urlscan.io logo urlscan.io
SecurityTrails logo

gammel-no.malangenresort.com Open in urlscan Pro
2a01:5b40:0:4a01:0:ebb2:1578:a4ed  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gammel-no.malangenresort.com/
Effective URL: https://gammel-no.malangenresort.com/forside/
Submission: On February 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 17 domains to perform 98 HTTP transactions. The main IP is 2a01:5b40:0:4a01:0:ebb2:1578:a4ed, located in Norway and belongs to DOMENESHOP Oslo, Norway, NO. The main domain is gammel-no.malangenresort.com.
TLS certificate: Issued by R3 on February 5th 2023. Valid for: 3 months.
This is the only time gammel-no.malangenresort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    2a01:5b40:0:4a01:0:ebb2:1578:a4ed (Norway)

ASN12996 (DOMENESHOP Oslo, Norway, NO)
gammel-no.malangenresort.com
malangenresort.no
2    2607:f8b0:4006:821::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
26    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
hb.wpmucdn.com
2    2607:f8b0:4006:81c::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    151.101.130.83 (United States)

ASN54113 (FASTLY, US)
static.tacdn.com
1    151.101.2.83 (United States)

ASN54113 (FASTLY, US)
www.jscache.com
2    23.60.5.78 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-5-78.deploy.static.akamaitechnologies.com
www.tripadvisor.com
no.tripadvisor.com
3    2607:f8b0:4006:80f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.64.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net
www.googleadservices.com
3    2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
18    2607:f8b0:4006:80b::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2607:f8b0:4006:816::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2607:f8b0:4006:80a::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
2    2607:f8b0:4006:80e::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2607:f8b0:4006:80e::2016 (Nutley, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2607:f8b0:4002:4::a (Atlanta, United States)

ASN15169 (GOOGLE, US)
r5---sn-5uaeznle.googlevideo.com
4    2607:f8b0:4002::6 (Atlanta, United States)

ASN15169 (GOOGLE, US)
rr1---sn-5ualdnl7.googlevideo.com
3    2607:f8b0:4017:35::8 (United States)

ASN15169 (GOOGLE, US)
rr3---sn-vgqsrned.googlevideo.com
Apex Domain
Subdomains		 Transfer
26 wpmucdn.com
hb.wpmucdn.com — Cisco Umbrella Rank: 34586
679 KB
18 youtube.com
www.youtube.com — Cisco Umbrella Rank: 74
889 KB
14 malangenresort.com
gammel-no.malangenresort.com
1 MB
10 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 890
r5---sn-5uaeznle.googlevideo.com — Cisco Umbrella Rank: 150635
rr1---sn-5ualdnl7.googlevideo.com — Cisco Umbrella Rank: 43676
rr3---sn-vgqsrned.googlevideo.com — Cisco Umbrella Rank: 24175
3 MB
7 gstatic.com
fonts.gstatic.com
137 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
jnn-pa.googleapis.com — Cisco Umbrella Rank: 187
33 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
static.doubleclick.net — Cisco Umbrella Rank: 209
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
3 tacdn.com
static.tacdn.com — Cisco Umbrella Rank: 10188
11 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
5 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
2 tripadvisor.com
www.tripadvisor.com — Cisco Umbrella Rank: 7749
no.tripadvisor.com — Cisco Umbrella Rank: 214545
8 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
94 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 86
42 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
2 KB
1 malangenresort.no
malangenresort.no
1 jscache.com
www.jscache.com — Cisco Umbrella Rank: 14509
441 B
98 17
Domain Requested by
26 hb.wpmucdn.com gammel-no.malangenresort.com
18 www.youtube.com hb.wpmucdn.com
www.youtube.com
14 gammel-no.malangenresort.com 2 redirects gammel-no.malangenresort.com
hb.wpmucdn.com
7 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 rr1---sn-5ualdnl7.googlevideo.com www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 rr3---sn-vgqsrned.googlevideo.com www.youtube.com
3 googleads.g.doubleclick.net 2 redirects www.youtube.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 static.tacdn.com gammel-no.malangenresort.com
no.tripadvisor.com
2 yt3.ggpht.com www.youtube.com
2 redirector.googlevideo.com www.youtube.com
2 www.google.com gammel-no.malangenresort.com
www.youtube.com
2 fonts.googleapis.com gammel-no.malangenresort.com
2 www.googletagmanager.com gammel-no.malangenresort.com
1 r5---sn-5uaeznle.googlevideo.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 no.tripadvisor.com www.jscache.com
1 www.googleadservices.com www.googletagmanager.com
1 malangenresort.no hb.wpmucdn.com
1 www.tripadvisor.com gammel-no.malangenresort.com
1 www.jscache.com 1 redirects
98 23

This site contains links to these domains. Also see Links.

Domain
www.malangenresort.com
no.tripadvisor.com
kugo.no
www.instagram.com
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
bryllup.malangenresort.com
R3		 2023-02-05 -
2023-05-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.wpmucdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-14 -
2023-04-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
static.tacdn.com
GlobalSign RSA OV SSL CA 2018		 2022-02-04 -
2023-03-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.tripadvisor.com
GlobalSign RSA OV SSL CA 2018		 2022-05-10 -
2023-06-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-02-07 -
2023-04-18		 2 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gammel-no.malangenresort.com/forside/
Frame ID: 84AA2647DF1099626B170D7B3FEC6E51
Requests: 60 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Frame ID: 61329A5339E80A9C9FA718822CF942C2
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malangen Resort • Hotell • Rorbu • Aktiviteter • Restaurant • Ved sjøen •

Page URL History Show full URLs

  1. http://gammel-no.malangenresort.com/ HTTP 301
    https://gammel-no.malangenresort.com/ HTTP 301
    https://gammel-no.malangenresort.com/forside/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tripadvisor\.[\w]+/WidgetEmbed

