 15:08:54 GMT

GET
H2 200 269313039785c1a531ec258998a0fa14.js Show response
finansnord.no/media/plg_jchoptimize/assets/nz/1/0/ 170 KB
170 KB 490ms
488ms Script
application/javascript 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/media/plg_jchoptimize/assets/nz/1/0/269313039785c1a531ec258998a0fa14.js
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 / PHP/7.2.34
Resource Hash: 9924902b14a134221982f516d2ca5602242f88cda67a63e449b289c2b5717f5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
etag: 0335f0e1db221a6c1a1e581c5c69d087
last-modified: Wed, 24 Aug 2022 16:22:50 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: application/javascript
cache-control: Public
accept-ranges: bytes
expires: Thu, 24 Aug 2023 16:22:50 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 110ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1626649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1618
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC4oJF390sljzG2x5A97emJOf%2BDEW7B400nFk7DzADaBCe0YpWgI5hBG9o8HncgLZGtQYtvqiM4%2FS8nXUx8BUQmwnyq%2F5nCxRsyrxYXdZ762W9kCeCcZs50jx20GKuskj5drykVty%2FSZOF8%2FGs4tsmSa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74db7aaa1d3929fd-ORD
expires: Sun, 10 Sep 2023 15:08:54 GMT

GET
H2 200 jquery.themepunch.tools.min.js Show response
finansnord.no/media/com_uniterevolution2/assets/rs-plugin/js/ 98 KB
98 KB 136ms
135ms Script
application/javascript 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.tools.min.js
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: 3179395361593c5afaf7f5d5c18b7c9c00ebabe5fa335d17f153ee39e2a4fe5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
last-modified: Thu, 20 Dec 2018 13:21:29 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "18882-57d74022ce89a"
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 100482
expires: Wed, 20 Sep 2023 15:08:54 GMT

GET
H2 200 jquery.themepunch.revolution.min.js Show response
finansnord.no/media/com_uniterevolution2/assets/rs-plugin/js/ 108 KB
108 KB 136ms
135ms Script
application/javascript 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/media/com_uniterevolution2/assets/rs-plugin/js/jquery.themepunch.revolution.min.js
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: 6e1f30c66bddf3f265ad81dbe374c2624c4aa08734cf42a5824451e48f1662fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:54 GMT
last-modified: Thu, 20 Dec 2018 13:21:29 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "1aefc-57d74022ce4b2"
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 110332
expires: Wed, 20 Sep 2023 15:08:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 228ms
135ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-86758034-3

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23d3614864f4380a098e0fbfcbf1dfec39ca063a47185eeab530666620d13616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42203
x-xss-protection: 0
expires: Tue, 20 Sep 2022 15:08:55 GMT

GET
H2 200 Finans-Nord-logo.png
finansnord.no/templates/vidi/images/ 3 KB
3 KB 121ms
120ms Image
image/png 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finansnord.no/templates/vidi/images/Finans-Nord-logo.png
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: 5f65c9e499aa373131a888c61e26cbbf9dd242cfe6c13d1f2fb10a3995cddcad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
last-modified: Thu, 19 Apr 2018 12:57:23 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "c66-56a331cd6273f"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3174
expires: Thu, 20 Oct 2022 15:08:55 GMT

GET
H2 200 happy-woman.jpg
finansnord.no/images/ 352 KB
353 KB 122ms
121ms Image
image/jpeg 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finansnord.no/images/happy-woman.jpg
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: bb71f664e12f013f3b0cc993799e479048f6349c35f467849a8451ecb3199461

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
last-modified: Thu, 19 Apr 2018 12:55:02 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "58129-56a33146ecef0"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 360745
expires: Thu, 20 Oct 2022 15:08:55 GMT

GET
H2 200 application.css
administrator.digitalfinans.no/assets/css/ 30 KB
30 KB 975ms
256ms Stylesheet
text/css 172.105.93.105
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://administrator.digitalfinans.no/assets/css/application.css
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.105.93.105 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 172-105-93-105.ip.linodeusercontent.com
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: e5261999a385427a8e6af937229dd09c66c01d9e537baacff68f454ee1718046

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:56 GMT
last-modified: Mon, 19 Aug 2019 06:04:00 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "763e-590721b2a9400"
content-type: text/css
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 30270
expires: Thu, 20 Oct 2022 15:08:56 GMT

