Submitted URL: http://www.nordan.no/smartdor
Effective URL: https://www.nordan.no/
Submission: On December 18 via api from US

Summary

This website contacted 28 IPs in 8 countries across 28 domains to perform 84 HTTP transactions. The main IP is 138.201.54.2, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.nordan.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 4th 2019. Valid for: 3 months.
This is the only time www.nordan.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 50 138.201.54.2 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.139.128.10 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:1b:... 54113 (FASTLY)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 172.217.21.194 15169 (GOOGLE)
1 152.199.21.2 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 213.155.156.188 1299 (TELIANET ...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.136 26667 (RUBICONPR...)
2 4 213.155.156.182 1299 (TELIANET ...)
1 2 34.95.120.147 15169 (GOOGLE)
2 2 37.252.173.22 29990 (ASN-APPNEXUS)
1 20.36.253.28 8075 (MICROSOFT...)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 52.29.14.143 16509 (AMAZON-02)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 52.59.138.183 16509 (AMAZON-02)
1 34.252.253.131 16509 (AMAZON-02)
2 3 52.210.120.224 16509 (AMAZON-02)
1 2 52.58.87.45 16509 (AMAZON-02)
1 2 37.157.6.251 198622 (ADFORM)
1 52.48.43.85 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
84 28
Domain Requested by
50 www.nordan.no 3 redirects www.nordan.no
ajax.googleapis.com
tb.de17a.com
4 d5p.de17a.com 2 redirects blank
4 tb.de17a.com 1 redirects www.nordan.no
tb.de17a.com
4 cdn.jsdelivr.net www.nordan.no
3 ad.sxp.smartclip.net 2 redirects blank
3 pro.fontawesome.com www.nordan.no
tb.de17a.com
2 dsum.casalemedia.com 1 redirects blank
2 dmp.adform.net 1 redirects blank
2 x.bidswitch.net 1 redirects blank
2 pixel.advertising.com blank
2 sync.search.spotxchange.com 1 redirects blank
2 ad.360yield.com 1 redirects blank
2 ib.adnxs.com 2 redirects
2 us-u.openx.net 1 redirects blank
2 cm.g.doubleclick.net 2 redirects
2 www.google.de www.nordan.no
2 www.google.com 1 redirects www.nordan.no
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 npmcdn.com 1 redirects www.nordan.no
1 usermatch.targeting.unrulymedia.com blank
1 soma.smaato.net blank
1 image2.pubmatic.com blank
1 atemda.com blank
1 pixel.rubiconproject.com blank
1 stats.g.doubleclick.net 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 hello.myfonts.net www.nordan.no
1 www.googleadservices.com www.nordan.no
1 cdnjs.cloudflare.com www.nordan.no
1 ajax.googleapis.com www.nordan.no
1 www.googletagmanager.com www.nordan.no
84 31
Subject Issuer Validity Valid
nordan.no
Let's Encrypt Authority X3
2019-11-04 -
2020-02-02
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-11-13 -
2020-02-05
3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-11-13 -
2020-02-05
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-07 -
2020-10-09
a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
www.googleadservices.com
GTS CA 1O1
2019-11-13 -
2020-02-05
3 months crt.sh
hello.myfonts.net
DigiCert SHA2 Secure Server CA
2019-06-03 -
2021-06-07
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-11-13 -
2020-02-05
3 months crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA
2019-12-03 -
2020-12-02
a year crt.sh
www.google.de
GTS CA 1O1
2019-11-13 -
2020-02-05
3 months crt.sh
www.google.com
GTS CA 1O1
2019-11-13 -
2020-02-05
3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2
2018-01-12 -
2020-01-12
2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.360yield.com
Amazon
2019-09-24 -
2020-10-24
a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2019-03-20 -
2021-04-21
2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2017-06-14 -
2020-06-18
3 years crt.sh
*.ad.smaato.net
Amazon
2019-08-21 -
2020-09-21
a year crt.sh
*.smartclip.net
Amazon
2019-03-28 -
2020-04-28
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2019-04-17 -
2020-05-04
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.targeting.unrulymedia.com
Amazon
2019-07-31 -
2020-08-31
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2019-07-17 -
2020-03-09
8 months crt.sh

This page contains 4 frames:

Primary Page: https://www.nordan.no/
Frame ID: E8410F8AB33427E804DE9B8A80601C28
Requests: 66 HTTP requests in this frame

Frame: https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Frame ID: 2432871E9C03C45FF023B1245D45057C
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nordan.no%2F%22%2C%22title%22%3A%22NorDan%22%2C%22trackingAccountId%22%3A%226174%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 07D52AF74E3B287A015DC9944F117B71
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=3545189753303135494&expires=30
Frame ID: E58C0AC5E2300D030C7980FA6A978DAA
Requests: 16 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.nordan.no/smartdor HTTP 301
    https://www.nordan.no/smartdor HTTP 301
    https://www.nordan.no/xxxx HTTP 301
    https://www.nordan.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /WooCommerce ([\d.]+)/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • meta generator /WooCommerce ([\d.]+)/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • meta generator /WooCommerce ([\d.]+)/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • meta generator /WooCommerce ([\d.]+)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