Page Statistics

98
Requests

97 %
HTTPS

81 %
IPv6

17
Domains

23
Subdomains

21
IPs

2
Countries

6814 kB
Transfer

11962 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gammel-no.malangenresort.com/ HTTP 301
    https://gammel-no.malangenresort.com/ HTTP 301
    https://gammel-no.malangenresort.com/forside/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=332&locationId=1850706&lang=no&year=2021&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=332&locationId=1850706&lang=no&year=2021&display_version=2
Request Chain 53
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/gammel-no.malangenresort.com/?random=910235542&cv=11&fst=1677119899880&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=gammel-no.malangenresort.com&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgammel-no.malangenresort.com%2Fforside%2F&tiba=Malangen%20Resort%20%E2%80%A2%20Hotell%20%E2%80%A2%20Rorbu%20%E2%80%A2%20Aktiviteter%20%E2%80%A2%20Restaurant%20%E2%80%A2%20Ved%20sj%C3%B8en%20%E2%80%A2&value=0&auid=1934816293.1677119900&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nNH2Y4O5Bd6boPMP26Kk-AU&sscte=1&crd=&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dBrmfFXMtCPrBw75zlaUKkHN3l76BqQyKQ&pscrd=Ek5DaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVlBXzl1dUxuaWY2SkdDRGhuLTREdGNoRW00emFZNUhQWHZCNkV5Qng0b0VvTEhKVU03dkEaWENoQUlnSmZYbndZUXY1ZXg0SlAzZzVkLUVpNEFTTmtkRXNsY3VYd25HaDRLdDBXZm80V3lIdWJLUzY1bm53OWRiTWo2enVFN3NpRmp2dlVTOWxGb1MwVmw HTTP 302
  • https://www.google.com/pagead/1p-conversion/gammel-no.malangenresort.com/?random=910235542&cv=11&fst=1677119899880&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=gammel-no.malangenresort.com&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgammel-no.malangenresort.com%2Fforside%2F&tiba=Malangen%20Resort%20%E2%80%A2%20Hotell%20%E2%80%A2%20Rorbu%20%E2%80%A2%20Aktiviteter%20%E2%80%A2%20Restaurant%20%E2%80%A2%20Ved%20sj%C3%B8en%20%E2%80%A2&value=0&auid=1934816293.1677119900&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVlBXzl1dUxuaWY2SkdDRGhuLTREdGNoRW00emFZNUhQWHZCNkV5Qng0b0VvTEhKVU03dkEaWENoQUlnSmZYbndZUXY1ZXg0SlAzZzVkLUVpNEFTTmtkRXNsY3VYd25HaDRLdDBXZm80V3lIdWJLUzY1bm53OWRiTWo2enVFN3NpRmp2dlVTOWxGb1MwVmw&is_vtc=1&ocp_id=nNH2Y4O5Bd6boPMP26Kk-AU&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dI9jXnrbbzUzIURHaM2QKFgS4vsIDuzY1A&random=1305389300
Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gammel-no.malangenresort.com/forside/
Redirect Chain
  • http://gammel-no.malangenresort.com/
  • https://gammel-no.malangenresort.com/
  • https://gammel-no.malangenresort.com/forside/
128 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
912a730595797faaaebd94ff8f8aa255878b36e0c6b5b1112382ebf848e43e18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=3600, must-revalidate
cf-edge-cache
cache, platform=WordPress
content-encoding
gzip
content-length
23220
content-type
text/html; charset=UTF-8
date
Thu, 23 Feb 2023 02:38:18 GMT
hummingbird-cache
Served
link
<https://gammel-no.malangenresort.com/wp-json/>; rel="https://api.w.org/", <https://gammel-no.malangenresort.com/wp-json/wp/v2/posts/26>; rel="alternate"; type="application/json", <https://gammel-no.malangenresort.com/?p=26>; rel=shortlink
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, must-revalidate, max-age=0
cf-edge-cache
cache, platform=WordPress
content-type
text/html; charset=UTF-8
date
Thu, 23 Feb 2023 02:38:18 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://gammel-no.malangenresort.com/forside/
server
nginx
x-redirect-by
WordPress
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-87078307-3
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2b2bb6a0d3d5dd5af086480b2a3a30ec6e36554affd50953d9895410c9a6adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44110
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 01:33:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Feb 2023 02:38:18 GMT
755c6fa8-ac55-4af5-ab7a-0e3537781d3c.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		498 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/755c6fa8-ac55-4af5-ab7a-0e3537781d3c.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
d7d5fae6a26a32d07d57e9c40ee13ccbdc3c46ba2999e3b4b8904b34ff243609

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 06:25:50 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=25.8%, origSize=4145
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"0857a051afe6ebbac755ccb016279de0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
51ff7ca8162b8e22208b1281ec61703c
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
443c22bd-50dc-4084-9195-d9a2f7549f1e.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		79 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/443c22bd-50dc-4084-9195-d9a2f7549f1e.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
d78cecaa70758ba55eb66ba1b19b2b9c2dbe7c099260e4ea308d876a073bfa25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 06:25:52 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=80574
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"46c5ca0c28b3663c0c6731b5db06fb16"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
cba7c9190dc5c50e1207a60da6ff8879
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
d3e2ee29-2c71-4da3-ae9f-704b8ef9d864.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/d3e2ee29-2c71-4da3-ae9f-704b8ef9d864.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
4f39097bbbe888fb88ed804482a737e7259c6a73c87459ee394640f060f9b42e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 06:25:53 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=16.5%, origSize=3106
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"9786f8f10922959af63824daf8178200"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
fe6bcd4ce39b8c430f4801f5e781d45f
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		4 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C700%3B1%2C400%3B1%2C500%3B1%2C700&display=swap&ver=5.8.3
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a400560aceabb2687df0afc6854c37deae2c64144e5f49050733177099bcc08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Feb 2023 02:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 01:07:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Feb 2023 02:38:18 GMT
ea384340-4730-466e-8be5-6cbabbd59d5a.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		188 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/ea384340-4730-466e-8be5-6cbabbd59d5a.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
a33d5b83f44e30bbaa279913ba11f40f966aedc8707b71c05ff02d5955fc808c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 06:25:54 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=18.7%, origSize=131561
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"2d726fa84c5146017818e3ebca39f248"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
aeb173efbeb05cb9a93f03ddeab3d8b1
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
53a40f51-bd38-4707-b306-b8d72d7e3bb8.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		87 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/53a40f51-bd38-4707-b306-b8d72d7e3bb8.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
8a5d9b8ccd1cda2162720fbec517eb8d48959c9738222e1add272f6168ad95ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 06:25:55 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=30.3%, origSize=128085
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"5bd34914866c9032050d2a91b2c939d6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
a6a3b46e8218b5ae7df4bd22aec0edd2
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dc607e50-d507-4af7-8eba-86f19b6f50e3.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/dc607e50-d507-4af7-8eba-86f19b6f50e3.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
09cef3d10f1b996c7c26c157f3873336ca66ab3931cdaf84153b2c18733ae38a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:07:57 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=19536
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"4bf237a336f4247f617e257942001e7d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
b21d125cf1278ac16fa5949930bc0071
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
850f6d24-6647-4673-8dc2-e412bb9608c4.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/850f6d24-6647-4673-8dc2-e412bb9608c4.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
fd9cbf2f6bf70991482aac79cefc677c15b8aff5404104dd66ea964c7bbed106