GET
H2 200 application.js Show response
administrator.digitalfinans.no/assets/js/ 321 KB
321 KB 1096ms
377ms Script
application/javascript 172.105.93.105
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://administrator.digitalfinans.no/assets/js/application.js
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.105.93.105 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 172-105-93-105.ip.linodeusercontent.com
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 / PHP/7.2.34
Resource Hash: f6ce5c404e979cff09ced11e2e9a077d43e8403bfd426b683149e9f39584eba9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:56 GMT
etag: "8dd53cace0ade5eef6ca5346c1201f51"
last-modified: Fri, 26 Aug 2022 07:01:36 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
x-powered-by: PHP/7.2.34
content-type: application/javascript
cache-control: private, must-revalidate
expires: Tue, 20 Sep 2022 15:08:56 GMT

GET
H2 200 Finans-Nordlogo-white.png
finansnord.no/templates/vidi/images/ 5 KB
5 KB 147ms
146ms Image
image/png 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finansnord.no/templates/vidi/images/Finans-Nordlogo-white.png
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: a951299820daf12e104d27f2b1d2345c8e720cc4ec5ab2de9d85cade2b55b641

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
last-modified: Thu, 19 Apr 2018 12:57:23 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "13d8-56a331cd58afe"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5080
expires: Thu, 20 Oct 2022 15:08:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
921 B 150ms
56ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:400,300,700

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97fa810ec629491a976619c6415e2a9025bc30a443f198e450cff92c29e1b96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 13:46:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 20 Sep 2022 15:08:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Sep 2022 15:08:55 GMT

GET
H2 200 onscreen.js Show response
finansnord.no/templates/vidi/js/ 3 KB
3 KB 121ms
119ms Script
application/javascript 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/templates/vidi/js/onscreen.js
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: 84d68e19700f848050f0f74a2e7aee346537326eaaf5cece14728ac7064a67ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
last-modified: Thu, 19 Apr 2018 12:57:26 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "a96-56a331d0624b6"
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2710
expires: Wed, 20 Sep 2023 15:08:55 GMT

GET
H/1.1 200
OK eas
eas8.emediate.eu/ 0
0 797ms
123ms Image
text/html 2a01:7c8:eb:0:149:210:170:139
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eas8.emediate.eu/eas?camp=257114;cre=img;ord=[cachebuster]
Requested by: Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7c8:eb:0:149:210:170:139 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
60 KB 159ms
67ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T543D5L

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

109733c222121ff41da1d54341cd9b3c0066296293373990630050806e041e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60915
x-xss-protection: 0
expires: Tue, 20 Sep 2022 15:08:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
44ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T543D5L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2603
date: Tue, 20 Sep 2022 14:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 16:25:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 96ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T543D5L

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E6331F4B56F4415D904B381F5E98344C Ref B: CHGEDGE1315 Ref C: 2022-09-20T15:08:55Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 20 Sep 2022 15:08:54 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 154ms
47ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: clikredict.us
URL: http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: dWHCClucv7jSonpxBEWnnNlZ6HkMRtC4BgVKS6thvtD3wS11mazZoBfwULzG6r0gcdgQaRY9AKSB8f+QfvGmjg==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 15:08:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 162 KB
53 KB 128ms
51ms Script
application/javascript 2606:4700:20::681a:d3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: clikredict.us
URL: http://clikredict.us/rd/c5538PhAaY262947PVSa25olL5646AElD231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d3b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c5d878d7cae8df42a57c44a47e5f872305557edf7d089c7b4587692a801aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8251
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Jul 2022 09:00:38 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"287f5-5e44cf392c650-gzip"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlQ2Ioncv3Zq1bqMGlUtVF6tOPy3buIM28w%2B4fmC7cK61EZ9YYhCwIVNwV3q3tY2Gdr0KRFMMs%2B1nd3f0DRlU5ekrxNEYCzIBKP3zMxZ8ga%2FcpwCxMUrZbZGPu77bqtlT%2B9tk1v%2BRydT0Jslg2JQyfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
cache-control: max-age=2678400
access-control-allow-credentials: true
cf-ray: 74db7aafccc26375-ORD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Thu, 20 Oct 2022 12:51:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 72ms
71ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-86758034-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T543D5L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d53dde7200e966cbcf934b92c73171e638fe33bfcf58f64fab1da7e28d4c30e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42211
x-xss-protection: 0
expires: Tue, 20 Sep 2022 15:08:55 GMT

