proff.no Open in urlscan Pro
13.50.22.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://proff.no/
Effective URL:
https://proff.no/
Submission: On May 31 via manual (May 31st 2022, 7:33:04 am UTC) from NO — Scanned from NO

Summary HTTP 73 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 23 domains to perform 73 HTTP transactions. The main IP is 13.50.22.65, located in Stockholm, Sweden and belongs to AMAZON-02, US. The main domain is proff.no. The Cisco Umbrella rank of the primary domain is 522391.
TLS certificate: Issued by Amazon on May 11th 2022. Valid for: a year.

This is the only time proff.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	13.50.22.65 13.50.22.65	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
1 8	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
4	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	65.9.63.49 65.9.63.49	16509 (AMAZON-02) (AMAZON-02)
4	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.140.157 74.125.140.157	15169 (GOOGLE) (GOOGLE)
1	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	65.9.63.104 65.9.63.104	16509 (AMAZON-02) (AMAZON-02)
1 3	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	195.181.175.48 195.181.175.48	60068 (CDN77 ^_^) (CDN77 ^_^)
1	99.86.4.78 99.86.4.78	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	63.35.168.36 63.35.168.36	16509 (AMAZON-02) (AMAZON-02)
2 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	3.122.49.139 3.122.49.139	16509 (AMAZON-02) (AMAZON-02)
1	65.9.63.50 65.9.63.50	16509 (AMAZON-02) (AMAZON-02)
2	213.155.156.188 213.155.156.188	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1	54.93.174.143 54.93.174.143	16509 (AMAZON-02) (AMAZON-02)
1	185.59.220.17 185.59.220.17	60068 (CDN77 ^_^) (CDN77 ^_^)
73	30

17 13.50.22.65 (Stockholm, Sweden) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com

proff.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.proff.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.proff.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

hb.adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.63.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-49.fra56.r.cloudfront.net

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-104.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.185 (Uppsala, Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.175.48 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-47.cdn77.com

cdn.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-78.fra6.r.cloudfront.net

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.168.36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-168-36.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Utrecht, Netherlands) 2 redirects

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.49.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-49-139.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-50.fra56.r.cloudfront.net

sync.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.188 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com

sting.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.174.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-174-143.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-10.cdn77.com

sting-cdn.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	proff.no 1 redirects proff.no — Cisco Umbrella Rank: 522391 stats.proff.no www.proff.no — Cisco Umbrella Rank: 635989	312 KB
13	adform.net 1 redirects hb.adx.adform.net s1.adform.net — Cisco Umbrella Rank: 8543 adx.adform.net — Cisco Umbrella Rank: 4055 dmp.adform.net — Cisco Umbrella Rank: 4252	609 KB
8	de17a.com 1 redirects d5p.de17a.com — Cisco Umbrella Rank: 4853 cdn.de17a.com sting.de17a.com — Cisco Umbrella Rank: 448705 sting-cdn.de17a.com — Cisco Umbrella Rank: 520844	252 KB
8	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2050 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5486 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9861	275 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	498 KB
4	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1177	4 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	25 KB
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 460	581 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 492	1 KB
2	casalemedia.com 1 redirects dsum.casalemedia.com — Cisco Umbrella Rank: 1174	2 KB
2	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 499	658 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 622	826 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	userreport.com sync.userreport.com	587 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 306	239 B
1	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2661	178 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 819	424 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 862	346 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 890	10 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	434 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 419	2 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	265 B
73	23

	Domain	Requested by
15	proff.no	1 redirects proff.no quantcast.mgr.consensu.org
7	adx.adform.net	1 redirects proff.no s1.adform.net
6	www.gstatic.com	www.google.com www.gstatic.com
6	quantcast.mgr.consensu.org	proff.no quantcast.mgr.consensu.org
4	s1.adform.net	hb.adx.adform.net proff.no
4	pixel.mathtag.com	proff.no pixel.mathtag.com
4	www.google.com	proff.no www.gstatic.com www.google.com
3	d5p.de17a.com	1 redirects proff.no d5p.de17a.com
2	sting.de17a.com	d5p.de17a.com proff.no
2	pixel.advertising.com	1 redirects d5p.de17a.com
2	ib.adnxs.com	2 redirects
2	sync.search.spotxchange.com	1 redirects d5p.de17a.com
2	dsum.casalemedia.com	1 redirects d5p.de17a.com
2	sync.1rx.io	1 redirects d5p.de17a.com
2	ad.360yield.com	1 redirects d5p.de17a.com
2	cdn.de17a.com	proff.no sting.de17a.com
2	www.google-analytics.com	proff.no
1	www.proff.no	proff.no
1	sting-cdn.de17a.com	d5p.de17a.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	fonts.gstatic.com	www.google.com
1	sync.userreport.com	d5p.de17a.com
1	dmp.adform.net	d5p.de17a.com
1	pixel.rubiconproject.com	d5p.de17a.com
1	usermatch.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	d5p.de17a.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.jsdelivr.net	s1.adform.net
1	match.adsrvr.org	proff.no
1	stats.proff.no	proff.no
1	hb.adx.adform.net	proff.no
73	34

This site contains links to these domains. Also see Links.

Domain
innsikt.proff.no
proff.se
proff.dk
proff.fi
www.proff.se
www.proff.dk
www.proff.fi
forvalt.no
windows.microsoft.com
www.google.com
www.mozilla.org
www.opera.com

Subject Issuer	Validity	Valid
proff.no Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.cmp.quantcast.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-20` - `2022-12-20`	a year	crt.sh
1072570458.rsc.cdn77.org R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
1147033924.rsc.cdn77.org R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://proff.no/
Frame ID: 44F235796195950090070F1E71B20B35
Requests: 42 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=0c866295-c4ab-4200-8138-6d7d46c61452&no_iframe=1&mt_adid=192315&source=mathtag
Frame ID: 6243F50045ADCCA961DF3AEDB587A1E0
Requests: 2 HTTP requests in this frame

Frame: https://proff.no/consent.html
Frame ID: 0F7FE3685CEE6D1B03B671DB6391405F
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/banners/scripts/adx.js
Frame ID: B685C765B9CF895BB85454A23DEEFB9A
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/banners/scripts/adx.js
Frame ID: A72751920FB41C20E3CAB84DA1C37AB8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=ntqyt6oumi45
Frame ID: B11A0ECDF1FE837DDDFB5A4CC153AB02
Requests: 8 HTTP requests in this frame