84
Requests

100 %
HTTPS

33 %
IPv6

28
Domains

31
Subdomains

28
IPs

8
Countries

1316 kB
Transfer

2031 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nordan.no/smartdor HTTP 301
    https://www.nordan.no/smartdor HTTP 301
    https://www.nordan.no/xxxx HTTP 301
    https://www.nordan.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://npmcdn.com/imagesloaded@4.1/imagesloaded.pkgd.min.js HTTP 302
  • https://npmcdn.com/imagesloaded@4.1.4/imagesloaded.pkgd.min.js
Request Chain 51
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2083105852&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nordan.no%2F&ul=en-us&de=UTF-8&dt=NorDan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=279554959&gjid=1533287023&cid=1193812992.1576644037&tid=UA-46632043-1&_gid=626915230.1576644037&_r=1&gtm=2ouc61&z=822275182 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_gid=626915230.1576644037&gjid=1533287023&_v=j79&z=822275182 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_v=j79&z=822275182 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_v=j79&z=822275182&slf_rd=1&random=4147509966
Request Chain 63
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Request Chain 68
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc= HTTP 302
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFLP_a2_F55EE0o8hIb0hRo&google_cver=1&google_ula=668382,0
Request Chain 69
  • https://us-u.openx.net/w/1.0/sd?id=536878327&val=3545189753303135494 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=3545189753303135494
Request Chain 70
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=2709148349233338424
Request Chain 73
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=3545189753303135494&expiration=1579236036 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3545189753303135494&expiration=1579236036
Request Chain 74
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3545189753303135494&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3545189753303135494&img=1&__user_check__=1&sync_id=89167d5f-2150-11ea-ba19-1ab0ad8d1b06
Request Chain 78
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1 HTTP 302
  • https://d5p.de17a.com/getuid/smartclip?uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c HTTP 302
  • https://d5p.de17a.com/getuid/smartclip;c?uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3802100773343858630&uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c
Request Chain 79
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=3545189753303135494&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3545189753303135494&expires=30
Request Chain 80
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=3545189753303135494 HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3545189753303135494
Request Chain 82
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3545189753303135494&expiration=1579236036 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3545189753303135494&expiration=1579236036&C=1

84 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.nordan.no/
Redirect Chain
  • http://www.nordan.no/smartdor
  • https://www.nordan.no/smartdor
  • https://www.nordan.no/xxxx
  • https://www.nordan.no/
67 KB
14 KB
Document
General
Full URL
https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PHP/7.1.33 PleskLin
Resource Hash
6898520a59d1db8bba2c6450e7c86ffc46e9b960db395d437958a1a8cc6fdcad

Request headers

Host
www.nordan.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
14017
Connection
keep-alive
X-Powered-By
PHP/7.1.33 PleskLin
Vary
Accept-Encoding, Cookie
Cache-Control
max-age=3600, must-revalidate
Content-Encoding
gzip
Hummingbird-Cache
Served
X-Cache-Status
BYPASS

Redirect headers

Server
nginx
Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.33 PleskLin
Expires
Wed, 18 Dec 2019 05:40:36 GMT
Cache-Control
max-age=3600
X-Redirect-By
redirection
Location
/
X-Cache-Status
BYPASS
js
www.googletagmanager.com/gtag/
73 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46632043-1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32816185b7bd8432fae66516400eb86dcf5b85d291e97c4a7a945a40c024cb76
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
content-encoding
br
last-modified
Wed, 18 Dec 2019 03:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27813
x-xss-protection
0
expires
Wed, 18 Dec 2019 04:40:36 GMT
all.css
pro.fontawesome.com/releases/v5.10.1/css/
153 KB
30 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.10.1/css/all.css
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nordan.no/
Origin
https://www.nordan.no

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2019 19:59:04 GMT
access-control-allow-origin
*
etag
"28b5623458ed1aafaff6b3c0b63ed250"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1576644036.cds001.wa1.hn,1576644036.cds006.wa1.c
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
access-control-allow-methods
GET
accept-ranges
bytes
content-length
30146
MyFontsWebfontsKit.css
www.nordan.no/wp-content/themes/nordan/
6 KB
1 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/MyFontsWebfontsKit.css?1572617025
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
e68fbb37cf35e176f2c01104d93b7cc5784488d9d134cdb90a77ac06c0d8e0fb

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Nov 2019 11:35:58 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dc00d1e-186b"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
style.css
www.nordan.no/wp-content/themes/nordan/
38 KB
8 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/style.css?1575541047
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
2d65685aa3a7a2e638ab77491045b8c58efded2a51102474ffd3801845f50662

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Dec 2019 10:17:27 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5de8d937-97b8"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
style.css
www.nordan.no/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/
30 KB
5 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
e64100e08c53608c5bb9b424b788a4376a09706ad0bbce0d8fb75622952a5960

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:47 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a7-76e8"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
woocommerce-layout.css
www.nordan.no/wp-content/plugins/woocommerce/assets/css/
16 KB
2 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.8.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-409e"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
woocommerce.css
www.nordan.no/wp-content/plugins/woocommerce/assets/css/
61 KB
9 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.8.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
607354668ec207dc6ed8b482aeed8946b3e9b1dbd758b059d60ba8293452900d

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-f4cd"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
menufication.min.css
www.nordan.no/wp-content/plugins/menufication/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/plugins/menufication/css/menufication.min.css?ver=5.3.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
749294db041df1d90aa9e5a8b2d7ab4f7c414cbb1d103167cca7bf9fb3a3c906

