urlscan.io logo urlscan.io
SecurityTrails logo

rf1.no Open in urlscan Pro
46.51.204.184  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.56d89931ab34f-regnskapsforer1.com.sitebuilder.loopia.com/
Effective URL: https://rf1.no/
Submission: On August 19 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 46.51.204.184, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is rf1.no.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 19th 2021. Valid for: 3 months.
This is the only time rf1.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 46.51.204.184 16509 (AMAZON-02)
1 13.224.89.174 16509 (AMAZON-02)
14 52.222.137.125 16509 (AMAZON-02)
5 65.9.73.69 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f12... 32934 (FACEBOOK)
26 9
2    46.51.204.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-204-184.eu-west-1.compute.amazonaws.com
www.56d89931ab34f-regnskapsforer1.com.sitebuilder.loopia.com
rf1.no
1    13.224.89.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-174.zrh50.r.cloudfront.net
d282ykz6vx01th.cloudfront.net
14    52.222.137.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-125.ams50.r.cloudfront.net
d1se4t4tzjp7kt.cloudfront.net
5    65.9.73.69 (United States)

ASN16509 (AMAZON-02, US)
d2f0ora2gkri0g.cloudfront.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
14 d1se4t4tzjp7kt.cloudfront.net rf1.no
d282ykz6vx01th.cloudfront.net
5 d2f0ora2gkri0g.cloudfront.net rf1.no
2 ssl.google-analytics.com rf1.no
1 www.facebook.com rf1.no
1 maxcdn.bootstrapcdn.com d282ykz6vx01th.cloudfront.net
1 ajax.googleapis.com rf1.no
1 d282ykz6vx01th.cloudfront.net rf1.no
1 rf1.no
1 www.56d89931ab34f-regnskapsforer1.com.sitebuilder.loopia.com 1 redirects
26 9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
rf1.no
Sectigo RSA Domain Validation Secure Server CA		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rf1.no/
Frame ID: C9F13493A9659B2216902F3BE3454A09
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://rf1.no&layout=standard&action=like&colorscheme=light&font=arial&height=30&width=290&locale=nb_NO
Frame ID: 8E68830972D9D62CC961350D427A2082
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.56d89931ab34f-regnskapsforer1.com.sitebuilder.loopia.com/ HTTP 301
    https://rf1.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

9109 kB
Transfer

10461 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.56d89931ab34f-regnskapsforer1.com.sitebuilder.loopia.com/ HTTP 301
    https://rf1.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rf1.no/
Redirect Chain
  • https://www.56d89931ab34f-regnskapsforer1.com.sitebuilder.loopia.com/
  • https://rf1.no/
111 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rf1.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.51.204.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-204-184.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
c542ec9c5ecf95bebcb27ceec984f2f103decf7195d663c7b9adad2944141a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
rf1.no
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Thu, 19 Aug 2021 06:35:26 GMT
content-type
text/html; charset=UTF-8
content-length
21191
cache-control
max-age=0, private, must-revalidate, max-age=0, must-revalidate, no-cache, no-store, private
pragma
no-cache
expires
Thu, 19 Aug 2021 05:54:17 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
vary
Accept-Encoding
age
2469
x-cache
HIT
x-bksrc
0.3
accept-ranges
bytes

Redirect headers

server
openresty
date
Thu, 19 Aug 2021 06:35:26 GMT
content-type
text/html; charset=UTF-8
content-length
306
location
https://rf1.no/
age
0
x-cache
MISS
x-bksrc
0.4
0755a7cc-a972-42fb-8a5e-638d8226349c.css
d282ykz6vx01th.cloudfront.net/07/55/ 		212 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d282ykz6vx01th.cloudfront.net/07/55/0755a7cc-a972-42fb-8a5e-638d8226349c.css
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-174.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4b892eb3fe55f6854853d36e48cde97e3e4acbc18e38b7a43c8dab150848ee0

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 05:20:21 GMT
Content-Encoding
gzip
Age
90906
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 09 Dec 2020 14:06:12 GMT
Server
AmazonS3
ETag
W/"eba1114847e7b208cd173a2548286f0a"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
b3pt5c99JBdlOIeSVqzwU4LnxK8W9pDMpPvgMOiS40Necc-hMpHy5w==
Expires
Sat, 07 Dec 2030 14:06:10 GMT
photo-swipe.css
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/photo-swipe.css
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
0f99afca623dcb8b1d842752cc0d351a56ed3cd2c1445830d9e1b4c6844d00d7