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:07:58 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=13805
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"9be42ac4d33b0d33c7c412e980eea067"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
510d19096e860a5e04bd5a224189127c
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
8628880c-72d5-4e7c-9f16-220ca6ed7b11.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		134 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/8628880c-72d5-4e7c-9f16-220ca6ed7b11.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
1258a7f2758e64640fe5210a31ca19c88731e03d307233f697c23163b3f07b24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:07:59 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=137254
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"52a100a83f755b3042db2b32fafb3aa8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
c82c0bf4c9f6e8e19935337d6e2fac32
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
5264ce12-b223-4847-901a-0cbbdf42e97b.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/5264ce12-b223-4847-901a-0cbbdf42e97b.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
41e876e4651cefe23fc74ca17387c3f1a6c78c5f333cc3537599f13dd49eda00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:07:59 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=3323
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"d5da564e3827b85b4858c0a610462b0e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
f11cd9f17f9d4709cf14c52027bb4c0f
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
05e3467a-0451-423f-87e8-4a1d9728e4ad.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/05e3467a-0451-423f-87e8-4a1d9728e4ad.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
4735466348517b059d438984d72d3e99bbc57d52270a45e0fcea590ee4cb75ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:08:00 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=1007
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"9b82f17e03beaa990f760799771068f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
5da8b52224a666593a3bd18f8381c655
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
4c457b73-1116-4087-ba75-09b115081609.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/4c457b73-1116-4087-ba75-09b115081609.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
245d19384a78155ddb20b27852ef5fe4aa985779bdee79c87c1eee32edbcdf33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Mon, 06 Feb 2023 06:13:29 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=1.0%, origSize=1495
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"e14c48095a5c10c6e519d86eccb040b6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
4a26b186a2e55bbf5b66a742a66175df
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
31c573fa-e4ab-455c-8460-dbdf38b93ca6.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		432 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/31c573fa-e4ab-455c-8460-dbdf38b93ca6.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
97dd1a0e5d5a0ae5ada630d445bda6e2581a74f2ceee5c9c2dfdd38a3c9aff5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Mon, 06 Feb 2023 06:13:30 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=441967
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"7c1d5ed4971bf3d26834f00dead0b994"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
7d35195c1a36934425dbe4b3d1fc66c9
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
70272873-154b-4870-8b69-90f9795d68ee.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		62 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/70272873-154b-4870-8b69-90f9795d68ee.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
0a206193cb02ff3f1e6cac30fd94b38673e743e25def8d481a2403d0d0bfc8fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Mon, 06 Feb 2023 06:13:31 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=3.8%, origSize=65786
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"569a613b8da8fd822d810ebab5ddb914"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
83e5f71100a11e0aa666157165763be0
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
5f490590-273d-4b54-98cf-b3aa07cad442.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/5f490590-273d-4b54-98cf-b3aa07cad442.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
47fb7ec9e8121e2ce08d97cbfbcbbab458cd9d35d9f84b95fc566836654eaa72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 17:59:26 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=23037
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"5ba5b89b0e1d2259fad3c8b1d3ffaa22"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
5587160db4afc01f49e6245f75b0418e
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
9f788430-1a00-4c1d-8141-09d0424e1859.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/9f788430-1a00-4c1d-8141-09d0424e1859.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
b0c6836fec8ff50f7fb5973ff40ce815dc06124a2c5fec459116287cebc75abb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Mon, 06 Feb 2023 06:13:32 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=4.3%, origSize=11736
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"9cec5e36ff3a20dd538a65855687a6f1"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
8fc94d76281591529de3c03f78eb4030
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
83e80cda-08f1-4241-833f-4427eb2af4f9.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/83e80cda-08f1-4241-833f-4427eb2af4f9.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
170c72772b7bade02630529bff633493fc589ce990643045c562fdd78d56bc00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Mon, 06 Feb 2023 06:13:33 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=2.3%, origSize=3394
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"28563518b606d8042243f8c8f01656b6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
50f431206c6a9d0a2d29cd54f935c696
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		55 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjord+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.3
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c7f068b956afb9ba386919e695a0314c10724e2df7b4f9b7cc0bf5cbdfea52c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Feb 2023 02:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 02:38:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Feb 2023 02:38:18 GMT
c968f8f6-4eda-48c9-8f38-c219ce6dbbe7.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		59 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/c968f8f6-4eda-48c9-8f38-c219ce6dbbe7.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
30952f05fbb59736578534d9d8c1b7f368ec6cbc1affbc22235bac154ac1f2da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:07:55 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=57912
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"9c0e1752fa74cfa9b3eabc31100236d2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
047b887bed736015b1a9f70e1fdae716
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1e7377f2-fe64-4b95-89f5-dae742219128.js
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/1e7377f2-fe64-4b95-89f5-dae742219128.js
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
d5a1b0563b1bc0dcc3c038a492c2eaa85df7257030bece9d0537bc284217ed8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 06:25:59 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=46.5%, origSize=4011
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"32ad4aba08d35dd2aeed8f5f30d7932b"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
a32c29f7ac3df0a9c01309c9e5defa7e
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
fc336c64-9a2a-49ab-be8c-18f638d4540c.js
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		495 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/fc336c64-9a2a-49ab-be8c-18f638d4540c.js
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
3d53e386319bca4a31e2f9716110ee6f37b049243efa9ed3e00d6bab77ee44b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 17:59:17 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=60011
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"fb3bd9abfe15040f6126da75601807ba"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
3f7736cc61b1c92edc96ed2ff3fa151a
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
english-national-flag-union-jack-i135.jpg
gammel-no.malangenresort.com/wp-content/uploads/2020/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gammel-no.malangenresort.com/wp-content/uploads/2020/04/english-national-flag-union-jack-i135.jpg
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
0b10cad4435422e4e790f306f6bda2566225e9def8e847db1ec9ce187678851a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:04:28 GMT
server
nginx
accept-ranges
bytes
etag
"2ef0-5e188bbf5e8e5"
content-length
12016
content-type
image/jpeg
Logo-malangen-hvit-skygge-1.png
gammel-no.malangenresort.com/wp-content/uploads/2020/04/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gammel-no.malangenresort.com/wp-content/uploads/2020/04/Logo-malangen-hvit-skygge-1.png
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
f23c772ae34e0508bf15a0150a4bfe611ff5fb2804f549784dbaa81f7f37e441