GET
H2 200 56287755.js Show response
bat.bing.com/p/action/ 1 KB
844 B 100ms
99ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56287755.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2c851013e52c3edbabdcd6274697cb8e9341911a8e749efada19d056b5fa0f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A6C789A707874BE5B1DAE06285ADD1B6 Ref B: CHGEDGE1315 Ref C: 2022-09-20T15:08:55Z
date: Tue, 20 Sep 2022 15:08:54 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 668

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 142ms
58ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1094430948&t=pageview&_s=1&dl=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&dr=http%3A%2F%2Fclikredict.us%2F&ul=en-us&de=UTF-8&dt=Forbruksl%C3%A5n%20uten%20sikkerhet%20%7C%20Samle%20forbruksl%C3%A5n%20%7C%20l%C3%A5nekalkulator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=253702386&gjid=1968662134&cid=229878523.1663686536&tid=UA-178256438-1&_gid=1054632100.1663686536&_r=1&gtm=2wg9j0T543D5L&z=1635687320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 15:08:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finansnord.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 138ms
57ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1094430948&t=pageview&_s=1&dl=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&dr=http%3A%2F%2Fclikredict.us%2F&ul=en-us&de=UTF-8&dt=Forbruksl%C3%A5n%20uten%20sikkerhet%20%7C%20Samle%20forbruksl%C3%A5n%20%7C%20l%C3%A5nekalkulator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1012734557&gjid=1640083883&cid=229878523.1663686536&tid=UA-86758034-3&_gid=1054632100.1663686536&_r=1&gtm=2ou9j0&z=1909211545

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 15:08:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finansnord.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56287755 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 193ms
105ms Script
application/x-javascript 2620:1ec:49::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56287755
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56287755.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 4727f8a0280153454efde69a194fb8ad23850dd7516eac7ac4a360e1c6eb3664

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
x-powered-by: ASP.NET
x-azure-ref: 0h9cpYwAAAAAqQ1NKsbv9TqZa3EIWqCtrRE0yQUExMDkxMjA4MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 1540
expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
438 B 127ms
47ms XHR
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178256438-1&cid=229878523.1663686536&jid=253702386&gjid=1968662134&_gid=1054632100.1663686536&_u=YEBAAAAAAAAAAC~&z=452773057

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 15:08:55 GMT
content-type: text/plain
access-control-allow-origin: https://finansnord.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3869331783078417 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 137ms
87ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3869331783078417?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e496cec2783e3fc5394bc6b9723c6c076db61fd268d16a1e45a17b0c6383edae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: y/BwzlcR/O6i6dZgYASnUkNw9Fkb5k0IosqfQmcSuJBQGqBT1d+FzRVDXsao4j/dlmxMM8tBWbymFCZGsUOsmQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 15:08:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 152ms
61ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-178256438-1&cid=229878523.1663686536&jid=253702386&_u=YEBAAAAAAAAAAC~&z=137476815

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 15:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.40/ 54 KB
23 KB 65ms
65ms Script
application/javascript 2620:1ec:49::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56287755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:55 GMT
content-encoding: br
etag: "1d8c7baa5622330"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0iNcpYwAAAAAFN8R60OQ0SaFhsaBhFOcYRE0yQUExMDkxMjA4MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
accept-ranges: bytes
content-length: 23442
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect Show response
d.clarity.ms/ 0
174 B 149ms
42ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://finansnord.no
date: Tue, 20 Sep 2022 15:08:56 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 fontawesome-webfont.woff2
finansnord.no/templates/vidi/fonts/ 65 KB
65 KB 122ms
121ms Font
application/octet-stream 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://finansnord.no/templates/vidi/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: finansnord.no
URL: https://finansnord.no/media/plg_jchoptimize/assets/nz/1/0/2bae6f9fc23ce119a6b8f9b289f25861.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://finansnord.no/media/plg_jchoptimize/assets/nz/1/0/2bae6f9fc23ce119a6b8f9b289f25861.css
Origin: https://finansnord.no
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:56 GMT
last-modified: Thu, 19 Apr 2018 12:57:21 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "10440-56a331cbbc144"
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 66624
expires: Thu, 20 Oct 2022 15:08:56 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2604
date: Tue, 20 Sep 2022 14:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 16:25:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 54ms
54ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1094430948&t=pageview&_s=1&dl=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&dr=http%3A%2F%2Fclikredict.us%2F&ul=en-us&de=UTF-8&dt=Forbruksl%C3%A5n%20uten%20sikkerhet%20%7C%20Samle%20forbruksl%C3%A5n%20%7C%20l%C3%A5nekalkulator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1234990309&gjid=821338286&cid=229878523.1663686536&tid=UA-86758034-1&_gid=1054632100.1663686536&_r=1&_slc=1&z=1673720877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 15:08:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finansnord.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
17 KB 132ms
41ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finansnord.no
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:42:40 GMT
x-content-type-options: nosniff
age: 602776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 15:42:40 GMT