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:13:30 GMT
Content-Encoding
gzip
Age
753716
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4248
X-BKSrc
0.4
Last-Modified
Mon, 02 Aug 2021 12:39:44 GMT
Server
openresty
Content-Type
text/css
Via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
QDSLkiUR0xqAlqemLkdcdBEYP7UM3FIKJq-0Z92f6SEjQ71RY3kXIg==
Expires
Wed, 10 Aug 2022 13:13:30 GMT
cookie-consent.css
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/cookie-consent.css
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
2137b83c8ef67a20b7315a18d05d8b2772119ca2723d89ec17a0f6b991ca4cc7

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:13:30 GMT
Content-Encoding
gzip
Age
753716
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1317
X-BKSrc
0.4
Last-Modified
Mon, 02 Aug 2021 12:39:44 GMT
Server
openresty
Content-Type
text/css
Via
1.1 a2458b90efc105d68ca01a550177c4e5.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
9f0nmOpoSXKWf2STHdP4F8F-z-kyPo8HGEhyB8ydEx3TuexnorQm4A==
Expires
Wed, 10 Aug 2022 13:13:30 GMT
modernizr.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/modernizr.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
4ba5d5fc64b83fcae61e3d9351c98cd79953d10ae68c29a0585442d625b383aa

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:13:30 GMT
Content-Encoding
gzip
Age
753719
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2609
X-BKSrc
0.4
Last-Modified
Mon, 02 Aug 2021 12:40:00 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 182732bb63f7d4f88e7cac0874b0cfef.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
a29jIE6GYC6fkKltCes00izqKoWzbeenkHTOCh1JFCTHPRbEc_EYFw==
Expires
Wed, 10 Aug 2022 13:13:28 GMT
bkpam2192154_hovedbok.jpg
d2f0ora2gkri0g.cloudfront.net/ 		7 MB
7 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2f0ora2gkri0g.cloudfront.net/bkpam2192154_hovedbok.jpg
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7195f1560f609152eeddfaee15ba082b57a41c80021e330431376701402a5f0a

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 17:11:53 GMT
Via
1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 31 May 2016 11:24:40 GMT
Server
AmazonS3
Age
566614
ETag
"523be29225be5b2a02cd357010ff3cdf"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
Content-Length
7013183
X-Amz-Cf-Id
-EYzJi9MGJU7abaA-vftFAZExr374YNIGGeAuU9X8sDC3Nb_5pzoMw==
Expires
Fri, 29 May 2026 12:24:55 GMT
d63c3800-093d-49b7-8b92-8d6c3f3903d1.jpg
d2f0ora2gkri0g.cloudfront.net/d6/3c/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2f0ora2gkri0g.cloudfront.net/d6/3c/d63c3800-093d-49b7-8b92-8d6c3f3903d1.jpg
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fab995da22d447c52ad1754a7e4747a2991689d3dc33bfd2cfcc5626e4af96ae

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 17:11:53 GMT
Via
1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 27 Oct 2017 10:23:14 GMT
Server
AmazonS3
Age
566614
ETag
"cbe9e850bfcdca2a0b1ef4eb90ffce1e"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
Content-Length
25850
X-Amz-Cf-Id
KpdTzsRLtlG0PZm-isl-DlVd_QpYZhzxBt4nwKkKA-te150wQ7FKBw==
Expires
Mon, 25 Oct 2027 11:23:13 GMT
28c064a5-d778-4432-a877-f5a3869fa5fa.png
d2f0ora2gkri0g.cloudfront.net/28/c0/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2f0ora2gkri0g.cloudfront.net/28/c0/28c064a5-d778-4432-a877-f5a3869fa5fa.png
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a3e358874f8a13506c99e6a3b9e361af9f047e3ba121e454ca3e5a29d7c4cb2