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:04:28 GMT
server
nginx
accept-ranges
bytes
etag
"748f-5e188bbf75046"
content-length
29839
content-type
image/png
tchotel_2021_LL.png
static.tacdn.com/img2/travelers_choice/widgets/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tacdn.com/img2/travelers_choice/widgets/tchotel_2021_LL.png
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
deef6657c0831f5ede9e7245ea23da3fbd380b56dd2a32a56bfddcf730b02331

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 23 Feb 2023 02:38:19 GMT
via
1.1 varnish
expires
Thu, 16 Mar 2023 08:29:23 GMT
last-modified
Tue, 18 May 2021 06:00:26 GMT
server
envoy
age
756537
x-timer
S1677119900.824934,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
7660
x-served-by
cache-gnv1820023-GNV
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=332&locationId=1850706&lang=no&year=2021&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=332&locationId=1850706&lang=no&year=2021&display_version=2
272 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=332&locationId=1850706&lang=no&year=2021&display_version=2
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Server
23.60.5.78 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-5-78.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
267075c6577d089a2588b9f8815c9e7139b39aedf293cf6afe0da224bc327ff8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:20 GMT
content-encoding
gzip
server
envoy
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
247
expires
0

Redirect headers

x-cache-hits
0
date
Thu, 23 Feb 2023 02:38:19 GMT
via
1.1 varnish
x-cache
MISS
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-length
0
x-served-by
cache-fty21346-FTY
pragma
no-cache
server
envoy
x-timer
S1677119900.869433,VS0,VE71
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=332&locationId=1850706&lang=no&year=2021&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
IMG_4163-scaled.jpg
gammel-no.malangenresort.com/wp-content/uploads/2020/01/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gammel-no.malangenresort.com/wp-content/uploads/2020/01/IMG_4163-scaled.jpg
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
197c35e4639d70fa7f109326af6a9bcfa5aaff65dafa39664d85bddbeb20aad2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:05:10 GMT
server
nginx
accept-ranges
bytes
etag
"29b3a-5e188be6b7e0d"
content-length
170810
content-type
image/jpeg
lekcollage.png
gammel-no.malangenresort.com/wp-content/uploads/2020/05/ 		262 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gammel-no.malangenresort.com/wp-content/uploads/2020/05/lekcollage.png
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
55954ccd326c3cb70aaa31a9d8c70bb1243d214a13513c954da8ab93da4ae89a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:04:53 GMT
server
nginx
accept-ranges
bytes
etag
"4172a-5e188bd6c2e28"
content-length
268074
content-type
image/png
websma%CC%8Aba%CC%8At.jpg
gammel-no.malangenresort.com/wp-content/uploads/2020/03/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gammel-no.malangenresort.com/wp-content/uploads/2020/03/websma%CC%8Aba%CC%8At.jpg
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
a352348ba01cea37498b6df873a474f7221ec2f39b57607b41690f02a97514f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:06:51 GMT
server
nginx
accept-ranges
bytes
etag
"14d85-5e188c4724a53"
content-length
85381
content-type
image/jpeg
Nytt-Malangen-kart-lite.png
gammel-no.malangenresort.com/wp-content/uploads/2020/06/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gammel-no.malangenresort.com/wp-content/uploads/2020/06/Nytt-Malangen-kart-lite.png
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
e8fe80dbd7433912f588031e96c8b45248c6c9269c9f2034fb5a616c35071bcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cf-edge-cache
cache, platform=WordPress
date
Thu, 23 Feb 2023 02:38:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gammel-no.malangenresort.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
IMG_3159-scaled.jpg
gammel-no.malangenresort.com/wp-content/uploads/2020/06/ 		340 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gammel-no.malangenresort.com/wp-content/uploads/2020/06/IMG_3159-scaled.jpg
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
f866e163a8be1c9472e831567a1d6a0a9ea1281c4b78ac2ce9ebf9bff0499d8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:06:46 GMT
server
nginx
accept-ranges
bytes
etag
"551c6-5e188c42b6d8e"
content-length
348614
content-type
image/jpeg
dc2cce5a-f621-4b88-bd90-45ecfdc3d89e.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/dc2cce5a-f621-4b88-bd90-45ecfdc3d89e.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
1e1aab3496ffdc7bcc0da6a2f974eedbb3bacb70cbe84eaddc4d3bbd38d3c345

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:07:55 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=18468
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"c0e2ce0b119072442a87b2a492b85964"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
5b690ba058d612887224f199e4111d79
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
b6dd30a2-1744-4290-aaac-14219f3f4e32.js
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/b6dd30a2-1744-4290-aaac-14219f3f4e32.js
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
8db7f7a4799becd2d7581a62e7d91d94ce6e614ab0002a0b33639f68d278c743

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 17:59:19 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=20787
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"b5091c740da3c708e2c610a5624eda7e"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
29d22767eac93afb663b7b69be490643
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
7c4d68fd-e680-4b26-8008-c0cc931935ee.js
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		309 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/7c4d68fd-e680-4b26-8008-c0cc931935ee.js
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
78635e60f885a5b150602af226c001981d410daf72a2f774b9b40dae66491078