Frame: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Frame ID: 107A10DD30BAD065969AE2E0ADEAB71D
Requests: 12 HTTP requests in this frame

Frame: https://cdn.de17a.com/i6n.js?source=dogfight&override_url=https%3A%2F%2Fd5p.de17a.com%2Fcontrol-notify%2Fadform%3Fauction_id%3D2067332905_524143_1653982380224_966537369_0
Frame ID: FA4EBAF755C5A66E696B517277A6B960
Requests: 2 HTTP requests in this frame

Frame: https://sting.de17a.com/api/tags
Frame ID: A801E4810688CF0927F738977BF0BCFA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP
Frame ID: 74A278AFD444A2F422269355F0C9D431
Requests: 3 HTTP requests in this frame

Frame: https://cdn.de17a.com/i6n.js?source=sting&rid=ilexmahjiheenxxxxnmi
Frame ID: 6657615B0273ECA6F68916629758775E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proff® – Nøkkeltall, Regnskap og Roller for norske bedrifter

Page URL History Show full URLs

http://proff.no/ HTTP 301
https://proff.no/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

73
Requests

90 %
HTTPS

0 %
IPv6

23
Domains

34
Subdomains

30
IPs

8
Countries

2010 kB
Transfer

5645 kB
Size

29
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://innsikt.proff.no/kundeweb

Search URL Search Domain Scan URL

URL: https://proff.se/
Title: proff.se

Search URL Search Domain Scan URL

URL: https://proff.dk/
Title: proff.dk

Search URL Search Domain Scan URL

URL: https://proff.fi/
Title: proff.fi

Search URL Search Domain Scan URL

URL: https://www.proff.se/
Title: Proff Sverige

Search URL Search Domain Scan URL

URL: https://www.proff.dk/
Title: Proff Danmark

Search URL Search Domain Scan URL

URL: https://www.proff.fi/
Title: Proff Finland

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/proff-api/
Title: Proff® API

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/personvern/
Title: personopplysninger

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/om-proff/
Title: Om Proff®

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/samarbeidspartnere/
Title: Samarbeidspartnere

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/kilder/
Title: Kilder

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/sitemap/
Title: Nettsstedskart

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/rettigheter/
Title: Vilkår og rettigheter

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/integritetspolicy/
Title: Integritetspolicy

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/personvern
Title: Personvern - GDPR

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/hjelp-og-tips/
Title: Hjelp

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/kontakt/
Title: Ofte Stilte Spørsmål

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/om-proff/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/
Title: Bli Proff-kunde

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/markedspakker/
Title: Markedspakker

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/bedriftsovervaking/
Title: Overvåking

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/segmentering/
Title: Lister

Search URL Search Domain Scan URL

URL: https://innsikt.proff.no/produkter-og-tjenester/display/
Title: Displayannonser

Search URL Search Domain Scan URL

URL: https://forvalt.no/
Title: Proff® Forvalt

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/ie
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/browser/desktop/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: http://www.mozilla.org/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: http://www.opera.com/
Title: Opera

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://proff.no/ HTTP 301
https://proff.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982379626_8550631875285073 HTTP 302
https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982379626_8550631875285073

Request Chain 39

https://d5p.de17a.com/victory/adform?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg HTTP 302
https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg

Request Chain 46

https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=3031443901477456115&expiration=1656574380 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3031443901477456115&expiration=1656574380

Request Chain 47

https://usermatch.targeting.unrulymedia.com/usermatch/delta/3031443901477456115 HTTP 302
https://sync.1rx.io/usersync/delta/3031443901477456115 HTTP 302
https://sync.1rx.io/usersync/delta/3031443901477456115?zcc=1&cb=1653982380906

Request Chain 50

https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3031443901477456115&expiration=1656574380 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3031443901477456115&expiration=1656574380&C=1

Request Chain 51

https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3031443901477456115&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3031443901477456115&img=1&__user_check__=1&sync_id=e6382dbe-e0b3-11ec-bbfa-186cd56e0406

Request Chain 52

https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
https://d5p.de17a.com/setuid/appnexus?anxs_uid=1687537324705142997

Request Chain 53

https://pixel.advertising.com/ups/55955/sync?uid=3031443901477456115&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55955/sync?uid=3031443901477456115&_origin=1&verify=true

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
proff.no/
Redirect Chain

http://proff.no/
https://proff.no/

60 KB
18 KB

206ms
106ms

Document
text/html

13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 461271ba8a5ddd6d0452d1d7b53d7247dac6282b03c2918e61af03d55dbd7be5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-language: no-NO
content-length: 17635
content-type: text/html;charset=UTF-8
date: Tue, 31 May 2022 07:32:58 GMT

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Tue, 31 May 2022 07:32:58 GMT
Location: https://proff.no:443/
Server: awselb/2.0

GET
H2 200 roboto-fontface.css
proff.no/fonts/roboto-fontface/css/ 12 KB
1 KB 51ms
50ms Stylesheet
text/css 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/fonts/roboto-fontface/css/roboto-fontface.css
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: d03b6c530e790642376b53b015d6f3d4aaff4280d53516fb8ee0e117c1afd8bc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:28 GMT
etag: "1653989668173"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 718
expires: Tue, 31 May 2022 09:34:28 GMT

GET
H2 200 main.css
proff.no/stylesheets/css/ 291 KB
51 KB 52ms
51ms Stylesheet
text/css 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 5c1e3c8c463c7408661163e65494a1f0bfe02123044b77a266c5bb1b8f14f391

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:18 GMT
etag: "1653989658091"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 51170
expires: Tue, 31 May 2022 09:34:18 GMT

GET
H2 200 default.css
proff.no/stylesheets/css/ 20 KB
5 KB 102ms
101ms Stylesheet
text/css 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/stylesheets/css/default.css?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 22b23b9c137b0288305c383dd3c8c87bf82d5ff87966c8fbef24c5c6fece9c7e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:28 GMT
etag: "1653989668189"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 4694
expires: Tue, 31 May 2022 09:34:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 546ms
76ms Script
text/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7093
date: Tue, 31 May 2022 05:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 31 May 2022 07:34:46 GMT

GET
H2 200 4395.js Show response
hb.adx.adform.net/hb/ 17 KB
4 KB 203ms
54ms Script
application/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.adx.adform.net/hb/4395.js