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 13:35:17 GMT
Via
1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 25 Jan 2018 12:56:05 GMT
Server
AmazonS3
Age
1098010
ETag
"ee57b8dc58ce91481e786c5512aa3c3f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
Content-Length
23033
X-Amz-Cf-Id
wIGTHx6ddt63TlkLz4cJF_wZG3sITp22L4fKEMNCdirpt5dtY4pn_Q==
Expires
Sun, 23 Jan 2028 12:56:04 GMT
6ccc5d7b-e9ad-4a55-9ff8-b9b0b8eeb926.jpg
d2f0ora2gkri0g.cloudfront.net/6c/cc/ 		648 KB
649 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2f0ora2gkri0g.cloudfront.net/6c/cc/6ccc5d7b-e9ad-4a55-9ff8-b9b0b8eeb926.jpg
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e20473c3e4816e2dfc34c3297e6c938bfa0dfd51dc8a7b44844396f2218f29d

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 00:58:49 GMT
Via
1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 09 Nov 2017 15:25:55 GMT
Server
AmazonS3
Age
192997
ETag
"4f78ab132829f71de1759c7fef62e596"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
Content-Length
663566
X-Amz-Cf-Id
mVKWE3cEsvPwELWVTqg2CymTKGwxkeoJvXsZH030IGrRtHN-0Huw8g==
Expires
Sun, 07 Nov 2027 15:25:53 GMT
d333cd25-ac76-489e-8bee-23c2d1928739.png
d2f0ora2gkri0g.cloudfront.net/d3/33/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2f0ora2gkri0g.cloudfront.net/d3/33/d333cd25-ac76-489e-8bee-23c2d1928739.png
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a3e358874f8a13506c99e6a3b9e361af9f047e3ba121e454ca3e5a29d7c4cb2

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 17:11:54 GMT
Via
1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 25 Jan 2018 13:06:23 GMT
Server
AmazonS3
Age
566613
ETag
"ee57b8dc58ce91481e786c5512aa3c3f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
AMS1-C1
Accept-Ranges
bytes
Content-Length
23033
X-Amz-Cf-Id
34H-POk9JabVB89ZHA9AbtBRJlfrsDBYf3JYXUIwvKozsE8IQ9xNOg==
Expires
Sun, 23 Jan 2028 13:06:21 GMT
translations.js
d1se4t4tzjp7kt.cloudfront.net/68c205d/no/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/68c205d/no/translations.js?sections=widgets,mobile,shared_views,shared_components,cookie
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
7a0b7ad616fe46ec97a203dd078acf7eff135429c292f60e0e5281c8e53e2a34

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:21:35 GMT
Content-Encoding
gzip
Age
753231
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
X-BKSrc
0.4
Server
openresty
Content-Type
application/javascript
Via
1.1 a2458b90efc105d68ca01a550177c4e5.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
AmwNw0L7P8uRwbz5YC-ULgy1HS3aJiP6l348zm7BsMKq_HsZLyYuAA==
Expires
Wed, 10 Aug 2022 13:21:35 GMT
published-v8-site-libs.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/ 		818 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/published-v8-site-libs.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
1f5cf8da3ed9946ff6ebdd19f24644386cba9eb32af8a1222ccf7699e6d89002

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:13:30 GMT
Content-Encoding
gzip
Age
753716
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-BKSrc
0.4
Last-Modified
Mon, 02 Aug 2021 12:41:34 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 182732bb63f7d4f88e7cac0874b0cfef.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
197cKOqQ1ExZiULdM85BVcJvFeYZ0PgFIx-nCpu6wSmXlHCA1hPlYQ==
Expires
Wed, 10 Aug 2022 13:13:30 GMT
published-v8-site.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/ 		195 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/published-v8-site.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
781998b67b052a254812afcaf2c083f95e03e0bc1d990a00aca73b9c4da5eb30

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:13:31 GMT
Content-Encoding
gzip
Age
753716
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-BKSrc
0.3
Last-Modified
Mon, 02 Aug 2021 12:41:33 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
rmjJdENGPZfyfIuEeIRXV4Gj6CHqUeVjMjKUjkJl3RTcR6OMqf0C9A==
Expires
Wed, 10 Aug 2022 13:13:30 GMT
twig-widget-views-v2.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/ 		147 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/compiled/twig-widget-views-v2.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
987386cf5109a34225e130008c0aeb01b1b6e3c44cc160797300241d8741fe30