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 17:59:22 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=60.9%, origSize=3013
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"303737fb5d50abd5e9c0bf942e5099ce"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
fc8e9adbfef3320217f7f3e32198cc8c
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
23e23018-2ac3-471a-9594-bd48d8ea8a50.js
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/23e23018-2ac3-471a-9594-bd48d8ea8a50.js
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
0d95d3b2d94b7322b02b13971bc11dfed6b05d746377bfee0f310c8179dede18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 17:59:23 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=6406
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"fcb24ff1ef991def84c4abe5380a0eb0"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
ebbdf15302b9a4c1b1f7fa98d9df3e42
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
c3d0cc68-3f85-482f-829d-88a6da9ee4e3.js
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/c3d0cc68-3f85-482f-829d-88a6da9ee4e3.js
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
826ec6e0ef899bdb28570107d0dcdc9037d24439762e000b1c0d00ed607e863a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 17:59:24 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=20415
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"7b6ceccff32e478ba1437680d97c3083"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
5a3d1af6db0e7fa1fa55e8770758e3f6
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
848923ab-cfbe-42e7-853b-a9e49b2c70c5.js
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		360 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/848923ab-cfbe-42e7-853b-a9e49b2c70c5.js
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
1cc810fd33beefc013451115d231cf0d75bdada95de5faad1496cb83a7b4464b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 17:59:25 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=0.0%, origSize=139153
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"e3096bcb93fb9164b38cda4e2b1bbe2d"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control
public, max-age=31919000
cdn-requestid
c7c5801571bdfbfdb7436cbbfb1ef605
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
wp-emoji-release.min.js
gammel-no.malangenresort.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gammel-no.malangenresort.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/forside/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 04:14:01 GMT
server
nginx
etag
"4705-5e188de110eee-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4930
030e7ff8-ae31-4ae4-a814-84356664d77d.css
hb.wpmucdn.com/gammel-no.malangenresort.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/gammel-no.malangenresort.com/030e7ff8-ae31-4ae4-a814-84356664d77d.css
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
bd6454c4ff08897cad54ad2aba17cd6977c32a360a78be58927ba3b793b3084e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
cdn-edgestorageid
885
x-amz-server-side-encryption
AES256
cdn-cachedat
02/23/2023 02:38:19
cdn-pullzone
1101156
last-modified
Sun, 05 Feb 2023 20:07:56 GMT
server
BunnyCDN-NY1-885
x-amz-meta-hb-minify
minify=45.2%, origSize=2871
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"9b07f696b62a33b12ad2d8104e9fc5ed"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
35841855df4211f594d35aff17668b64
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87078307-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Feb 2023 00:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6655
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Feb 2023 02:47:24 GMT
gtm.js
www.googletagmanager.com/ 		131 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M9GGZ8W
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2fda5162e9e4e5f13ee00608eaed39db8b8eb38482c0503ba15f064ce87adcf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51667
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 01:33:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Feb 2023 02:38:19 GMT
Nordlys-Malangen-Buendia_2228.jpg
malangenresort.no/wp-content/uploads/2021/08/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malangenresort.no/wp-content/uploads/2021/08/Nordlys-Malangen-Buendia_2228.jpg
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/gammel-no.malangenresort.com/5f490590-273d-4b54-98cf-b3aa07cad442.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hb.wpmucdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
fa-solid-900.woff2
gammel-no.malangenresort.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gammel-no.malangenresort.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/gammel-no.malangenresort.com/c968f8f6-4eda-48c9-8f38-c219ce6dbbe7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://hb.wpmucdn.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:11:00 GMT
server
nginx
accept-ranges
bytes
etag
"13174-5e188d351e077"
content-length
78196
content-type
font/woff2
Inter-upright-var.woff2
gammel-no.malangenresort.com/wp-content/themes/twentytwenty/assets/fonts/inter/ 		219 KB
219 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gammel-no.malangenresort.com/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/gammel-no.malangenresort.com/53a40f51-bd38-4707-b306-b8d72d7e3bb8.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03

Request headers

Referer
https://hb.wpmucdn.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:07:22 GMT
server
nginx
accept-ranges
bytes
etag
"36a94-5e188c64c992a"
content-length
223892
content-type
font/woff2
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjord+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 17:49:30 GMT
x-content-type-options
nosniff
age
550129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 17:49:30 GMT
fa-brands-400.woff2
gammel-no.malangenresort.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gammel-no.malangenresort.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/gammel-no.malangenresort.com/c968f8f6-4eda-48c9-8f38-c219ce6dbbe7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:5b40:0:4a01:0:ebb2:1578:a4ed , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO),
Reverse DNS
Software
nginx /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://hb.wpmucdn.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:19 GMT
last-modified
Thu, 16 Jun 2022 04:11:00 GMT
server
nginx
accept-ranges
bytes
etag
"12bdc-5e188d351a1f6"
content-length
76764
content-type
font/woff2
zOL-4pbEnKBY_9S1jNKb7uRB.woff2
fonts.gstatic.com/s/fjordone/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjordone/v21/zOL-4pbEnKBY_9S1jNKb7uRB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjord+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd465a5a7af1dcd53b7bf21f370122e17d88c1b1b854d56fc1fd0aba43d01e59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 22:20:27 GMT
x-content-type-options
nosniff
age
533872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16148
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:55:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 22:20:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjord+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 19:21:47 GMT
x-content-type-options
nosniff
age
26192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 19:21:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjord+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 02:38:09 GMT
x-content-type-options
nosniff
age
518410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 02:38:09 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjord+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gammel-no.malangenresort.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 23:48:05 GMT
x-content-type-options
nosniff
age
96614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Feb 2024 23:48:05 GMT
/
www.googleadservices.com/pagead/conversion/gammel-no.malangenresort.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/gammel-no.malangenresort.com/?random=1677119899880&cv=11&fst=1677119899880&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=gammel-no.malangenresort.com&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgammel-no.malangenresort.com%2Fforside%2F&tiba=Malangen%20Resort%20%E2%80%A2%20Hotell%20%E2%80%A2%20Rorbu%20%E2%80%A2%20Aktiviteter%20%E2%80%A2%20Restaurant%20%E2%80%A2%20Ved%20sj%C3%B8en%20%E2%80%A2&value=0&bttype=purchase&auid=1934816293.1677119900&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9GGZ8W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
7df5aba4e6ad43e9b13322dae71146ba91f5ce8701deca8f51106c94c90bd2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 01:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 23 Feb 2023 02:55:06 GMT
collect
www.google-analytics.com/j/ 		1 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=895691159&t=pageview&_s=1&dl=https%3A%2F%2Fgammel-no.malangenresort.com%2Fforside%2F&ul=en-us&de=UTF-8&dt=Malangen%20Resort%20%E2%80%A2%20Hotell%20%E2%80%A2%20Rorbu%20%E2%80%A2%20Aktiviteter%20%E2%80%A2%20Restaurant%20%E2%80%A2%20Ved%20sj%C3%B8en%20%E2%80%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAACAAI~&jid=1100441034&gjid=1608388950&cid=1701861227.1677119900&tid=UA-87078307-3&_gid=463089798.1677119900&_r=1&gtm=457e32f0&did=dZGIzZG&gdid=dZGIzZG&z=1170393344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gammel-no.malangenresort.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gammel-no.malangenresort.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/gammel-no.malangenresort.com/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/gammel-no.malangenresort.com/?random=910235542&cv=11&fst=1677119899880&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&labe...
  • https://www.google.com/pagead/1p-conversion/gammel-no.malangenresort.com/?random=910235542&cv=11&fst=1677119899880&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=gammel-no.malangenr...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/gammel-no.malangenresort.com/?random=910235542&cv=11&fst=1677119899880&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=gammel-no.malangenresort.com&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgammel-no.malangenresort.com%2Fforside%2F&tiba=Malangen%20Resort%20%E2%80%A2%20Hotell%20%E2%80%A2%20Rorbu%20%E2%80%A2%20Aktiviteter%20%E2%80%A2%20Restaurant%20%E2%80%A2%20Ved%20sj%C3%B8en%20%E2%80%A2&value=0&auid=1934816293.1677119900&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVlBXzl1dUxuaWY2SkdDRGhuLTREdGNoRW00emFZNUhQWHZCNkV5Qng0b0VvTEhKVU03dkEaWENoQUlnSmZYbndZUXY1ZXg0SlAzZzVkLUVpNEFTTmtkRXNsY3VYd25HaDRLdDBXZm80V3lIdWJLUzY1bm53OWRiTWo2enVFN3NpRmp2dlVTOWxGb1MwVmw&is_vtc=1&ocp_id=nNH2Y4O5Bd6boPMP26Kk-AU&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dI9jXnrbbzUzIURHaM2QKFgS4vsIDuzY1A&random=1305389300
Requested by
Host: gammel-no.malangenresort.com
URL: https://gammel-no.malangenresort.com/forside/
Protocol
H2
Server
2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/gammel-no.malangenresort.com/?random=910235542&cv=11&fst=1677119899880&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=gammel-no.malangenresort.com&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgammel-no.malangenresort.com%2Fforside%2F&tiba=Malangen%20Resort%20%E2%80%A2%20Hotell%20%E2%80%A2%20Rorbu%20%E2%80%A2%20Aktiviteter%20%E2%80%A2%20Restaurant%20%E2%80%A2%20Ved%20sj%C3%B8en%20%E2%80%A2&value=0&auid=1934816293.1677119900&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0pmWG53WVFyNm5jcmRfczVmTU9FaVlBXzl1dUxuaWY2SkdDRGhuLTREdGNoRW00emFZNUhQWHZCNkV5Qng0b0VvTEhKVU03dkEaWENoQUlnSmZYbndZUXY1ZXg0SlAzZzVkLUVpNEFTTmtkRXNsY3VYd25HaDRLdDBXZm80V3lIdWJLUzY1bm53OWRiTWo2enVFN3NpRmp2dlVTOWxGb1MwVmw&is_vtc=1&ocp_id=nNH2Y4O5Bd6boPMP26Kk-AU&eitems=ChAIgJfXnwYQtu3Up4jogZgvEh0APW45dI9jXnrbbzUzIURHaM2QKFgS4vsIDuzY1A&random=1305389300
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/gammel-no.malangenresort.com/1e7377f2-fe64-4b95-89f5-dae742219128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 23 Feb 2023 02:38:20 GMT
WidgetEmbed-certificateOfExcellence
no.tripadvisor.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://no.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2021&locationId=1850706&display_version=2&uniq=332&lang=no
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=332&locationId=1850706&lang=no&year=2021&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.5.78 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-5-78.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
93a3914a02d8eda623efd93f8126290771b764b3f9bdd9053216baffeb25d999