GET
H2 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 141ms
53ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finansnord.no
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:42:36 GMT
x-content-type-options: nosniff
age: 602780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16172
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 15:42:36 GMT

GET
H2 200 loader.gif
finansnord.no/media/com_uniterevolution2/assets/rs-plugin/assets/ 2 KB
3 KB 120ms
119ms Image
image/gif 51.15.83.162
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finansnord.no/media/com_uniterevolution2/assets/rs-plugin/assets/loader.gif
Requested by: Host: finansnord.no
URL: https://finansnord.no/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.83.162 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 162-83-15-51.instances.scw.cloud
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34 /
Resource Hash: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/media/com_uniterevolution2/assets/rs-plugin/css/settings.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:56 GMT
last-modified: Thu, 20 Dec 2018 13:21:29 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.2.34
etag: "9f1-57d74022cc571"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2545
expires: Thu, 20 Oct 2022 15:08:56 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56287755&tm=gtm002&Ver=2&mid=aaa23540-4b82-4711-921e-f7abf76bf51f&sid=25f52a4038f611edb4212b188904b37d&vid=25f5483038f611ed8662a9030f2786a0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Forbruksl%C3%A5n%20uten%20sikkerhet%20%7C%20Samle%20forbruksl%C3%A5n%20%7C%20l%C3%A5nekalkulator&kw=forbruksl%C3%A5n,%20refinansiering,%20billig%20forbruksl%C3%A5n,%20sm%C3%A5l%C3%A5n,%20forbruksl%C3%A5n%20uten%20sikkerhet,%20forbruksl%C3%A5n%20p%C3%A5%20dagen,%20l%C3%A5nekalkulator&p=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&r=http%3A%2F%2Fclikredict.us%2F&lt=4011&evt=pageLoad&sv=1&rn=218863

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA8286D7DA7E46A69679C1446000A913 Ref B: CHGEDGE1315 Ref C: 2022-09-20T15:08:56Z
date: Tue, 20 Sep 2022 15:08:55 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 125ms
47ms XHR
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-86758034-1&cid=229878523.1663686536&jid=1234990309&gjid=821338286&_gid=1054632100.1663686536&_u=aEDAAUABAAAAAC~&z=1520512071

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 15:08:56 GMT
content-type: text/plain
access-control-allow-origin: https://finansnord.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 148ms
61ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-86758034-1&cid=229878523.1663686536&jid=1234990309&_u=aEDAAUABAAAAAC~&z=1123313233

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 15:08:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 246518649523376 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 88ms
88ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/246518649523376?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d42e8fd16db765ad3a097044852c41083f187deaf36727d8d63b219f67bd3a42

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: lW/QGDJrshPgfQzS/MGO1qIbhQv2DBK2MV3nf+0FeM+rueigY6UvTdOINqustRMdq71RO+2crUAPGWN68Ybkhw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 15:08:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 516ms
236ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3869331783078417&ev=PageView&dl=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&rl=http%3A%2F%2Fclikredict.us%2F&if=false&ts=1663686537020&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1663686537019.244463423&it=1663686535933&coo=false&rqm=GET

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 20 Sep 2022 15:08:57 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 131ms
131ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://finansnord.no
date: Tue, 20 Sep 2022 15:08:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 192ms
142ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=246518649523376&ev=PageView&dl=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&rl=http%3A%2F%2Fclikredict.us%2F&if=false&ts=1663686537996&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663686537019.244463423&it=1663686535933&coo=false&rqm=GET