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 13:55:44 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc3960-6872"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
jquery.js
www.nordan.no/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://www.nordan.no/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 12:51:07 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc2a3b-17a69"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery-migrate.min.js
www.nordan.no/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://www.nordan.no/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 12:51:06 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc2a3a-2748"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery.menufication.min.js
www.nordan.no/wp-content/plugins/menufication/js/
13 KB
4 KB
Script
General
Full URL
https://www.nordan.no/wp-content/plugins/menufication/js/jquery.menufication.min.js?ver=5.3.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
99ed95ca7b2440659e8fa1eb0f53496047c9be3c818272ba5b66d61ceb66539b

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 13:55:44 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc3960-329a"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
menufication-setup.js
www.nordan.no/wp-content/plugins/menufication/js/
4 KB
1 KB
Script
General
Full URL
https://www.nordan.no/wp-content/plugins/menufication/js/menufication-setup.js?ver=5.3.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
3cbab24d816ac9bc6729b97be5ffcd5364d8b7d27e95b6304de0f33928fd08a2

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 13:55:44 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc3960-e04"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
no.png
www.nordan.no/wp-content/themes/nordan/images/
2 KB
2 KB
Image
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/images/no.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
2c735fb2682011091eb1bad97e5dd1d273818f7d63f3c5d7c60cb6b790b6b02c

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dbc3b41-6f4"
Last-Modified
Fri, 01 Nov 2019 14:03:45 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1780
se.png
www.nordan.no/wp-content/themes/nordan/images/
1 KB
2 KB
Image
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/images/se.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
1153fc9a5aabf241c28d2eb084ff2c1e472da314bb4e5fa7f28e964fd3c4d441

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dbc3b41-543"
Last-Modified
Fri, 01 Nov 2019 14:03:45 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1347
gb.png
www.nordan.no/wp-content/themes/nordan/images/
4 KB
4 KB
Image
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/images/gb.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
d70709694931e9f31952710ce763332eec27b9b1703b468310c5dd8f8f05f4cd

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dbc3b41-ecf"
Last-Modified
Fri, 01 Nov 2019 14:03:45 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3791
logo.gif
www.nordan.no/wp-content/uploads/2019/08/
4 KB
4 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/08/logo.gif
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
1e20f480e69af7028483cf7083491f5b8f3dcbb806f0d61e6af85ea66b89bf62

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5d8b9afe-1087"
Last-Modified
Wed, 25 Sep 2019 16:51:10 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4231
NorDan_NTech_Sikkerhetsvindu_sort-600x600.jpg
www.nordan.no/wp-content/uploads/2019/11/
10 KB
10 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/11/NorDan_NTech_Sikkerhetsvindu_sort-600x600.jpg
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
001347536d08e9dc3b73bc7d5431126b7a6ec23f59e06ffc3ccddc7ddb01f63e

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dd7a968-28bc"
Last-Modified
Fri, 22 Nov 2019 09:24:56 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10428
60-e1571662692890.png
www.nordan.no/wp-content/uploads/2019/09/
5 KB
5 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/60-e1571662692890.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
7f9b5eace520955f3775a4e3a47ee2176cc74f90112177b029790f0711d56351

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dadab6a-14a9"
Last-Modified
Mon, 21 Oct 2019 12:58:18 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5289
30-e1571662788500.png
www.nordan.no/wp-content/uploads/2019/09/
4 KB
4 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/30-e1571662788500.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
526d3a87b445a454a76a96805c7b83a5fbe3f68d5f0e3499005f86d8cc9fd81a

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dadabcb-107f"
Last-Modified
Mon, 21 Oct 2019 12:59:55 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4223
maling-1024x1024.png
www.nordan.no/wp-content/uploads/2019/10/
10 KB
10 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/10/maling-1024x1024.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
d8fca70103aa53d45b92fb2a488e17fece28fad686a149d637c4381308c68048

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5db6fd2a-2858"
Last-Modified
Mon, 28 Oct 2019 14:37:30 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10328
5-e1571662795471.png
www.nordan.no/wp-content/uploads/2019/09/
4 KB
4 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/5-e1571662795471.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
b075a5d2af0cf3b0eeb836cf2ae26c4bb0405ffc521a987352dec5908641bce7

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dadabd1-ed3"
Last-Modified
Mon, 21 Oct 2019 13:00:01 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3795
40-e1571662805803.png
www.nordan.no/wp-content/uploads/2019/09/
5 KB
5 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/40-e1571662805803.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
3b3e4ca585467295761ba6702aab9946c5fb95990ec623c3fa1e385b2a7fc2ce

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dadabdc-1391"
Last-Modified
Mon, 21 Oct 2019 13:00:12 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5009
20-e1571662831449.png
www.nordan.no/wp-content/uploads/2019/09/
4 KB
4 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/20-e1571662831449.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
c8ab3b5db77b7aa497935c0c71c8ad6e5a6dee85a2f92f9d7d3bd99a520b40cd

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dadabf4-f0a"
Last-Modified
Mon, 21 Oct 2019 13:00:36 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3850
NTech-Collection-Passiv.20160711085755770-1-1024x529.jpg
www.nordan.no/wp-content/uploads/2019/09/
28 KB
29 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/NTech-Collection-Passiv.20160711085755770-1-1024x529.jpg
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
b22ca787d077144fd8907d105bfd74ce302388b69185241022a3a01ffae812cb

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5d8bb4a8-71af"
Last-Modified
Wed, 25 Sep 2019 18:40:40 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29103
miljoikoner-768x240.png
www.nordan.no/wp-content/uploads/2019/09/
11 KB
11 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/miljoikoner-768x240.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
b6881c81d859d3884e10c547b052a07d579b9891bec2c6cc52a839673dc5920a