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:20 GMT
content-encoding
gzip
server
envoy
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-datadome
protected
vary
User-Agent,Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-language
nb
content-type
text/javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
timing-allow-origin
https://www.tripadvisor.com
content-length
3152
expires
0
www-widgetapi.js
www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
55640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62469
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 01:14:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 22 Feb 2024 11:11:00 GMT
t4b_widget_coe-v2381509749a.css
static.tacdn.com/css2/build/concat/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
Requested by
Host: no.tripadvisor.com
URL: https://no.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2021&locationId=1850706&display_version=2&uniq=332&lang=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits
362
date
Thu, 23 Feb 2023 02:38:20 GMT
content-encoding
gzip
via
1.1 varnish
age
3533816
x-cache
HIT
content-length
2213
x-served-by
cache-gnv1820023-GNV
last-modified
Thu, 12 Jan 2023 12:29:38 GMT
server
envoy
x-timer
S1677119901.859245,VS0,VE0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 05:01:25 GMT
cdswidgets_min-c-v2395114504a.js
static.tacdn.com/js3/build/concat/widget/ 		2 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
Requested by
Host: no.tripadvisor.com
URL: https://no.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2021&locationId=1850706&display_version=2&uniq=332&lang=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gammel-no.malangenresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits
536
date
Thu, 23 Feb 2023 02:38:20 GMT
content-encoding
gzip
via
1.1 varnish
age
3181124
x-cache
HIT
content-length
647
x-served-by
cache-gnv1820023-GNV
last-modified
Thu, 12 Jan 2023 12:29:37 GMT
server
envoy
x-timer
S1677119901.859333,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 06:59:36 GMT
ytFzp8yXLho
www.youtube.com/embed/ Frame 6132 		71 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d22a1abd12c6205ae9d890c4c27733f2a787fea1dd4ffa1805b88ef37e84be37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gammel-no.malangenresort.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 02:38:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/11e3a4ec/ Frame 6132 		396 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11e3a4ec/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8440f93ed627785a58ee317f66bd4b18f396950ef01b0b39cde0e9d06da682bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:44:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
557640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52107
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 01:14:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Feb 2024 15:44:22 GMT
www-embed-player.js
www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/ Frame 6132 		345 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1689ed1edf0cfc921cffd974de2ca2f00120ec12ec5fff99b6dbc23226ce8729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:44:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
557640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 01:14:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Feb 2024 15:44:22 GMT
base.js
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/ Frame 6132 		2 MB
602 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82c38300d40913d85cd8df77bc626ecda76d294013a4ae77acfc5e3182c480e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:44:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
557640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616656
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 01:14:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Feb 2024 15:44:22 GMT
fetch-polyfill.js
www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/ Frame 6132 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 18:33:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
547465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 01:14:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Feb 2024 18:33:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6132 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 06:19:01 GMT
x-content-type-options
nosniff
age
505161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 06:19:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6132 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 19:06:33 GMT
x-content-type-options
nosniff
age
27109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 19:06:33 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 6132
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H3
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b119164d28a0aac3aa4ff86d346d5193d347fabbcfd6d5b06972309fb0c55f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Feb 2023 02:38:23 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 6132 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:23:27 GMT
x-content-type-options
nosniff
age
896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Feb 2023 02:38:27 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 23 Feb 2023 02:38:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
initplayback
redirector.googlevideo.com/ Frame 6132 		553 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=2001%3A550%3A1d05%3A1%3A0%3A0%3A0%3A7&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQ3MjQ1Ng&rxtags=Cg4KAnR4EggyNDQ3MjQ1MA%2CCg4KAnR4EggyNDQ3MjQ1MQ%2CCg4KAnR4EggyNDQ3MjQ1Mg%2CCg4KAnR4EggyNDQ3MjQ1Mw%2CCg4KAnR4EggyNDQ3MjQ1NA%2CCg4KAnR4EggyNDQ3MjQ1NQ%2CCg4KAnR4EggyNDQ3MjQ1Ng&alr=yes&id=11007
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ClientMapServer /
Resource Hash
cedc0ab46c19bf7d729e8f14c695e5dd51236ceeac19200bf5f8be14e46dc0b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://www.youtube.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6132 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09ce4efa7094c80afce22534013cea735e7f29db11b5fe4441fd7fd5bc6d3729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 23 Feb 2023 02:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30648
x-xss-protection
0
embed.js
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/ Frame 6132 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84b7106e37647df7ea5d2baabce7be9e90586eb898f182f6cca09933b54998e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:44:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
557640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8344
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 01:14:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Feb 2024 15:44:23 GMT
truncated
/ Frame 6132 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJX6KvoqHxTPHvJLN8FKLIOtOb-vxYCjbquMNOA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6132 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJX6KvoqHxTPHvJLN8FKLIOtOb-vxYCjbquMNOA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
606b8f05adf60e8d7eb498f25e1905ef9136e1db09fbeec2f41836d9371669ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:23 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2188
x-xss-protection
0
server
fife
etag
"v8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 23 Feb 2023 20:05:20 GMT
maxresdefault.jpg
i.ytimg.com/vi/ytFzp8yXLho/ Frame 6132 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ytFzp8yXLho/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGEQgTChlMA8=&rs=AOn4CLCRo5X6gSE8xU-Jfy8KD9F4uMcwXw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2016 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7e848d96d29691d2c56df008421c1542bfb2875aa147a5d86d8f1e9b1bf8191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:23 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42255
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 23 Feb 2023 04:38:23 GMT
initplayback
redirector.googlevideo.com/ Frame 6132 		553 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=2001%3A550%3A1d05%3A1%3A0%3A0%3A0%3A7&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQ3MjQ1Ng&rxtags=Cg4KAnR4EggyNDQ3MjQ1MA%2CCg4KAnR4EggyNDQ3MjQ1MQ%2CCg4KAnR4EggyNDQ3MjQ1Mg%2CCg4KAnR4EggyNDQ3MjQ1Mw%2CCg4KAnR4EggyNDQ3MjQ1NA%2CCg4KAnR4EggyNDQ3MjQ1NQ%2CCg4KAnR4EggyNDQ3MjQ1Ng&alr=yes&id=61190
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ClientMapServer /
Resource Hash
654f3d35af279e1568d8643aa7d09018f88d5986a8cb49f12a5fabb81ba0c587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://www.youtube.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
initplayback
r5---sn-5uaeznle.googlevideo.com/ Frame 6132 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-5uaeznle.googlevideo.com/initplayback?source=youtube&oeis=1&ip=2001%3A550%3A1d05%3A1%3A0%3A0%3A0%3A7&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQ3MjQ1Ng&rxtags=Cg4KAnR4EggyNDQ3MjQ1MA%2CCg4KAnR4EggyNDQ3MjQ1MQ%2CCg4KAnR4EggyNDQ3MjQ1Mg%2CCg4KAnR4EggyNDQ3MjQ1Mw%2CCg4KAnR4EggyNDQ3MjQ1NA%2CCg4KAnR4EggyNDQ3MjQ1NQ%2CCg4KAnR4EggyNDQ3MjQ1Ng&ms=au&id=cad173a7cc972e1a&cpn=RST6cseVWdUxRjui&opr=1&por=1&pvi=337,336,335,315,308,303,302,299,298,399,398,397,396,395,394,313,271,248,247,244,243,242,137,136,135,134,133,160&pai=140,251,250&rn=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:4::a Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
f320535f23713bc85ca19b5642bdaecb4967c0cc1348f8697c2436bca29c2c1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