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 20 Sep 2022 15:08:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 95ms
46ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3869331783078417&ev=Microdata&dl=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&rl=http%3A%2F%2Fclikredict.us%2F&if=false&ts=1663686537997&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Forbruksl%C3%A5n%20uten%20sikkerhet%20%7C%20Samle%20forbruksl%C3%A5n%20%7C%20l%C3%A5nekalkulator%22%2C%22meta%3Akeywords%22%3A%22forbruksl%C3%A5n%2C%20refinansiering%2C%20billig%20forbruksl%C3%A5n%2C%20sm%C3%A5l%C3%A5n%2C%20forbruksl%C3%A5n%20uten%20sikkerhet%2C%20forbruksl%C3%A5n%20p%C3%A5%20dagen%2C%20l%C3%A5nekalkulator%22%2C%22meta%3Adescription%22%3A%22S%C3%98K%20FORBRUKSL%C3%85N%20TIL%20DET%20DU%20VIL!%20Pr%C3%B8v%20v%C3%A5r%20l%C3%A5nekalkulator.%20%5Cn%5CnDu%20kan%20refinansiere%2C%20samle%20sm%C3%A5l%C3%A5n%20og%20innfri%20l%C3%A5n%2F%20kreditter%20eller%20ta%20nytt%20forbruksl%C3%A5n%20%20inntil%20500.000%20kroner%20uten%20sikkerhet.%20%5Cn12%20banker%20-%20en%20l%C3%A5nes%C3%B8knad.%20Vi%20hjelper%20deg%20%C3%A5%20finne%20det%20beste%20l%C3%A5netilbudet%20-%20du%20velger%20den%20beste%20renten.%5Cn%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22http%3A%2F%2Fvidi.no%2Fimages%2Flogo.png%22%2C%22og%3Asite_name%22%3A%22Vidi%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1663686537019.244463423&it=1663686535933&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: finansnord.no
URL: https://finansnord.no/?&clickid=266736612&campaign=1050&affid=3576

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 20 Sep 2022 15:08:58 GMT

GET
H3 200 light-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
1 KB 68ms
38ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2908653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 776
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW27V565xfRQBHWztx3yGCittTpp10Y%2Bv8AjNYCU%2FG6OiqtY2nmbbGteMT3bx5NkzvNKx4pHQ7sxm9%2Bg%2F7W9QHIWRMvMNC8lDhya4Gu6UcAkN5X7ora83uB%2BdVX1MaOA%2FYfZ53X05pALgJScazEx9a%2BA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74db7abff9948708-ORD
expires: Sun, 10 Sep 2023 15:08:58 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9B3CF2AD453A402A8C4FB760AC46BCDD&RedC=c.clarity.ms&MXFR=0DEC5EC28ABA626926264CE78EBA6C0F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B3CF2AD453A402A8C4FB760AC46BCDD&MUID=3D1309EF059D675C305F1BCA043566BB