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:13:31 GMT
Content-Encoding
gzip
Age
753717
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-BKSrc
0.4
Last-Modified
Mon, 02 Aug 2021 12:40:10 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 a2458b90efc105d68ca01a550177c4e5.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
NO5_fOgE-bcNMQW0Rhp4GWq-4x4H3iv0lOmvnPPPE6qTNqOTKvXAQw==
Expires
Wed, 10 Aug 2022 13:13:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 05:52:53 GMT
x-content-type-options
nosniff
age
2553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96381
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Aug 2022 05:52:53 GMT
mq4-hover-shim.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/mq4-hover-shim.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
ecc53e7c0d173c6ebb46f907163b4d989add8f348a1e27c9d6285b75d718ed83

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:15:29 GMT
Content-Encoding
gzip
Age
753597
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2616
X-BKSrc
0.4
Last-Modified
Thu, 29 Oct 2020 11:23:45 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 a2458b90efc105d68ca01a550177c4e5.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
FYmy9d_T3eDHTYKKLZhVlHl8vAOeHYrHjAf6viRKTlTUirhZAYNEUA==
Expires
Wed, 10 Aug 2022 13:15:29 GMT
navigation.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/ 		325 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/navigation.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
62a6d4deca8e29eebb233158e61430d0ae1eb9be5d60b4d625956d8b88bc0e3a

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:15:29 GMT
Content-Encoding
gzip
Age
753597
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
193
X-BKSrc
0.4
Last-Modified
Thu, 29 Oct 2020 11:23:45 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
FIGa4DBHBHMgi-FsLx1HfjaLmMJ63CFrluXfpxtNIa-6c6zwv3k1zw==
Expires
Wed, 10 Aug 2022 13:15:29 GMT
custom.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/custom.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
db04fca242fd1a0e304e70c14719de0230792658ad0c7d9567f4112a7c521a88

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:15:29 GMT
Content-Encoding
gzip
Age
753597
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
617
X-BKSrc
0.3
Last-Modified
Thu, 29 Oct 2020 11:23:44 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 196da8dbede310a18cd917665afeaa22.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
-_K4VKstyePwQzt3b3Xqq5hIpRxPW2-mysZu3B4CscKVRqDUtxyLHA==
Expires
Wed, 10 Aug 2022 13:15:29 GMT
hero.js
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/templates/brunch/js/hero.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
d71d24668ddc47b17d6a149edbbe7b146279915c9c4bbe7bfd2a20fd98b9c514

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:15:29 GMT
Content-Encoding
gzip
Age
753597
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
582
X-BKSrc
0.4
Last-Modified
Thu, 29 Oct 2020 11:23:45 GMT
Server
openresty
Content-Type
application/javascript
Via
1.1 ab1d15e056bdcedbea349504173a4ecb.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
52LSq5l6L1BiocRwUUZYoGCpWRBip-K7O5dTGYzfrwP8CNJH4eF9uw==
Expires
Wed, 10 Aug 2022 13:15:29 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6811
date
Thu, 19 Aug 2021 04:41:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 19 Aug 2021 06:41:55 GMT
down-arrow.svg
d1se4t4tzjp7kt.cloudfront.net/b2990e868da08b6af406510340e0aa8b/templates/brunch/images/ 		557 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/b2990e868da08b6af406510340e0aa8b/templates/brunch/images/down-arrow.svg
Requested by
Host: d282ykz6vx01th.cloudfront.net
URL: https://d282ykz6vx01th.cloudfront.net/07/55/0755a7cc-a972-42fb-8a5e-638d8226349c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
4ec290f0920b062507bee86e0c3feb69f98da14dd226751506ca8c81dd08036e