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

942c52b43f6bb3b48ceec027594c2bfce6e34029cc1d485983b2f8e00c7a1034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Host
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=3600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: Tue, 31 May 2022 08:32:58 GMT

GET
H2 200 vendor.js Show response
proff.no/js/lib/ 414 KB
117 KB 102ms
101ms Script
application/javascript 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/vendor.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: fa7318c53b32446d37cec15c70bf7dbec1db5d946cf876fcc02de429233361ce

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:28 GMT
etag: "1653989668211"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 119346
expires: Tue, 31 May 2022 09:34:28 GMT

GET
H2 200 menu.js Show response
proff.no/js/lib/ 5 KB
2 KB 146ms
146ms Script
application/javascript 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/menu.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: e8b4623a433dc3d0a2f2f985e51cbd97b222ba9d66ca9b58ab8b133f4f8715bd

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:28 GMT
etag: "1653989668226"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 1736
expires: Tue, 31 May 2022 09:34:28 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 907 B
993 B 539ms
83ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=addCaptchaCb&render=explicit&hl=no

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

9842713db52e17ba6a1edde841d5eb36f94c00252d7e26c9f130d29aa0bce779

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Tue, 31 May 2022 07:32:59 GMT

GET
H2 200 search.js Show response
proff.no/js/lib/ 10 KB
3 KB 147ms
146ms Script
application/javascript 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/search.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 142cfecbbe6b0c3605072d997fe3a1d199af6f4d7a7c9408e6ecd00b2f40a6cf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:28 GMT
etag: "1653989668229"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 2915
expires: Tue, 31 May 2022 09:34:28 GMT

GET
H2 200 pa.min.js Show response
stats.proff.no/ 1 KB
2 KB 61ms
52ms Script
application/javascript 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.proff.no/pa.min.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 0085b22dee76d92814ecfc0ff69e7d83678eb40ce28565d4746e6fbfa8f0f8be

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
cache-control: max-age=86400
last-modified: Mon, 02 May 2022 12:00:54 GMT
accept-ranges: bytes
content-length: 1459
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript

GET
H2 200 analytics.js Show response
proff.no/js/lib/ 2 KB
1 KB 147ms
147ms Script
application/javascript 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/analytics.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 15ac477a33c97d1562572d037318cfb6930df1e612229377a29a1d25ffdafdbb

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:28 GMT
etag: "1653989668893"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 749
expires: Tue, 31 May 2022 09:34:28 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 2 KB
2 KB 238ms
85ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1200265&mt_adid=192315&s1=https://www.proff.no
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master cdg-pixel-x16 config:1.0.0 /
Resource Hash: 75682299734cdaa6c93141e87fbccaf7bf4052ec32679abf13209eae24eaf30b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 07:32:59 GMT
Server: MT3 4419 e1034d5 master cdg-pixel-x16 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1988
Expires: Tue, 31 May 2022 07:32:58 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/ 5 KB
2 KB 529ms
69ms Script
application/javascript 65.9.63.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/choice.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c5c7922ed40e9d4f2e4576bc8092aed89df49ab2790d5f84632cb4a97bac847

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: br
last-modified: Tue, 31 Aug 2021 13:44:14 GMT
server: AmazonS3
age: 3
etag: W/"3517e82c281f90e0212e505792a3be1d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: lGSXpZ9aJG3Q7GSpX07eftwOgfcL28xYIC_FjMt68cAyhO4uzph3qg==

GET
H2 200 prebid.4.latest.js Show response
s1.adform.net/banners/scripts/ 2 MB
527 KB 258ms
114ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/prebid.4.latest.js
Requested by: Host: hb.adx.adform.net
URL: https://hb.adx.adform.net/hb/4395.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f940358fee2cba0546b93557937fd06423a93d5534c395ef854c4470edd4b26e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 12:09:49 GMT
server: nginx
etag: W/"5f58c60d-18c2d7"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
24 KB 505ms
362ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adx.adform.net
URL: https://hb.adx.adform.net/hb/4395.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 polyfills.js Show response
proff.no/js/lib/ 18 KB
7 KB 52ms
51ms Script
application/javascript 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/js/lib/polyfills.js?v=5.1.107
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: a8d9f2a4a3ef5baf61c43ef328bc45c3279ec7334e62e50624bae12c743f90b1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:50 GMT
etag: "1653989690761"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 6465
expires: Tue, 31 May 2022 09:34:50 GMT

GET
H2 200 page_bg.png
proff.no/img/v3/ 1 KB
2 KB 51ms
51ms Image
image/png 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proff.no/img/v3/page_bg.png
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 2d7f2c49b8acf4fa9dfc186527ea2586d0634b58bb9d496e6efbee67ddb87e7a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
last-modified: Mon, 30 May 2022 21:34:50 GMT
etag: "1653989690813"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: image/png;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 1092
expires: Tue, 31 May 2022 09:34:50 GMT

GET
H2 200 sprite_general_6.png
proff.no/img/v3/ 14 KB
14 KB 51ms
51ms Image
image/png 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proff.no/img/v3/sprite_general_6.png
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: e1abbbc7891f4f485fb5b9c26fa241b6503282f8bff9ef129da09251be61755f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:35:36 GMT
etag: "1653989736342"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: image/png;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 14187
expires: Tue, 31 May 2022 09:35:36 GMT

GET
H2 200 ss-standard.woff
proff.no/fonts/ 26 KB
27 KB 52ms
52ms Font
application/font-woff 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/fonts/ss-standard.woff
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: e47e764298124c12ec246cc3f33a5ece1cf82cacbef043ea83ebe58089b40287

Request headers

Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
Origin: https://proff.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:58 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:50 GMT
etag: "1653989690826"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/font-woff;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 27083
expires: Tue, 31 May 2022 09:34:50 GMT

GET
H2 200 proffglobal-bold-webfont.woff
proff.no/fonts/ 50 KB
51 KB 52ms
52ms Font
application/font-woff 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/fonts/proffglobal-bold-webfont.woff
Requested by: Host: proff.no
URL: https://proff.no/stylesheets/css/main.css?v=5.1.107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 9c828769c82976773b3b8704e27cf5753cb3aa7f87edde89395b4a662b534aa5