42 B
443 B

49ms
48ms

Image
image/gif

20.110.81.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B3CF2AD453A402A8C4FB760AC46BCDD&MUID=3D1309EF059D675C305F1BCA043566BB
Protocol: H2
Server: 20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 15:08:58 GMT
last-modified: Tue, 13 Sep 2022 19:53:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b0f8d886aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 15:08:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46DBD1929C784CB597F08303445E2850 Ref B: CHGEDGE1315 Ref C: 2022-09-20T15:08:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B3CF2AD453A402A8C4FB760AC46BCDD&MUID=3D1309EF059D675C305F1BCA043566BB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
4 KB 40ms
40ms Image
image/png 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/logo.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3537340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3087
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qKIcVrbNPG3Bky3568v84N488bTeCBBXT0JUI8xFcfTdhZbk%2B2UwQQ6B3%2BeA6dRyb%2BmEEA3N7S%2BO0xxOspdglbzZJpSCtk6c2THfeJSiKI0VgTrliydUIrwxZLEU9jH8m8ztczNwfj1r%2FCQ1NaI2b1B"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74db7ac04a258708-ORD
expires: Sun, 10 Sep 2023 15:08:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 46ms
46ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=246518649523376&ev=Microdata&dl=https%3A%2F%2Ffinansnord.no%2F%3F%26clickid%3D266736612%26campaign%3D1050%26affid%3D3576&rl=http%3A%2F%2Fclikredict.us%2F&if=false&ts=1663686538498&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Forbruksl%C3%A5n%20uten%20sikkerhet%20%7C%20Samle%20forbruksl%C3%A5n%20%7C%20l%C3%A5nekalkulator%22%2C%22meta%3Akeywords%22%3A%22forbruksl%C3%A5n%2C%20refinansiering%2C%20billig%20forbruksl%C3%A5n%2C%20sm%C3%A5l%C3%A5n%2C%20forbruksl%C3%A5n%20uten%20sikkerhet%2C%20forbruksl%C3%A5n%20p%C3%A5%20dagen%2C%20l%C3%A5nekalkulator%22%2C%22meta%3Adescription%22%3A%22S%C3%98K%20FORBRUKSL%C3%85N%20TIL%20DET%20DU%20VIL!%20Pr%C3%B8v%20v%C3%A5r%20l%C3%A5nekalkulator.%20%5Cn%5CnDu%20kan%20refinansiere%2C%20samle%20sm%C3%A5l%C3%A5n%20og%20innfri%20l%C3%A5n%2F%20kreditter%20eller%20ta%20nytt%20forbruksl%C3%A5n%20%20inntil%20500.000%20kroner%20uten%20sikkerhet.%20%5Cn12%20banker%20-%20en%20l%C3%A5nes%C3%B8knad.%20Vi%20hjelper%20deg%20%C3%A5%20finne%20det%20beste%20l%C3%A5netilbudet%20-%20du%20velger%20den%20beste%20renten.%5Cn%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22http%3A%2F%2Fvidi.no%2Fimages%2Flogo.png%22%2C%22og%3Asite_name%22%3A%22Vidi%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663686537019.244463423&it=1663686535933&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://finansnord.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:08:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 20 Sep 2022 15:08:58 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 42ms
42ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://finansnord.no/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://finansnord.no
date: Tue, 20 Sep 2022 15:08:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.owenfeel.com/	1969-12-31 23:59:59	Name: som Value: odxnU+vdKci8AfQ5PhEF8RhjC16MdDgop5RaHxTwcoFfRMQ1dLlYBQ==
.owenfeel.com/	1970-01-20 15:44:06	Name: tm Value: Y4YB2kuczNYyhirtWVKUbBhjC16MdDgop5RaHxTwcoFfRMQ1dLlYBQ==
.owenfeel.com/	1970-01-20 06:51:18	Name: c11191 Value: odxnU+vdKchM36gze5fnobt7CxxIcUsUDSGnJqNIT0hZWyf+npnpAw==
finansnord.no/	1969-12-31 23:59:59	Name: 21dd2a5601e2988fa6744cca9513dfbd Value: 0ap6qp36q8poq9h54obnk8erq9
finansnord.no/	1970-01-20 06:51:18	Name: fp Value: 266736612
finansnord.no/	1970-01-20 06:51:18	Name: campaign Value: 1050
finansnord.no/	1970-01-20 06:51:18	Name: affid Value: 3576
.bing.com/	1970-01-20 15:29:42	Name: MUID Value: 3D1309EF059D675C305F1BCA043566BB
.bat.bing.com/	1970-01-20 06:18:11	Name: MR Value: 0
.finansnord.no/	1970-01-20 15:44:06	Name: _ga Value: GA1.2.229878523.1663686536
.finansnord.no/	1970-01-20 06:09:32	Name: _gid Value: GA1.2.1054632100.1663686536
.finansnord.no/	1970-01-20 06:08:06	Name: _gat_UA-178256438-1 Value: 1
.finansnord.no/	1970-01-20 06:08:06	Name: _gat_gtag_UA_86758034_3 Value: 1
www.clarity.ms/	1970-01-20 14:53:42	Name: CLID Value: 177398121c864224978de9ed2d99d69c.20220920.20230920
.finansnord.no/	1970-01-20 14:53:42	Name: _clck Value: 1ugp0as\|1\|f51\|0
.finansnord.no/	1970-01-20 06:09:32	Name: _clsk Value: 1bby9hs\|1663686536359\|1\|1\|d.clarity.ms/collect
.finansnord.no/	1970-01-20 06:08:06	Name: _gat Value: 1
.finansnord.no/	1970-01-20 06:09:32	Name: _uetsid Value: 25f52a4038f611edb4212b188904b37d
.finansnord.no/	1970-01-20 15:29:42	Name: _uetvid Value: 25f5483038f611ed8662a9030f2786a0
.finansnord.no/	1970-01-20 08:17:42	Name: _fbp Value: fb.1.1663686537019.244463423
.facebook.com/	1970-01-20 08:17:42	Name: fr Value: 0MLFwcOweWxWXkGQy..BjKdeJ...1.0.BjKdeJ.
.c.bing.com/	1970-01-20 06:18:11	Name: MR Value: 0
.c.bing.com/	1970-01-20 15:29:42	Name: SRM_B Value: 3D1309EF059D675C305F1BCA043566BB
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:29:42	Name: MUID Value: 3D1309EF059D675C305F1BCA043566BB
.c.clarity.ms/	1970-01-20 06:18:11	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 06:08:07	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