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5d8b5647-2a15"
Last-Modified
Wed, 25 Sep 2019 11:57:59 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10773
AAA_NorDan.png
www.nordan.no/wp-content/themes/nordan/images/
25 KB
25 KB
Image
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/images/AAA_NorDan.png
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
ebf52bc4900d94d89e930a263c2d356ffdbb06e23b7ca1d7a67d83953a4271d5

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dbc3b41-62ee"
Last-Modified
Fri, 01 Nov 2019 14:03:45 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25326
block.css
www.nordan.no/wp-content/themes/nordan/blocks/contentblock/
1 KB
687 B
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/blocks/contentblock/block.css?ver=0.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
a113e984fd46d21bd3c4d0b8a5dab1246cd60351f470f760d5c4088e27159206

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 14:03:41 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc3b3d-417"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
block.css
www.nordan.no/wp-content/themes/nordan/blocks/linklist/
1 KB
668 B
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/blocks/linklist/block.css?ver=0.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
64cdfbe7fb7359c956d72dedbe6377209d12747df29da650328cafe1ec85a3a5

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 14:03:41 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc3b3d-48c"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
jquery.blockUI.min.js
www.nordan.no/wp-content/plugins/woocommerce/assets/js/jquery-blockui/
9 KB
4 KB
Script
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-255e"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
add-to-cart.min.js
www.nordan.no/wp-content/plugins/woocommerce/assets/js/frontend/
3 KB
1 KB
Script
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-abe"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
js.cookie.min.js
www.nordan.no/wp-content/plugins/woocommerce/assets/js/js-cookie/
2 KB
1 KB
Script
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-736"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
woocommerce.min.js
www.nordan.no/wp-content/plugins/woocommerce/assets/js/frontend/
1 KB
933 B
Script
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-5c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
cart-fragments.min.js
www.nordan.no/wp-content/plugins/woocommerce/assets/js/frontend/
3 KB
1 KB
Script
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-b7c"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
wp-embed.min.js
www.nordan.no/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://www.nordan.no/wp-includes/js/wp-embed.min.js?ver=5.3.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 08:04:08 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dcbb8f8-577"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/
84 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 11:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2308050
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30089
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 11:33:06 GMT
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@2/src/
2 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 18 Dec 2019 04:40:36 GMT
content-length
1062
x-served-by
cache-ams21021-AMS, cache-hhn4049-HHN
etag
W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
imagesloaded.pkgd.min.js
npmcdn.com/imagesloaded@4.1.4/
Redirect Chain
  • https://npmcdn.com/imagesloaded@4.1/imagesloaded.pkgd.min.js
  • https://npmcdn.com/imagesloaded@4.1.4/imagesloaded.pkgd.min.js
5 KB
2 KB
Script
General
Full URL
https://npmcdn.com/imagesloaded@4.1.4/imagesloaded.pkgd.min.js
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bcb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1816629
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 02 Jan 2018 16:53:35 GMT
server
cloudflare
etag
W/"15da-bT4RF04iZo5p3yNuXEVCFo98v+w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
767c01229349fd8ac32d8692a95bf59d
cache-control
public, max-age=31536000
cf-ray
546e75ac1b81cba4-VIE

Redirect headers

date
Wed, 18 Dec 2019 04:40:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
324
status
302
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
66
server
cloudflare
location
/imagesloaded@4.1.4/imagesloaded.pkgd.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
cea46d16c87f283af2ccf156a5d82c03
cache-control
public, max-age=14400, s-maxage=600
cf-ray
546e75abeb40cba4-VIE
isotope.pkgd.min.js
www.nordan.no/wp-content/themes/nordan/js/
35 KB
10 KB
Script
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/js/isotope.pkgd.min.js?1572617025
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Nov 2019 14:03:45 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dbc3b41-8a75"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
42 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 18 Dec 2019 04:40:36 GMT
content-length
10434
x-served-by
cache-ams21034-AMS, cache-hhn4049-HHN
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
2 KB
666 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 18 Dec 2019 04:40:36 GMT
content-length
569
x-served-by
cache-ams21050-AMS, cache-hhn4049-HHN
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 18 Dec 2019 04:40:36 GMT
content-length
3096
x-served-by
cache-ams21041-AMS, cache-hhn4049-HHN
jsd-meta
1552332242788, 4824be05419a, pr, /0/2019-03-11/19-15-59.138Z-WyJHaXRIdWIiLCJmYW5jeWFwcHMvZmFuY3lib3giLCIvZGlzdC9qcXVlcnkuZmFuY3lib3gubWluLmNzcyIsIjMuNS43Il0=, 0
etag
W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/
67 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
content-encoding
br
cf-cache-status
HIT
age
21277322
cf-ray
546e75ac1b5bcba0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Mon, 11 Mar 2019 19:30:51 GMT
server
cloudflare
etag
W/"5c86b76b-10a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 07 Dec 2020 04:40:36 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
conversion.js
www.googleadservices.com/pagead/
25 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1e7f38ad3228c18e42d333db1c37196568540a54143a158af008393e2a7a5217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9872
x-xss-protection
0
server
cafe
etag
10799607792090409869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 18 Dec 2019 04:40:36 GMT
3a7c54
hello.myfonts.net/count/
0
169 B
Stylesheet
General
Full URL
https://hello.myfonts.net/count/3a7c54
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.2 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (ama/8AEA) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
last-modified
Sun, 09 Jun 2019 10:41:28 GMT
server
ECAcc (ama/8AEA)
access-control-allow-origin
*
etag
"3102885117+gzip+ident"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
no-cache
content-length
0
expires
Wed, 18 Dec 2019 04:40:35 GMT
wp-emoji-release.min.js
www.nordan.no/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://www.nordan.no/wp-includes/js/wp-emoji-release.min.js?ver=5.3.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 08:04:08 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5dcbb8f8-362a"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
woocommerce-smallscreen.css
www.nordan.no/wp-content/plugins/woocommerce/assets/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.8.1
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 08:34:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5ddf86a8-1a66"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
style.css
www.nordan.no/wp-content/themes/nordan/
38 KB
8 KB
Stylesheet
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/style.css
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
2d65685aa3a7a2e638ab77491045b8c58efded2a51102474ffd3801845f50662