Request headers

Referer: https://proff.no/stylesheets/css/main.css?v=5.1.107
Origin: https://proff.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:51 GMT
etag: "1653989691197"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: application/font-woff;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 51131
expires: Tue, 31 May 2022 09:34:51 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 6243 631 B
994 B 85ms
85ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=0c866295-c4ab-4200-8138-6d7d46c61452&no_iframe=1&mt_adid=192315&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1200265&mt_adid=192315&s1=https://www.proff.no
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master cdg-pixel-x33 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 631
Content-Type: text/html
Date: Tue, 31 May 2022 07:32:59 GMT
Expires: Tue, 31 May 2022 07:32:58 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4419 e1034d5 master cdg-pixel-x33 config:1.0.0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 233ms
75ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=k4lpo8g&ttd_tpi=1
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:32:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
524 B 181ms
95ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master cdg-pixel-x9 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 07:32:59 GMT
Server: MT3 4419 e1034d5 master cdg-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 May 2022 07:32:58 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 6243 43 B
525 B 114ms
85ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=0c866295-c4ab-4200-8138-6d7d46c61452&no_iframe=1&mt_adid=192315&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master cdg-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=0c866295-c4ab-4200-8138-6d7d46c61452&no_iframe=1&mt_adid=192315&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 07:32:59 GMT
Server: MT3 4419 e1034d5 master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 May 2022 07:32:58 GMT

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 14 KB
2 KB 462ms
51ms XHR
application/json 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/prebid.4.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33829
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-bma1668-BMA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKMxi8Iclb3cKPH12K7R5a4lq5Ty%2FP5pPk2%2FvFAsvl%2BaBA0%2BJjV2f8IAx28BU4Wo1hco1tJPY37%2FZRV7mOl4pGET4STc5cG4KKgPXceM5Bm%2B7PA5i9hLlPAIrxsbjIakKtk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 713e04d27b780b31-OSL

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 518ms
68ms XHR
text/plain 74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3244641-3&cid=27907655.1653982380&jid=2771028&gjid=1998268528&_gid=1695436669.1653982380&_u=IGBAgEADAAAAAE~&z=1244369530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 May 2022 07:33:00 GMT
content-type: text/plain
access-control-allow-origin: https://proff.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 74ms
72ms Image
image/gif 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1335439446&t=pageview&_s=1&dl=https%3A%2F%2Fproff.no%2F&ul=en-us&de=UTF-8&dt=Proff%C2%AE%20%E2%80%93%20N%C3%B8kkeltall%2C%20Regnskap%20og%20Roller%20for%20norske%20bedrifter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAD~&jid=2771028&gjid=1998268528&cid=27907655.1653982380&tid=UA-3244641-3&_gid=1695436669.1653982380&z=1581259407

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 22:20:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33165
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 512ms
64ms Script
application/javascript 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:33:00 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Jun 2022 07:33:00 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 71ms
70ms Script
text/javascript 65.9.63.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/B0t1hzyq1UTeN/proff.no/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: br
age: 47
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:37 GMT
server: AmazonS3
etag: W/"1d55b13d85c9837da884d1e8594cc025"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: FlhKAFF8PvmYbH6uq3Rg_lK20Fw-RwKUzj9AnXevnh77YfThQnOljQ==

GET
H2 200 recaptcha__no.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 364 KB
144 KB 546ms
77ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=addCaptchaCb&render=explicit&hl=no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://proff.no/
Origin: https://proff.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 07:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147066
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 07:48:16 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982379626_8550631875285073
https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982379626_8550631875285073

930 B
1 KB

53ms
53ms

Script
text/javascript

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982379626_8550631875285073

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

520fe51b41b84672285c9ed4fed7ffbb582c4634eedc19ac97ce440a06b5f97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 31 May 2022 07:32:59 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=3&pv=1&bWlkPTc0MzExMw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982379626_8550631875285073
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 consent.html Show response
proff.no/ Frame 0F7F 4 KB
2 KB 52ms
51ms Document
text/html 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proff.no/consent.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 9648602e46ca07cf53fe8ff07088110d712862147dbb4c5303d1676eb242d288

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=43200
content-encoding: gzip
content-length: 1069
content-type: text/html;charset=UTF-8
date: Tue, 31 May 2022 07:32:59 GMT
etag: "1653989678250"
expires: Tue, 31 May 2022 09:34:38 GMT
last-modified: Mon, 30 May 2022 21:34:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame B685 58 KB
24 KB 59ms
59ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 / Show response
adx.adform.net/adx/ 874 B
1 KB 54ms
54ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc3NTkwOA&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982379942_9948985018128487

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5352db7e5e1e0c6312212c24ea9d466eef550484925a279d70f955832ee8be24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:32:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 504ms
74ms XHR
application/json 65.9.63.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a

Request headers

Accept: application/json, text/plain, */*
Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 03:03:27 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 16174
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 03:03:24 GMT
server: AmazonS3
etag: W/"e357936593cc8ed65091e13f59db4400"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xmqRyYRJgA2SCg2rWNTPmpow2sQ7BqAJALIhHGnHVWqjaxMV2YL9NA==

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame A727 58 KB
24 KB 59ms
59ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:33:00 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 rules-p-B0t1hzyq1UTeN.js Show response
rules.quantcount.com/ 2 B
346 B 504ms
64ms Script
application/javascript 65.9.63.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-B0t1hzyq1UTeN.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:07:34 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
server: AmazonS3
age: 1525
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-length: 2
x-amz-cf-id: xqBHu7wA0fmSj6QBZdRbs0FAAjfpqtiB68kHUFg6FkEWNMTJWIeHXw==

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 132ms
132ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTc3Nzk5Mw&url=https%3A%2F%2Fproff.no%2F&callback=_adform_cb_1653982380192_38545634089430725

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

80a11c6c58c13377a8820345b3328d196cf48e7ed9c26b87e46dfa7b9e9e0296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:33:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B11A 43 KB
23 KB 94ms
93ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=ntqyt6oumi45

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

70173456452446a2e540861120019c764a5268481a3a8b381ee2be2892b3c41d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X2MzEYeE5gjX_oxB_Nqqlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22873
content-security-policy: script-src 'report-sample' 'nonce-X2MzEYeE5gjX_oxB_Nqqlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:33:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

adform;c Show response
d5p.de17a.com/victory/ Frame 107A
Redirect Chain

https://d5p.de17a.com/victory/adform?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIw...
https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMT...