expires
Fri, 24 Feb 2023 02:38:23 GMT
date
Thu, 23 Feb 2023 02:38:23 GMT
x-content-type-options
nosniff
server
gvs 1.0
vary
Origin
content-type
application/vnd.yt-ump
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
public, max-age=86400
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client-protocol
quic
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6132 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9bac0edc4576a7b29afa7331c72e605a8936574c9eea48226528ba61bed79aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 23 Feb 2023 02:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 23 Feb 2023 02:38:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
get
www.youtube.com/youtubei/v1/att/ Frame 6132 		20 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
b3fba8cf736d62f3143a4d5d2c9e231a3a21466981e193e97168a7d4920b7ceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20230215.01.00
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D

Response headers

date
Thu, 23 Feb 2023 02:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14835
x-xss-protection
0
mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js
www.google.com/js/th/ Frame 6132 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 00:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
6340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14113
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 00:52:44 GMT
generate_204
www.youtube.com/ Frame 6132 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?5m53wA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
qoe
www.youtube.com/api/stats/ Frame 6132 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=136&afmt=251&cpn=RST6cseVWdUxRjui&el=embedded&ns=yt&fexp=23848211%2C23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24408375%2C24415864%2C24416291%2C24421758%2C24439360%2C24450367%2C24451032%2C24467964%2C24472456%2C24474808%2C24481213%2C39323075&cl=509820939&seq=1&docid=ytFzp8yXLho&ei=n9H2Y8GULt6Ky_sPx-2G6AE&event=streamingstats&plid=AAX1VOgdCHcNZ9CY&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FytFzp8yXLho%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fgammel-no.malangenresort.com%26widgetid%3D1&cbr=Chrome&cbrver=110.0.5481.100&c=WEB_EMBEDDED_PLAYER&cver=1.20230215.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.011:B,0.014:S,1.240:S,1.240:S&cmt=0.011:0.000,0.014:0.000,1.240:0.000&afs=1.240:251::i&vfs=1.240:136:136::r&view=1.240:2065:1162&bwe=1.240:95753&bat=1.240:1:1&vis=1.240:0&bh=1.240:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-YouTube-Client-Version
1.20230215.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D
X-YouTube-Ad-Signals
dt=1677119903253&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2065%2C1162&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:24 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
endscreen.js
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/ Frame 6132 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5614a2336d6c7857be1049a807179334967b8a0f3f05cd0c1ae0f15db334f888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 15:44:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
557641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8894
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 01:14:03 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Feb 2024 15:44:23 GMT
videoplayback
rr1---sn-5ualdnl7.googlevideo.com/ Frame 6132 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-5ualdnl7.googlevideo.com/videoplayback?expire=1677141503&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANagoR4W1qkKU2la1RnbE8jFq3LA5JOZdDA4KDxqR7nC&itag=134&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=Gs&mm=31%2C29&mn=sn-5ualdnl7%2Csn-5uaeznle&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2596250&spc=H3gIhqI7niDCTXF-TygaaghAWKTqXHQ67bTjiCYq4n5rextzcw&vprv=1&mime=video%2Fmp4&ns=1vZDaDCjnr_sPAHHJF0wRDwL&gir=yes&clen=1014501&dur=14.760&lmt=1664752328382930&mt=1677119579&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=MtTutNTDv5NO8Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgeGxVIe7cDto0mSJQa6n4heaExfh052jfwpFpA8EFfrMCIB3qCs-_VQJpHDUqSEJH5YLkvitaItTRG1gSzFZGDdXs&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBym0jMcz9Xf9eyA1WPM_xVP2-4sEvjtaUM-fhJXKx_ECIQCr-qZb1tG2BFn45fiNNpFAoMfNTebAIcwYNY9rt1W3mg%3D%3D&alr=yes&cpn=RST6cseVWdUxRjui&cver=1.20230215.01.00&range=0-808&rn=2&rbuf=0&pot=D_x4UOEtyi9r_EB5HpcP2yPDdYEk5UBJDxQOs1_lHmVVrqmwRPyc7ndlrEEj830lYbc9tjKuvVxRxAdtNzHhDI7Wv_cwltETwArVP94NsfurwhpJAARjwnDsH8uY0pbMiNXl4Gc=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002::6 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e86431150dec287f1e7c8c2ea05badef179d2202be06c580e08f05caee5bc5fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 23 Feb 2023 02:38:24 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1206
last-modified
Wed, 02 May 2007 10:26:10 GMT
server
gvs 1.0
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 23 Feb 2023 02:38:24 GMT
next
www.youtube.com/youtubei/v1/ Frame 6132 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
27e063687e3e61b59863f43b451096a6dad69213551689ebde27266fb281a6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20230215.01.00
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D