administrator.digitalfinans.no
bat.bing.com
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
clikredict.us
connect.facebook.net
d.clarity.ms
eas8.emediate.eu
finansnord.no
fonts.googleapis.com
fonts.gstatic.com
owenfeel.com
stats.g.doubleclick.net
www.clarity.ms
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
172.105.93.105
20.110.81.91
212.83.58.211
2606:4700:20::681a:d3b
2606:4700::6811:190e
2607:f8b0:4004:c06::9c
2607:f8b0:4006:807::2004
2607:f8b0:4006:81e::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::200a
2620:1ec:49::40
2620:1ec:c11::200
2a01:7c8:eb:0:149:210:170:139
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
34.78.223.0
40.76.174.66
51.15.83.162
109733c222121ff41da1d54341cd9b3c0066296293373990630050806e041e78
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1b78ecae2b8f28a37931a4b8d83f1af0c59c1efe06d2f3dd0af64b77db2c2b8a
2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109
2217ac02bd86aee02692ee45f7af3b038fdb7b37869a8ad0aa43623b3459db64
23d3614864f4380a098e0fbfcbf1dfec39ca063a47185eeab530666620d13616
2c851013e52c3edbabdcd6274697cb8e9341911a8e749efada19d056b5fa0f7d
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3179395361593c5afaf7f5d5c18b7c9c00ebabe5fa335d17f153ee39e2a4fe5e
37c5d878d7cae8df42a57c44a47e5f872305557edf7d089c7b4587692a801aa8
4727f8a0280153454efde69a194fb8ad23850dd7516eac7ac4a360e1c6eb3664
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
5f65c9e499aa373131a888c61e26cbbf9dd242cfe6c13d1f2fb10a3995cddcad
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1f30c66bddf3f265ad81dbe374c2624c4aa08734cf42a5824451e48f1662fa
7efe148d82a0f4c3a6280fadcc5fa643261e06b34effdf4cbf6ae8f61724eeb5
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84d68e19700f848050f0f74a2e7aee346537326eaaf5cece14728ac7064a67ed
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
97fa810ec629491a976619c6415e2a9025bc30a443f198e450cff92c29e1b96a
9924902b14a134221982f516d2ca5602242f88cda67a63e449b289c2b5717f5d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a21b55199697ba21aef09328addaf3dd5575ae974fcacd3a807239043b52161a
a951299820daf12e104d27f2b1d2345c8e720cc4ec5ab2de9d85cade2b55b641
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb71f664e12f013f3b0cc993799e479048f6349c35f467849a8451ecb3199461
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
d42e8fd16db765ad3a097044852c41083f187deaf36727d8d63b219f67bd3a42
d53dde7200e966cbcf934b92c73171e638fe33bfcf58f64fab1da7e28d4c30e1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e496cec2783e3fc5394bc6b9723c6c076db61fd268d16a1e45a17b0c6383edae
e5261999a385427a8e6af937229dd09c66c01d9e537baacff68f454ee1718046
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ce5c404e979cff09ced11e2e9a077d43e8403bfd426b683149e9f39584eba9
f8a0f48e4e0fd7defec1b6e4edd1c39498e49160685635f0cc45a3176a0c3081
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

finansnord.no Open in urlscan Pro 51.15.83.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

68 %IPv6

17 Domains

20 Subdomains

18 IPs

4 Countries

1867 kBTransfer

2878 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

finansnord.no Open in urlscan Pro
51.15.83.162 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

68 %
IPv6

17
Domains

20
Subdomains

18
IPs

4
Countries

1867 kB
Transfer

2878 kB
Size

27
Cookies

53 HTTP transactions
0 data transactions