3 KB
3 KB

49ms
49ms

Document
text/html

213.155.156.185
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.185 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-185.teliacarrier-cust.com
Software: /
Resource Hash: f68b622cea0e71c6793dd9246bc404e1fb8097847e78070c25154231b40e3269

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-length: 3075
content-type: text/html;charset=utf-8
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

content-length: 0
location: /victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 i6n.js Show response
cdn.de17a.com/ Frame FA4E 13 KB
3 KB 521ms
64ms Script
application/javascript 195.181.175.48
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.de17a.com/i6n.js?source=dogfight&override_url=https%3A%2F%2Fd5p.de17a.com%2Fcontrol-notify%2Fadform%3Fauction_id%3D2067332905_524143_1653982380224_966537369_0
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.48 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-47.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt: AcO1ry+iN1n/cQAAAA
x-accel-expires: @1653982867
date: Tue, 31 May 2022 07:33:00 GMT
content-encoding: br
etag: W/"5c6e6493-3319"
last-modified: Thu, 21 Feb 2019 08:42:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: mo/P8OHtm7M
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-cache: HIT
x-age: 113
x-77-pop: frankfurtDE

GET
H2 200 /
adx.adform.net/adx/ssp/imp/ Frame FA4E 35 B
536 B 56ms
56ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adx.adform.net/adx/ssp/imp/?data=YtautBHD0auM6E4QPfZc508zFNqAGYtMpsXh7vedAIZYUuSL8P--I24hB0jsPC58e7gEhRn-_f7S2XmHbyKJ9vb0yQuid5s20xnXp1aaBvzCCn_oGitFIltYzLOTA4HSiqWnbu-9_HJWhIkyDcRV4Z_piplJIEcMl2aR0OBaHg4oUBYfBlX6qQ2&adxvars=Lxyd4pPPWDCN72-_kKw_kUnfwmqLqEEV5v6r9lmy0q7XvhqYYLUYmbzdw2wLKIcGR6bo9Z5y60fvlXTD7WWQNsWDVvVXFwLPDv3AaBEohbWkoeK5vuZzu59k_TwzmLxMdPemEYpAKZFaTQmFxv57CIRhyCsDRRNOH-R44S87DpqjDSDHwv6R_Ajvc0bNll3IItJ9bOCGHtKLGCPAAdyP-QO8_7rsP1jj0&ord=47006

Requested by

Host: proff.no
URL: https://proff.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:33:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame B11A 51 KB
24 KB 532ms
75ms Stylesheet
text/css 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=ntqyt6oumi45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 07:17:33 GMT

GET
H2 200 recaptcha__no.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame B11A 364 KB
144 KB 603ms
147ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 07:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147066
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 07:48:16 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 509ms
65ms XHR
application/json 99.86.4.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-78.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57

Request headers

Accept: application/json, text/plain, */*
Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 03:00:52 GMT
content-encoding: br
age: 16329
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 19 May 2022 19:52:29 GMT
server: AmazonS3
etag: W/"50900028e353b5405beb46af660d5881"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: IX6ESpJaeLGXuWQu6Zw9OjFVEOp9d7q.
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA6-C1
content-type: application/json
x-amz-cf-id: 7xvtcEVqdDWdvb8rHaFe14cNF6mXE7bZZHa5_A4TlDZPeTq1NjTaLw==

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 107A 42 B
424 B 189ms
57ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=3031443901477456115
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:33:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 107A
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=3031443901477456115&expiration=1656574380
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3031443901477456115&expiration=1656574380

43 B
423 B

75ms
75ms

Image
image/gif

63.35.168.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3031443901477456115&expiration=1656574380
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: H2
Server: 63.35.168.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-168-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 07:33:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3031443901477456115&expiration=1656574380
date: Tue, 31 May 2022 07:33:00 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

3031443901477456115
sync.1rx.io/usersync/delta/ Frame 107A
Redirect Chain

https://usermatch.targeting.unrulymedia.com/usermatch/delta/3031443901477456115
https://sync.1rx.io/usersync/delta/3031443901477456115
https://sync.1rx.io/usersync/delta/3031443901477456115?zcc=1&cb=1653982380906

43 B
172 B

61ms
61ms

Image
image/gif

213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/delta/3031443901477456115?zcc=1&cb=1653982380906
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: H2
Server: 213.19.147.44 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:33:00 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 May 2022 07:33:00 GMT
server: Tengine
etag: RX21027263ce7942d1a0d52544f4877e79003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync/delta/3031443901477456115?zcc=1&cb=1653982380906
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 107A 0
239 B 295ms
66ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=3031443901477456115&expires=30
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2 200 match
dmp.adform.net/serving/cookie/ Frame 107A 35 B
469 B 174ms
54ms Image
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match?party=1124&cid=3031443901477456115

Requested by

Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:33:00 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 107A
Redirect Chain

https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3031443901477456115&expiration=1656574380
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3031443901477456115&expiration=1656574380&C=1

43 B
1004 B

94ms
92ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3031443901477456115&expiration=1656574380&C=1
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 May 2022 07:33:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 31 May 2022 07:33:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 May 2022 07:33:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3031443901477456115&expiration=1656574380&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 305
Expires: Tue, 31 May 2022 07:33:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 107A
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3031443901477456115&img=1
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3031443901477456115&img=1&__user_check__=1&sync_id=e6382dbe-e0b3-11ec-bbfa-186cd56e0406

43 B
548 B

64ms
64ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3031443901477456115&img=1&__user_check__=1&sync_id=e6382dbe-e0b3-11ec-bbfa-186cd56e0406
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 07:33:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 68
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 31 May 2022 07:33:00 GMT
Server: nginx
Location: /partner?adv_id=7326&uid=3031443901477456115&img=1&__user_check__=1&sync_id=e6382dbe-e0b3-11ec-bbfa-186cd56e0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 54
Connection: keep-alive
Content-Length: 0

GET
H2

200

appnexus
d5p.de17a.com/setuid/ Frame 107A
Redirect Chain

https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
https://d5p.de17a.com/setuid/appnexus?anxs_uid=1687537324705142997

35 B
199 B

47ms
47ms

Image
image/gif

213.155.156.185
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/setuid/appnexus?anxs_uid=1687537324705142997
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: H2
Server: 213.155.156.185 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-185.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Tue, 31 May 2022 07:33:00 GMT
X-Proxy-Origin: 178.255.148.169; 178.255.148.169; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e31576cf-f722-4f52-b56a-68daaed4f213
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://d5p.de17a.com/setuid/appnexus?anxs_uid=1687537324705142997
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