Request headers

Referer
https://d282ykz6vx01th.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:15:29 GMT
Content-Encoding
gzip
Age
753597
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
376
X-BKSrc
0.4
Last-Modified
Thu, 29 Oct 2020 11:23:46 GMT
Server
openresty
Content-Type
image/svg+xml
Via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
kCpNqzEESjNc43SvCqXjB8oaWmJFpHtJ6gPpTRM-nhM7T-TrYODTKw==
Expires
Wed, 10 Aug 2022 13:15:29 GMT
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by
Host: d282ykz6vx01th.cloudfront.net
URL: https://d282ykz6vx01th.cloudfront.net/07/55/0755a7cc-a972-42fb-8a5e-638d8226349c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://rf1.no
Referer
https://d282ykz6vx01th.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 06:35:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
632, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 21:16:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
98024
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fc6103496343cecb0125e3f54be3ef15
accept-ranges
bytes
cf-ray
68115ca3da564eda-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1742480886&utmhn=rf1.no&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Regnskapsf%C3%B8rer%201%20-%20Tjenester&utmhid=2122137397&utmr=-&utmp=%2F&utmht=1629354926772&utmac=UA-113633267-1&utmcc=__utma%3D22925048.1178364644.1629354927.1629354927.1629354927.1%3B%2B__utmz%3D22925048.1629354927.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1656903599&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Aug 2021 06:35:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/plugins/ Frame 8E68 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://rf1.no&layout=standard&action=like&colorscheme=light&font=arial&height=30&width=290&locale=nb_NO
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https://rf1.no&layout=standard&action=like&colorscheme=light&font=arial&height=30&width=290&locale=nb_NO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rf1.no/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rf1.no/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
tbcsJ5aU8/iI4fizCAQ40iZegxvqmJJ1uHw8byqmWuj/Gd40Y47YalWbvT8WjxlipUGyPkD6mxF4fvRzUFaGgQ==
content-length
0
date
Thu, 19 Aug 2021 06:35:26 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
poppins.woff.json
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/seven/fonts/ 		368 KB
285 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/seven/fonts/poppins.woff.json
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
ec05bed9be34f9d35d60c8b8ec19c1ee00c9e45d3548245ecb71418eb9a3995c

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:34:43 GMT
Content-Encoding
gzip
Age
752444
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-BKSrc
0.4
Last-Modified
Mon, 02 Aug 2021 12:39:14 GMT
Server
openresty
Content-Type
application/json
Via
1.1 c8398cf797b03d1d2d2deda33fe571f1.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
WkN3WH94vo40RmpBANo2A7ItRSdVcfqpgAGJsahe5bN8eNSIZfefaA==
Expires
Wed, 10 Aug 2022 13:34:43 GMT
montserrat.woff.json
d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/seven/fonts/ 		290 KB
225 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1se4t4tzjp7kt.cloudfront.net/f8eae8c59f/seven/fonts/montserrat.woff.json
Requested by
Host: rf1.no
URL: https://rf1.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-125.ams50.r.cloudfront.net
Software
openresty /
Resource Hash
4a01f1defbba6ad7a9834c7abb16912138cb6f485a11028f40dcd7c80f6c0290

Request headers

Referer
https://rf1.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 13:17:32 GMT
Content-Encoding
gzip
Age
753717
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-BKSrc
0.3
Last-Modified
Mon, 02 Aug 2021 12:39:14 GMT
Server
openresty
Content-Type
application/json
Via
1.1 e7150584c93f85e64aa53364c55a16c7.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
AMS50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
qJD-XERRhFTec9tFKes0W3LhBtK9pIZ8ro0YI-ZKxJ-thVldjSAFcA==
Expires
Wed, 10 Aug 2022 13:13:30 GMT
truncated
/ 		109 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a5560000afb6fd451191dc9c88bc2a7850e130f156fa16e2bcdeadf3d8a5f34

Request headers

Origin
https://rf1.no
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		109 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1aac77b7b581830e96a4c71191c7b0780638c35ed3bb3fa3da58841156f9b28

Request headers

Origin
https://rf1.no
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a24e213c7170e7daa12f03454a88fa3a804aac07299421926c6fd8f088e2fe34

Request headers

Origin
https://rf1.no
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa1b86b411f448bcff12ff27cfb43da959486314f2d17857b41d8c0d3b84e96d