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Dec 2019 10:17:27 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5de8d937-97b8"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971330138/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971330138/?random=1576644036544&cv=9&fst=1576644036544&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nordan.no%2F&tiba=NorDan&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
eaacf9883faaeedd5c7324d9c7df8c8e4448cabd8eca32a4adb91ede19f84c79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
961
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d7.js
tb.de17a.com/
17 KB
6 KB
Script
General
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.customer.teliacarrier.com
Software
nginx/1.10.1 /
Resource Hash
d724c178eb1f778c4c9211d716816624f4555232e7baa599f02fb54bf202e070

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 06:55:38 GMT
server
nginx/1.10.1
etag
W/"PUxp0GJA7ewPUxouPX3dm8--gzip"
vary
Accept-Encoding, User-Agent
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
status
200
cache-control
must-revalidate, private
content-type
application/javascript
content-length
6264
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46632043-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
419
date
Wed, 18 Dec 2019 04:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 18 Dec 2019 06:33:37 GMT
/
www.nordan.no/
224 B
709 B
XHR
General
Full URL
https://www.nordan.no/?wc-ajax=get_refreshed_fragments
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PHP/7.1.33, PleskLin
Resource Hash
a8cdd779263ec1d1d601f77ea1ddf7d6b3d31a4139a4c74806707cc9d74188f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.nordan.no/
Origin
https://www.nordan.no
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 18 Dec 2019 04:40:37 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/7.1.33, PleskLin
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.nordan.no
Cache-Control
no-transform, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex
Expires
Wed, 11 Jan 1984 05:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2083105852&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nordan.no%2F&ul=en-us&de=UTF-8&dt=NorDan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_gid=626915230.1576644037&gjid=1533287023&_v=j79&z=822275182
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_v=j79&z=822275182
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_v=j79&z=822275182&slf_rd=1&random=4147509966
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_v=j79&z=822275182&slf_rd=1&random=4147509966
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:36 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46632043-1&cid=1193812992.1576644037&jid=279554959&_v=j79&z=822275182&slf_rd=1&random=4147509966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/971330138/
42 B
167 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/971330138/?random=1576644036544&cv=9&fst=1576641600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.nordan.no%2F&tiba=NorDan&fmt=3&is_vtc=1&random=1107328901&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:36 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/971330138/
42 B
156 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/971330138/?random=1576644036544&cv=9&fst=1576641600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.nordan.no%2F&tiba=NorDan&fmt=3&is_vtc=1&random=1107328901&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.nordan.no
URL: https://www.nordan.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:36 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
parallax.min.js
www.nordan.no/wp-content/themes/nordan/js/
7 KB
3 KB
XHR
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/js/parallax.min.js?1569399928&_=1576644036481
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
261aaa72df6476ca604b9142d56d5ffdc04e91d0e858c577796854d7872ace86

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.nordan.no/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Content-Encoding
gzip
ETag
W/"5dbc3b41-1ad0"
Last-Modified
Fri, 01 Nov 2019 14:03:45 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
nordan_kundeservice.jpg
www.nordan.no/wp-content/uploads/2019/11/
43 KB
43 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/11/nordan_kundeservice.jpg
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
6a016f74b5b2e366316b2f3206c9625b2e23441af782e5fb193390675826644f

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dc3db22-aa29"
Last-Modified
Thu, 07 Nov 2019 08:51:46 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43561
NorDan_dor.png
www.nordan.no/wp-content/uploads/2019/10/
36 KB
36 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/10/NorDan_dor.png
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
39d9fd248693c763b428c8fe163bb42b451c622af123adde879067ad478083c4

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dbafd42-8eb9"
Last-Modified
Thu, 31 Oct 2019 15:26:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36537
NorDan_kampanje.png
www.nordan.no/wp-content/uploads/2019/10/
50 KB
51 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/10/NorDan_kampanje.png
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
e06600ef0b3bfdfb8414fe9a1504dafd9f56e226c7cb77aafb0b92013d692115

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dbc0fc3-c937"
Last-Modified
Fri, 01 Nov 2019 10:58:11 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51511
NorDan_brosjyrer.jpg
www.nordan.no/wp-content/uploads/2019/11/
101 KB
101 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/11/NorDan_brosjyrer.jpg
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
1332e6aafd7141510f1cd8430e69e1c5e6af2e58de33e5e2be9cb272c203f613

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dc3daf2-1926a"
Last-Modified
Thu, 07 Nov 2019 08:50:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103018
3A7C54_5_0.woff2
www.nordan.no/wp-content/themes/nordan/webfonts/
23 KB
24 KB
Font
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/webfonts/3A7C54_5_0.woff2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
2b8b45a0989aa780ffc32b541f5fe7ae92696604369a47bcfd6512f44be33d37