404

sync
pixel.advertising.com/ups/55955/ Frame 107A
Redirect Chain

https://pixel.advertising.com/ups/55955/sync?uid=3031443901477456115&_origin=1
https://pixel.advertising.com/ups/55955/sync?uid=3031443901477456115&_origin=1&verify=true

0
254 B

66ms
66ms

Image
text/plain

3.122.49.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55955/sync?uid=3031443901477456115&_origin=1&verify=true

Requested by

Protocol

Server

3.122.49.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-49-139.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:33:00 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55955/sync?uid=3031443901477456115&_origin=1&verify=true
date: Tue, 31 May 2022 07:33:00 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cs.gif
sync.userreport.com/ Frame 107A 43 B
587 B 521ms
66ms Image
image/gif 65.9.63.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.userreport.com/cs.gif?s=d3prj11&fk=3031443901477456115
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-50.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 25 Oct 2012 12:28:09 GMT
x-amz-version-id: null
Via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jan 2014 09:18:47 GMT
Server: AmazonS3
Age: 12482
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Date: Tue, 31 May 2022 04:43:31 GMT
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: HRuREKBkCRG6JGbgQIPcFOEWpIUeiFs-AymEhVERU_gbNYXpnPN0Og==

GET
H2 200 ctrl.js Show response
sting.de17a.com/ Frame 107A 47 KB
17 KB 172ms
48ms Script
application/javascript 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL

https://sting.de17a.com/ctrl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

213-155-156-188.teliacarrier-cust.com

Software

nginx/1.18.0 /

Resource Hash

204c8a77b6387ed0f4f572c209fd6f53b2682e863fe3271ee297c7267cecfff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:33:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 05:16:55 GMT
server: nginx/1.18.0
etag: "bbd017e2384d558"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
expires: Tue, 04 Jan 2022 15:11:06 GMT
cache-control: must-revalidate, private, max-age=0
x-proxy-cache: HIT

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 328 KB
39 KB 74ms
74ms XHR
application/json 65.9.63.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a666ce2b149381adc2a22a31fd1ddb0e813ea39b053b5360660acb70a389b04f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 03:00:40 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 16342
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 03:00:33 GMT
server: AmazonS3
etag: W/"03fcbdf73d76b974023a5e32974dca44"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: U1vctG8KBZ3owEg_OzQDscjqwLhSTqz8AtMiX9pJEgOqNLRuNJAdMA==

GET
H2 200 purposes-NO.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 26 KB
4 KB 65ms
65ms XHR
application/json 65.9.63.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/purposes-NO.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0f4aafa75c4fc075354d6304d5553666e852d274968aa256dec4cf9d2497ba5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 03:00:44 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 16338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 03:00:33 GMT
server: AmazonS3
etag: W/"41a1d012ae160b826cb0068451299129"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9bZy9cfMlWrbGA8RPwBg2geiW9nSFlmGMkKEvzdpc3XnvxeDgGbRDw==

GET
H2 200 cmp2ui-no.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 470 KB
123 KB 68ms
68ms Script
text/javascript 65.9.63.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-no.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=proff.no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d414cb2ce08a4dc9232a80cbe1abdffa0681474beed6257bac44fd9517c99a9f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 02:27:57 GMT
content-encoding: br
age: 99047
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:53 GMT
server: AmazonS3
etag: W/"345c5f67779d1bf2f68fb77385f5ac9d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: KLpk2tCKHkRkA92zuDhW7V0bwyamV1Hm5sQIs4nzkUnBXeMLRI1qEQ==

GET
DATA 200
OK truncated
/ Frame B11A 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B11A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B11A 2 KB
2 KB 84ms
83ms Image
image/png 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 563593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 31 May 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B11A 15 KB
16 KB 570ms
76ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 570380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 24 May 2023 17:06:41 GMT

POST
H2 200 tags Show response
sting.de17a.com/api/ Frame A801 2 KB
1 KB 72ms
72ms Document
text/html 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://sting.de17a.com/api/tags
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.18.0 /
Resource Hash: e23ceb92bde98de1c23424ec96437af60c0d6b0648ff71e1fe4d1fec1dfe17d7

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://d5p.de17a.com
Referer: https://d5p.de17a.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 07:33:01 GMT
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV" CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
server: nginx/1.18.0

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame B11A 102 B
204 B 91ms
91ms Other
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

4556056ae0b97237e430120fab528fdc692b0dc2af865e8bed4694dfb8cc1654

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP&co=aHR0cHM6Ly9wcm9mZi5ubzo0NDM.&hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=ntqyt6oumi45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 31 May 2022 07:33:01 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 74A2 7 KB
1 KB 93ms
92ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

0d7cf54bb1da049a31dab60e6f2ae4ae1bb42023a5ac6b884ce4fe25bb1eddcf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5XQV8r6ZpdUf5dStfg1DlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://proff.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-5XQV8r6ZpdUf5dStfg1DlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:33:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 i6n.js Show response
cdn.de17a.com/ Frame 6657 13 KB
3 KB 75ms
75ms Script
application/javascript 195.181.175.48
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.de17a.com/i6n.js?source=sting&rid=ilexmahjiheenxxxxnmi
Requested by: Host: sting.de17a.com
URL: https://sting.de17a.com/ctrl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.48 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-47.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt: AcO1ry/Lthb/cgAAAA
x-accel-expires: @1653982867
date: Tue, 31 May 2022 07:33:01 GMT
content-encoding: br
etag: W/"5c6e6493-3319"
last-modified: Thu, 21 Feb 2019 08:42:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: +SFgjGUk+Qg
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-cache: HIT
x-age: 114
x-77-pop: frankfurtDE