Request headers

Origin
https://rf1.no
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| isScriptAllowedByCookieConsent object| _gaq object| Modernizr function| onCookieConsent object| Brand object| App object| Server object| Profile object| _gat object| gaGlobal function| $ function| jQuery function| bk$ object| BaseKit object| Twig object| goog object| twig object| __document_write_ajax_callbacks__ undefined| writeCapture function| _ object| Backbone object| Mn object| Marionette object| Cocktail function| PhotoSwipe function| PhotoSwipeUI_Default function| flatpickr object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Bottle object| Site number| fallback object| mq4HoverShim number| featureHeight object| featurePosition number| featureTriggerValue number| window_height undefined| offsetAmount function| checkFeatureDimensions function| scrollEffect object| elem object| jQuery1110032090167259596214 object| ProfileModel boolean| ecwid_script_defer object| ec object| fontCollection

5 Cookies

Domain/Path Name / Value
.rf1.no/ Name: __utmb
Value: 22925048.1.10.1629354927
.rf1.no/ Name: __utmz
Value: 22925048.1629354927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.rf1.no/ Name: __utmt
Value: 1
.rf1.no/ Name: __utmc
Value: 22925048
.rf1.no/ Name: __utma
Value: 22925048.1178364644.1629354927.1629354927.1629354927.1

1 Console Messages

Source Level URL
Text
console-api log URL: https://rf1.no/(Line 934)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
d1se4t4tzjp7kt.cloudfront.net
d282ykz6vx01th.cloudfront.net
d2f0ora2gkri0g.cloudfront.net
maxcdn.bootstrapcdn.com
rf1.no
ssl.google-analytics.com
www.56d89931ab34f-regnskapsforer1.com.sitebuilder.loopia.com
www.facebook.com
13.224.89.174
2606:4700::6812:bcf
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a03:2880:f12d:83:face:b00c:0:25de
46.51.204.184
52.222.137.125
65.9.73.69
0f99afca623dcb8b1d842752cc0d351a56ed3cd2c1445830d9e1b4c6844d00d7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1f5cf8da3ed9946ff6ebdd19f24644386cba9eb32af8a1222ccf7699e6d89002
2137b83c8ef67a20b7315a18d05d8b2772119ca2723d89ec17a0f6b991ca4cc7
2e20473c3e4816e2dfc34c3297e6c938bfa0dfd51dc8a7b44844396f2218f29d
4a01f1defbba6ad7a9834c7abb16912138cb6f485a11028f40dcd7c80f6c0290
4ba5d5fc64b83fcae61e3d9351c98cd79953d10ae68c29a0585442d625b383aa
4ec290f0920b062507bee86e0c3feb69f98da14dd226751506ca8c81dd08036e
62a6d4deca8e29eebb233158e61430d0ae1eb9be5d60b4d625956d8b88bc0e3a
6a5560000afb6fd451191dc9c88bc2a7850e130f156fa16e2bcdeadf3d8a5f34
7195f1560f609152eeddfaee15ba082b57a41c80021e330431376701402a5f0a
781998b67b052a254812afcaf2c083f95e03e0bc1d990a00aca73b9c4da5eb30
7a0b7ad616fe46ec97a203dd078acf7eff135429c292f60e0e5281c8e53e2a34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
987386cf5109a34225e130008c0aeb01b1b6e3c44cc160797300241d8741fe30
9a3e358874f8a13506c99e6a3b9e361af9f047e3ba121e454ca3e5a29d7c4cb2
a1aac77b7b581830e96a4c71191c7b0780638c35ed3bb3fa3da58841156f9b28
a24e213c7170e7daa12f03454a88fa3a804aac07299421926c6fd8f088e2fe34
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4b892eb3fe55f6854853d36e48cde97e3e4acbc18e38b7a43c8dab150848ee0
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
c542ec9c5ecf95bebcb27ceec984f2f103decf7195d663c7b9adad2944141a5a
d71d24668ddc47b17d6a149edbbe7b146279915c9c4bbe7bfd2a20fd98b9c514
db04fca242fd1a0e304e70c14719de0230792658ad0c7d9567f4112a7c521a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec05bed9be34f9d35d60c8b8ec19c1ee00c9e45d3548245ecb71418eb9a3995c
ecc53e7c0d173c6ebb46f907163b4d989add8f348a1e27c9d6285b75d718ed83
fa1b86b411f448bcff12ff27cfb43da959486314f2d17857b41d8c0d3b84e96d
fab995da22d447c52ad1754a7e4747a2991689d3dc33bfd2cfcc5626e4af96ae