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nordan.no/wp-content/themes/nordan/MyFontsWebfontsKit.css?1572617025
Origin
https://www.nordan.no

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dc00817-5d78"
Last-Modified
Mon, 04 Nov 2019 11:14:31 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23928
fa-light-300.woff2
pro.fontawesome.com/releases/v5.10.1/webfonts/
161 KB
161 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.10.1/webfonts/fa-light-300.woff2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pro.fontawesome.com/releases/v5.10.1/css/all.css
Origin
https://www.nordan.no

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
last-modified
Fri, 02 Aug 2019 20:00:26 GMT
access-control-allow-origin
*
etag
"50ef43c2ffd372ce035948a55ffcea13"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
accept-ranges
bytes
content-length
164724
x-hw
1576644036.cds001.wa1.hn,1576644036.cds006.wa1.c
3A7C54_6_0.woff2
www.nordan.no/wp-content/themes/nordan/webfonts/
26 KB
26 KB
Font
General
Full URL
https://www.nordan.no/wp-content/themes/nordan/webfonts/3A7C54_6_0.woff2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
30c05e63740195f6d2496f4839f5ec79aef7eb4070843dd497ef517c26b9048b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nordan.no/wp-content/themes/nordan/MyFontsWebfontsKit.css?1572617025
Origin
https://www.nordan.no

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dc00817-66bb"
Last-Modified
Mon, 04 Nov 2019 11:14:31 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26299
fa-brands-400.woff2
pro.fontawesome.com/releases/v5.10.1/webfonts/
73 KB
73 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.10.1/webfonts/fa-brands-400.woff2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pro.fontawesome.com/releases/v5.10.1/css/all.css
Origin
https://www.nordan.no

Response headers

date
Wed, 18 Dec 2019 04:40:36 GMT
last-modified
Fri, 02 Aug 2019 20:00:00 GMT
access-control-allow-origin
*
etag
"8cce9d0aa5cffeee10f5aafcdf6723be"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
accept-ranges
bytes
content-length
74652
x-hw
1576644036.cds001.wa1.hn,1576644036.cds007.wa1.c
checkUid
tb.de17a.com/api/ Frame 2432
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
61 B
214 B
Script
General
Full URL
https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.customer.teliacarrier.com
Software
nginx/1.10.1 /
Resource Hash
967878d12b41d525621e639d28e7297f974beef76e80ba2a8ca5dc76096f1f85

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 18 Dec 2019 04:40:36 GMT
server
nginx/1.10.1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
61
content-type
application/json

Redirect headers

status
307
date
Wed, 18 Dec 2019 04:40:36 GMT
server
nginx/1.10.1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
0
location
https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
expires
Thu, 01 Jan 1970 00:00:00 GMT
nordan_ingebrigtsen.jpg
www.nordan.no/wp-content/uploads/2019/11/
223 KB
223 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/11/nordan_ingebrigtsen.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
e026027cbb5c4c06ac96e1c192404e4e98936edc814a1b2884f21d0c34196309

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5dd63ecd-37c25"
Last-Modified
Thu, 21 Nov 2019 07:37:49 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
228389
GettyImages-916985724-1.jpg
www.nordan.no/wp-content/uploads/2019/09/
162 KB
163 KB
Image
General
Full URL
https://www.nordan.no/wp-content/uploads/2019/09/GettyImages-916985724-1.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.54.2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www1.mr-5.de
Software
nginx / PleskLin
Resource Hash
fd08857d01aa03cc5e651f62ce850b0b5ac747973f5c3220bbefdb151d8abb24

Request headers

Referer
https://www.nordan.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
ETag
"5d8bb49c-2898c"
Last-Modified
Wed, 25 Sep 2019 18:40:28 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
166284
pageView
tb.de17a.com/api/ Frame 07D5
3 KB
3 KB
Script
General
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nordan.no%2F%22%2C%22title%22%3A%22NorDan%22%2C%22trackingAccountId%22%3A%226174%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.customer.teliacarrier.com
Software
nginx/1.10.1 /
Resource Hash
cb6c6485b480a9ad48d61c34dc4ee839457a16f1ced59ca4b136197338b4dc37

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 18 Dec 2019 04:40:36 GMT
server
nginx/1.10.1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
3390
content-type
application/json
tap.php
pixel.rubiconproject.com/ Frame E58C
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=3545189753303135494&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
google
d5p.de17a.com/cookies/ Frame E58C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc=
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFLP_a2_F55EE0o8hIb0hRo&google_cver=1&google_ula=668382,0
35 B
175 B
Image
General
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEFLP_a2_F55EE0o8hIb0hRo&google_cver=1&google_ula=668382,0
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.182 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-182.customer.teliacarrier.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
close
Content-Type
image/gif
Content-Length
35
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:36 GMT
server
HTTP server (unknown)
location
https://d5p.de17a.com/cookies/google?google_gid=CAESEFLP_a2_F55EE0o8hIb0hRo&google_cver=1&google_ula=668382,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E58C
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=536878327&val=3545189753303135494
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=3545189753303135494
43 B
183 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=3545189753303135494
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.171.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:36 GMT
via
1.1 google
server
OXGW/16.171.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 18 Dec 2019 04:40:36 GMT
via
1.1 google
server
OXGW/16.171.0
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=3545189753303135494
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
content-length
0
appnexus
d5p.de17a.com/setuid/ Frame E58C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=2709148349233338424
35 B
175 B
Image
General
Full URL
https://d5p.de17a.com/setuid/appnexus?anxs_uid=2709148349233338424
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.182 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-182.customer.teliacarrier.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
close
Content-Type
image/gif
Content-Length
35
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