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 229ms
70ms XHR
text/plain 54.93.174.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22B0t1hzyq1UTeN%22%2C%22domain%22%3A%22proff.no%22%2C%22publisher%22%3A%22proff.no%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22ljS8kudZi43yRAwB1RnkQg%22%2C%22clientTimestamp%22%3A1653982381360%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-pq29s5m7oeldz6c2is6t%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-no.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.174.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-174-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 07:33:01 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 980x600.png
sting-cdn.de17a.com/files/1630613802000/001/012/145/ Frame 6657 223 KB
223 KB 570ms
99ms Image
image/png 185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sting-cdn.de17a.com/files/1630613802000/001/012/145/980x600.png
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/adform;c?auction_id=2067332905_524143_1653982380224_966537369_0&bp=4m-OKG561lfAhoj64JMbM839lIW4KcMmZnA2fg&creative_id=762239&dfh=13&dd=1~Cg9odHRwOi8vcHJvZmYubm8QACoTMTIwNzc4OTcxNDYwMTY1OTY2MzD-hV05SgwCK4dGUUBABUoPMTc4LjI1NS4xNDguMTY5UFRaKzIwNjczMzI5MDVfNTI0MTQzXzE2NTM5ODIzODAyMjRfOTY2NTM3MzY5XzBg1AdorAJwAXgAgAHYptcEkAHYkq6pDJgBvpfgzwSpATmKY4csYhhAsQET2J5Bza8PQLkBAQAAAAAAIkDJAQAAAAAAAAAAuQ_CgAoAg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 51ccdb0f55ce684ed0cb70267befa351d5044e33ed03bf408544fd5aad841b19

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 31 May 2022 07:33:01 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 10448
alt-svc: quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
content-length: 228051
x-77-nzt: Abk73BAluS//0CgAAA
x-accel-expires: @1654058333
server: CDN77-Turbo
x-77-nzt-ray: kaPuiLk5Axs
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-proxy-cache: MISS

GET
H2 200 proff-logo-header-2020.png
www.proff.no/img/ 8 KB
9 KB 67ms
51ms Image
image/png 13.50.22.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proff.no/img/proff-logo-header-2020.png
Requested by: Host: proff.no
URL: https://proff.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.50.22.65 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-50-22-65.eu-north-1.compute.amazonaws.com
Software: /
Resource Hash: 74425d6a23825882584b8fc4ce285c8bbf7aa81303e468e80c8e4a905925dea9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://proff.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:33:01 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 21:34:41 GMT
etag: "1653989681985"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type: image/png;charset=UTF-8
cache-control: max-age=43200
accept-ranges: bytes
content-length: 8102
expires: Tue, 31 May 2022 09:34:41 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 74A2 51 KB
24 KB 77ms
77ms Stylesheet
text/css 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 07:17:33 GMT

GET
H2 200 recaptcha__no.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 74A2 364 KB
144 KB 85ms
85ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__no.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=no&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LebsAITAAAAAL7tPKiSxodipRymNHMNytB7vaQP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 07:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147066
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 07:48:16 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ 35 B
484 B 54ms
53ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1653982381594

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:33:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://proff.no
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ 35 B
484 B 53ms
52ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1653982381594

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://proff.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:33:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://proff.no
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proff.no/	1969-12-31 23:59:59	Name: JSESSIONID Value: F9DE324DCA538C2C827B4B5120482B42
proff.no/	1970-01-20 20:59:00	Name: _pa Value: PA2.302070932201714
.mathtag.com/	1970-01-20 12:52:17	Name: uuid Value: 0c866295-c4ab-4200-8138-6d7d46c61452
.mathtag.com/	1970-01-20 04:09:34	Name: mt_misc Value: mt_bt:1
.proff.no/	1970-01-20 20:57:34	Name: _ga Value: GA1.2.27907655.1653982380
.proff.no/	1970-01-20 03:27:48	Name: _gid Value: GA1.2.1695436669.1653982380
.proff.no/	1970-01-20 03:26:22	Name: _gat Value: 1
.adform.net/	1970-01-20 04:09:34	Name: C Value: 1
proff.no/	1970-01-20 03:36:27	Name: AWSALB Value: DZriXkv5xgHjA37tWsY8TbrNmJLjV9XkdtakWkaxWFAvQIuKpRXUsdO+W1PyBtoEOkdKRREA0GOAW25Q+rsOx4e+GsyewLP6JO1Z5t8o/Ul/zLqKl5dylZZwvQ40
proff.no/	1970-01-20 03:36:27	Name: AWSALBCORS Value: DZriXkv5xgHjA37tWsY8TbrNmJLjV9XkdtakWkaxWFAvQIuKpRXUsdO+W1PyBtoEOkdKRREA0GOAW25Q+rsOx4e+GsyewLP6JO1Z5t8o/Ul/zLqKl5dylZZwvQ40
.adform.net/	1970-01-20 04:52:46	Name: uid Value: 1207789714601659663
.de17a.com/	1970-01-20 12:04:46	Name: guid2 Value: 1.3031443901477456115
.pubmatic.com/	1970-01-20 04:09:34	Name: KRTBCOOKIE_336 Value: 5844-3031443901477456115
.pubmatic.com/	1970-01-20 04:09:34	Name: PugT Value: 1653982380
.adnxs.com/	1970-01-20 05:35:58	Name: uuid2 Value: 1687537324705142997
.advertising.com/	1970-01-20 12:13:24	Name: APID Value: UPe62f25c4-e0b3-11ec-b6fc-0231421f89ac
.360yield.com/	1970-01-20 05:35:58	Name: tuuid Value: 33800f10-91b6-4810-bc1d-d4d9e3b65f13
.360yield.com/	1970-01-20 05:35:58	Name: tuuid_lu Value: 1653982380
.spotxchange.com/	1970-01-20 12:12:02	Name: audience Value: e6382d56-e0b3-11ec-bbfa-186cd56e0406
.casalemedia.com/	1970-01-20 12:11:58	Name: CMID Value: YpXErB0TAKF4C.5ljztA-AAA
.casalemedia.com/	1970-01-20 05:35:58	Name: CMPS Value: 206
.360yield.com/	1970-01-20 05:35:58	Name: um Value: !61,4IMp64uB0CU7ebFgAfwcEBqTRy9410vmTZrtbPLoJJ.M,1656574380
.360yield.com/	1970-01-20 05:35:58	Name: umeh Value: !61,0,1716190380,-1
.casalemedia.com/	1970-01-20 05:35:58	Name: CMPRO Value: 236
.casalemedia.com/	1970-01-20 12:11:58	Name: CMRUM3 Value: af6295c4ac27603031443901477456115
.casalemedia.com/	1970-01-20 03:27:48	Name: CMST Value: YpXErGKVxKwA
www.proff.no/	1970-01-20 03:36:27	Name: AWSALB Value: 6W3goe+1GycZyp02CXU6AQQXLJi6XeKiDkZRjl71MAdFapWnGw084CIcFupN2HjfT8wcfD73wdijM9jawat/uSezA6EfNOSBAlcC33nofInsVDv/Yg6b7aOYYFd/
www.proff.no/	1970-01-20 03:36:27	Name: AWSALBCORS Value: 6W3goe+1GycZyp02CXU6AQQXLJi6XeKiDkZRjl71MAdFapWnGw084CIcFupN2HjfT8wcfD73wdijM9jawat/uSezA6EfNOSBAlcC33nofInsVDv/Yg6b7aOYYFd/
www.proff.no/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0263AA1EBCDFD186C921442BAAA16F6F

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pixel.advertising.com/ups/55955/sync?uid=3031443901477456115&_origin=1&verify=true Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
adx.adform.net
audit-tcfv2.quantcast.mgr.consensu.org
cdn.de17a.com
cdn.jsdelivr.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
fonts.gstatic.com
hb.adx.adform.net
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
proff.no
quantcast.mgr.consensu.org
rules.quantcount.com
s1.adform.net
secure.quantserve.com
stats.g.doubleclick.net
stats.proff.no
sting-cdn.de17a.com
sting.de17a.com
sync.1rx.io
sync.search.spotxchange.com
sync.userreport.com
test.quantcast.mgr.consensu.org
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.proff.no
104.16.88.20
13.50.22.65
142.250.185.99
142.250.186.100
172.217.16.131
172.217.18.110
185.59.220.17
185.64.190.80
185.94.180.126
195.181.175.48
2.18.233.201
213.155.156.185
213.155.156.188
213.19.147.44
23.35.236.247
3.122.49.139
3.33.220.150
37.157.4.29
37.157.5.72
37.157.6.246
37.252.173.27
54.93.174.143
63.35.168.36
65.9.63.104
65.9.63.49
65.9.63.50
69.173.144.139
74.125.140.157
91.228.74.244
99.86.4.78
0085b22dee76d92814ecfc0ff69e7d83678eb40ce28565d4746e6fbfa8f0f8be
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0d7cf54bb1da049a31dab60e6f2ae4ae1bb42023a5ac6b884ce4fe25bb1eddcf
0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e
142cfecbbe6b0c3605072d997fe3a1d199af6f4d7a7c9408e6ecd00b2f40a6cf
15ac477a33c97d1562572d037318cfb6930df1e612229377a29a1d25ffdafdbb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a
204c8a77b6387ed0f4f572c209fd6f53b2682e863fe3271ee297c7267cecfff6
22b23b9c137b0288305c383dd3c8c87bf82d5ff87966c8fbef24c5c6fece9c7e
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3
29af788193140c53d73e92a95e87240bf2c9c89590bcb7703cb7de86bf2f388a
2d7f2c49b8acf4fa9dfc186527ea2586d0634b58bb9d496e6efbee67ddb87e7a
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
3c5c7922ed40e9d4f2e4576bc8092aed89df49ab2790d5f84632cb4a97bac847
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4556056ae0b97237e430120fab528fdc692b0dc2af865e8bed4694dfb8cc1654
461271ba8a5ddd6d0452d1d7b53d7247dac6282b03c2918e61af03d55dbd7be5
51ccdb0f55ce684ed0cb70267befa351d5044e33ed03bf408544fd5aad841b19
520fe51b41b84672285c9ed4fed7ffbb582c4634eedc19ac97ce440a06b5f97e
5352db7e5e1e0c6312212c24ea9d466eef550484925a279d70f955832ee8be24
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c1e3c8c463c7408661163e65494a1f0bfe02123044b77a266c5bb1b8f14f391
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70173456452446a2e540861120019c764a5268481a3a8b381ee2be2892b3c41d
74425d6a23825882584b8fc4ce285c8bbf7aa81303e468e80c8e4a905925dea9
75682299734cdaa6c93141e87fbccaf7bf4052ec32679abf13209eae24eaf30b
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
80a11c6c58c13377a8820345b3328d196cf48e7ed9c26b87e46dfa7b9e9e0296
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
942c52b43f6bb3b48ceec027594c2bfce6e34029cc1d485983b2f8e00c7a1034
9648602e46ca07cf53fe8ff07088110d712862147dbb4c5303d1676eb242d288
9842713db52e17ba6a1edde841d5eb36f94c00252d7e26c9f130d29aa0bce779
9c828769c82976773b3b8704e27cf5753cb3aa7f87edde89395b4a662b534aa5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a666ce2b149381adc2a22a31fd1ddb0e813ea39b053b5360660acb70a389b04f
a8d9f2a4a3ef5baf61c43ef328bc45c3279ec7334e62e50624bae12c743f90b1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c0f4aafa75c4fc075354d6304d5553666e852d274968aa256dec4cf9d2497ba5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03b6c530e790642376b53b015d6f3d4aaff4280d53516fb8ee0e117c1afd8bc
d414cb2ce08a4dc9232a80cbe1abdffa0681474beed6257bac44fd9517c99a9f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1abbbc7891f4f485fb5b9c26fa241b6503282f8bff9ef129da09251be61755f
e23ceb92bde98de1c23424ec96437af60c0d6b0648ff71e1fe4d1fec1dfe17d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47e764298124c12ec246cc3f33a5ece1cf82cacbef043ea83ebe58089b40287
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8b4623a433dc3d0a2f2f985e51cbd97b222ba9d66ca9b58ab8b133f4f8715bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68b622cea0e71c6793dd9246bc404e1fb8097847e78070c25154231b40e3269
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f940358fee2cba0546b93557937fd06423a93d5534c395ef854c4470edd4b26e
fa7318c53b32446d37cec15c70bf7dbec1db5d946cf876fcc02de429233361ce

proff.no Open in urlscan Pro 13.50.22.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

90 %HTTPS

0 %IPv6

23 Domains

34 Subdomains

30 IPs

8 Countries

2010 kBTransfer

5645 kBSize

29 Cookies

29 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

proff.no Open in urlscan Pro
13.50.22.65 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

90 %
HTTPS

0 %
IPv6

23
Domains

34
Subdomains

30
IPs

8
Countries

2010 kB
Transfer

5645 kB
Size

29
Cookies

73 HTTP transactions
2 data transactions