Pragma
no-cache
Date
Wed, 18 Dec 2019 04:40:38 GMT
AN-X-Request-Uuid
e99712c0-7f16-4d2c-b5c3-684adb216aa7
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://d5p.de17a.com/setuid/appnexus?anxs_uid=2709148349233338424
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.205:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UserMatch.ashx
atemda.com/ Frame E58C
43 B
2 KB
Image
General
Full URL
https://atemda.com/UserMatch.ashx?bidderid=18&bidderuid=3545189753303135494&expiration=1579236036
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.36.253.28 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:37 GMT
Access-Control-Allow-Methods
GET
P3P
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Headers
Content-Type
Content-Length
43
Expires
Wed, 18 Dec 2019 04:40:37 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E58C
42 B
949 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=3545189753303135494
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Dec 2019 04:40:36 GMT
X-lat
Pug23022:0:302
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
image/gif; charset=utf-8
Content-Length
42
match
ad.360yield.com/ul_cb/ Frame E58C
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=3545189753303135494&expiration=1579236036
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3545189753303135494&expiration=1579236036
43 B
392 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3545189753303135494&expiration=1579236036
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 18 Dec 2019 04:40:36 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 18 Dec 2019 04:40:36 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=61&external_user_id=3545189753303135494&expiration=1579236036
content-type
text/plain
partner
sync.search.spotxchange.com/ Frame E58C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3545189753303135494&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3545189753303135494&img=1&__user_check__=1&sync_id=89167d5f-2150-11ea-ba19-1ab0ad8d1b06
43 B
525 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3545189753303135494&img=1&__user_check__=1&sync_id=89167d5f-2150-11ea-ba19-1ab0ad8d1b06
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
23
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
/partner?adv_id=7326&uid=3545189753303135494&img=1&__user_check__=1&sync_id=89167d5f-2150-11ea-ba19-1ab0ad8d1b06
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
105
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55955/ Frame E58C
0
124 B
Image
General
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=3545189753303135494&_origin=1
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.138.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-138-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 18 Dec 2019 04:40:36 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
idsync
soma.smaato.net/oapi/ Frame E58C
35 B
270 B
Image
General
Full URL
https://soma.smaato.net/oapi/idsync?redirect=https%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fsmaato%3FpartnerId%3DSomaCookieUserId%26deltaInitiated%3D1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.253.131 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-253-131.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:36 GMT
Last-Modified
Mon, 16 Dec 2019 06:05:22 GMT
Server
SOMA
ETag
W/"35-1576476322000"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
sync
pixel.advertising.com/ups/55955/ Frame E58C
0
124 B
Image
General
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=3545189753303135494&_origin=1&gdpr=&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.138.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-138-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 18 Dec 2019 04:40:36 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ad.sxp.smartclip.net/ Frame E58C
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1
  • https://d5p.de17a.com/getuid/smartclip?uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c
  • https://d5p.de17a.com/getuid/smartclip;c?uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3802100773343858630&uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c
42 B
718 B
Image
General
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3802100773343858630&uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.120.224 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-120-224.eu-west-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 04:40:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3802100773343858630&uuid=8ccd0eca-9c96-423d-8467-9beb4f52201c
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Connection
close
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame E58C
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=3545189753303135494&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3545189753303135494&expires=30
43 B
379 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3545189753303135494&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.87.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-87-45.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 18 Dec 2019 04:40:37 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 18 Dec 2019 04:40:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3545189753303135494&expires=30
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
dmp.adform.net/serving/cookie/ Frame E58C
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=3545189753303135494
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3545189753303135494
35 B
187 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3545189753303135494
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:37 GMT
server
nginx
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 18 Dec 2019 04:40:37 GMT
server
nginx
access-control-allow-origin
*
location
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3545189753303135494
status
302
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
3545189753303135494
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame E58C
0
279 B
Image
General
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/delta/3545189753303135494
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.85 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-43-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 04:40:37 GMT
server
nginx
access-control-allow-origin
*
allow
GET
p3p
CP="CUR IVDo OUR IND"
status
200
cache-control
no-store, no-transform
access-control-allow-credentials
true
content-type
text/html
content-length
0
rum
dsum.casalemedia.com/ Frame E58C
Redirect Chain
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3545189753303135494&expiration=1579236036
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3545189753303135494&expiration=1579236036&C=1
43 B
872 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3545189753303135494&expiration=1579236036&C=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Dec 2019 04:40:37 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Dec 2019 04:40:37 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Dec 2019 04:40:37 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3545189753303135494&expiration=1579236036&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Wed, 18 Dec 2019 04:40:37 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer object| _wpemojiSettings function| $ function| jQuery object| wp_menufication object| MENUFICATION_INSTANCE string| c object| wc_add_to_cart_params function| Cookies object| woocommerce_params object| wc_cart_fragments_params object| wp function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url object| _d7 function| gtag string| GoogleAnalyticsObject function| ga object| jQuery1124047227468531858574 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twemoji function| La boolean| K

3 Cookies

Domain/Path Name / Value
.nordan.no/ Name: _gat_gtag_UA_46632043_1
Value: 1
.nordan.no/ Name: _gid
Value: GA1.2.626915230.1576644037
.nordan.no/ Name: _ga
Value: GA1.2.1193812992.1576644037

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.nordan.no/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.sxp.smartclip.net
ajax.googleapis.com
atemda.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
googleads.g.doubleclick.net
hello.myfonts.net
ib.adnxs.com
image2.pubmatic.com
npmcdn.com
pixel.advertising.com
pixel.rubiconproject.com
pro.fontawesome.com
soma.smaato.net
stats.g.doubleclick.net
sync.search.spotxchange.com
tb.de17a.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nordan.no
x.bidswitch.net
138.201.54.2
151.139.128.10
152.199.21.2
172.217.21.194
185.64.190.80
185.94.180.126
2.18.234.21
20.36.253.28
213.155.156.182
213.155.156.188
2606:4700:20::681a:bcb
2606:4700::6811:4104
2a00:1450:4001:808::2002
2a00:1450:4001:814::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2008
2a00:1450:4001:824::2003
2a00:1450:400c:c00::9d
2a04:4e42:1b::621
34.252.253.131
34.95.120.147
37.157.6.251
37.252.173.22
52.210.120.224
52.29.14.143
52.48.43.85
52.58.87.45
52.59.138.183
69.173.144.136
001347536d08e9dc3b73bc7d5431126b7a6ec23f59e06ffc3ccddc7ddb01f63e
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1153fc9a5aabf241c28d2eb084ff2c1e472da314bb4e5fa7f28e964fd3c4d441
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
1332e6aafd7141510f1cd8430e69e1c5e6af2e58de33e5e2be9cb272c203f613
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e20f480e69af7028483cf7083491f5b8f3dcbb806f0d61e6af85ea66b89bf62
1e7f38ad3228c18e42d333db1c37196568540a54143a158af008393e2a7a5217
261aaa72df6476ca604b9142d56d5ffdc04e91d0e858c577796854d7872ace86
2b8b45a0989aa780ffc32b541f5fe7ae92696604369a47bcfd6512f44be33d37
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
2c735fb2682011091eb1bad97e5dd1d273818f7d63f3c5d7c60cb6b790b6b02c
2d65685aa3a7a2e638ab77491045b8c58efded2a51102474ffd3801845f50662
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972
30c05e63740195f6d2496f4839f5ec79aef7eb4070843dd497ef517c26b9048b
32816185b7bd8432fae66516400eb86dcf5b85d291e97c4a7a945a40c024cb76
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
39d9fd248693c763b428c8fe163bb42b451c622af123adde879067ad478083c4
3b3e4ca585467295761ba6702aab9946c5fb95990ec623c3fa1e385b2a7fc2ce
3cbab24d816ac9bc6729b97be5ffcd5364d8b7d27e95b6304de0f33928fd08a2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
526d3a87b445a454a76a96805c7b83a5fbe3f68d5f0e3499005f86d8cc9fd81a
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
607354668ec207dc6ed8b482aeed8946b3e9b1dbd758b059d60ba8293452900d
64cdfbe7fb7359c956d72dedbe6377209d12747df29da650328cafe1ec85a3a5
6898520a59d1db8bba2c6450e7c86ffc46e9b960db395d437958a1a8cc6fdcad
6a016f74b5b2e366316b2f3206c9625b2e23441af782e5fb193390675826644f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
749294db041df1d90aa9e5a8b2d7ab4f7c414cbb1d103167cca7bf9fb3a3c906
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98
7f9b5eace520955f3775a4e3a47ee2176cc74f90112177b029790f0711d56351
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
967878d12b41d525621e639d28e7297f974beef76e80ba2a8ca5dc76096f1f85
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
99ed95ca7b2440659e8fa1eb0f53496047c9be3c818272ba5b66d61ceb66539b
a113e984fd46d21bd3c4d0b8a5dab1246cd60351f470f760d5c4088e27159206
a8cdd779263ec1d1d601f77ea1ddf7d6b3d31a4139a4c74806707cc9d74188f0
b075a5d2af0cf3b0eeb836cf2ae26c4bb0405ffc521a987352dec5908641bce7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22ca787d077144fd8907d105bfd74ce302388b69185241022a3a01ffae812cb
b6881c81d859d3884e10c547b052a07d579b9891bec2c6cc52a839673dc5920a
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
c8ab3b5db77b7aa497935c0c71c8ad6e5a6dee85a2f92f9d7d3bd99a520b40cd
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cb6c6485b480a9ad48d61c34dc4ee839457a16f1ced59ca4b136197338b4dc37
d70709694931e9f31952710ce763332eec27b9b1703b468310c5dd8f8f05f4cd
d724c178eb1f778c4c9211d716816624f4555232e7baa599f02fb54bf202e070
d8fca70103aa53d45b92fb2a488e17fece28fad686a149d637c4381308c68048
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e026027cbb5c4c06ac96e1c192404e4e98936edc814a1b2884f21d0c34196309
e06600ef0b3bfdfb8414fe9a1504dafd9f56e226c7cb77aafb0b92013d692115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e64100e08c53608c5bb9b424b788a4376a09706ad0bbce0d8fb75622952a5960
e68fbb37cf35e176f2c01104d93b7cc5784488d9d134cdb90a77ac06c0d8e0fb
eaacf9883faaeedd5c7324d9c7df8c8e4448cabd8eca32a4adb91ede19f84c79
ebf52bc4900d94d89e930a263c2d356ffdbb06e23b7ca1d7a67d83953a4271d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2
fd08857d01aa03cc5e651f62ce850b0b5ac747973f5c3220bbefdb151d8abb24