Response headers

date
Thu, 23 Feb 2023 02:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2242
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 6132 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Goog-Request-Time
1677119904797
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-YouTube-Client-Version
1.20230215.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D
X-YouTube-Ad-Signals
dt=1677119903104&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2065%2C1162&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 23 Feb 2023 02:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
playback
www.youtube.com/api/stats/ Frame 6132 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=RST6cseVWdUxRjui&ver=2&cmt=0.019&fmt=136&fs=0&rt=1.396&euri=https%3A%2F%2Fgammel-no.malangenresort.com%2F&lact=1203&cl=509820939&mos=1&volume=100&cbr=Chrome&cbrver=110.0.5481.100&c=WEB_EMBEDDED_PLAYER&cver=1.20230215.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=en_US&cr=US&len=14.781&fexp=23848211%2C23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24408375%2C24415864%2C24416291%2C24421758%2C24439360%2C24450367%2C24451032%2C24467964%2C24472456%2C24474808%2C24481213%2C39323075&rtn=3&afmt=251&size=2065%3A1162&inview=0&muted=1&docid=ytFzp8yXLho&ei=n9H2Y8GULt6Ky_sPx-2G6AE&plid=AAX1VOgdCHcNZ9CY&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FytFzp8yXLho%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fgammel-no.malangenresort.com%26widgetid%3D1&of=wbAUJoLFDaeeOSJrHXH1sg&vm=CAEQABgEOjJBRlNkMkZ1TTVSZVNzRzNESklzSlZfNV9JUGotWHZXQWNGWkZYMkNlVlJSazJzekx0QWJTQVBta0tESWp5TjZsM0JNNGRhWWdXcmJOTExDZ1YtZkZoaXRSY2NCSkVGdGRXQVd2R2tQZVZyWWRlSXJ2RUc3YW5zRHlMR0E5S1ZSWHRvdkQ3a3doAQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-YouTube-Client-Version
1.20230215.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D
X-YouTube-Ad-Signals
dt=1677119903253&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2065%2C1162&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:24 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame 6132 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=ytFzp8yXLho&cpn=RST6cseVWdUxRjui&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ptk=youtube_none&pltype=contentugc
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-YouTube-Client-Version
1.20230215.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D
X-YouTube-Ad-Signals
dt=1677119903253&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2065%2C1162&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:24 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr1---sn-5ualdnl7.googlevideo.com/ Frame 6132 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-5ualdnl7.googlevideo.com/videoplayback?expire=1677141503&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANagoR4W1qkKU2la1RnbE8jFq3LA5JOZdDA4KDxqR7nC&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=Gs&mm=31%2C29&mn=sn-5ualdnl7%2Csn-5uaeznle&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2596250&spc=H3gIhqI7niDCTXF-TygaaghAWKTqXHQ67bTjiCYq4n5rextzcw&vprv=1&mime=video%2Fmp4&ns=1vZDaDCjnr_sPAHHJF0wRDwL&gir=yes&clen=3592635&dur=14.760&lmt=1664752327623225&mt=1677119579&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=MtTutNTDv5NO8Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMrXZ69SgoeIV49yIbuqyk8N667SQuRwNHYD_YNu-dFrAiAsWJuLVBPf631w6FfclWrhahmv7-DVhuwUtR_NlE-6sw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBym0jMcz9Xf9eyA1WPM_xVP2-4sEvjtaUM-fhJXKx_ECIQCr-qZb1tG2BFn45fiNNpFAoMfNTebAIcwYNY9rt1W3mg%3D%3D&alr=yes&cpn=RST6cseVWdUxRjui&cver=1.20230215.01.00&range=1128571-2496940&rn=3&rbuf=5120&pot=D_x4UOEtyi9r_EB5HpcP2yPDdYEk5UBJDxQOs1_lHmVVrqmwRPyc7ndlrEEj830lYbc9tjKuvVxRxAdtNzHhDI7Wv_cwltETwArVP94NsfurwhpJAARjwnDsH8uY0pbMiNXl4Gc=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002::6 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
f8d7360ac7b9443039a013bebbbbe4e66aec84d6416f687f950bf7b7ffcef907
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 23 Feb 2023 02:38:24 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1234
last-modified
Wed, 02 May 2007 10:26:10 GMT
server
gvs 1.0
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 23 Feb 2023 02:38:24 GMT
AL5GRJX6KvoqHxTPHvJLN8FKLIOtOb-vxYCjbquMNOA=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6132 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJX6KvoqHxTPHvJLN8FKLIOtOb-vxYCjbquMNOA=s88-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8f277db62484c8ca172689087de722bae34633e365439b82cd1326b9ec7a2bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 02:38:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3002
x-xss-protection
0
expires
Fri, 24 Feb 2023 02:38:25 GMT
videoplayback
rr1---sn-5ualdnl7.googlevideo.com/ Frame 6132 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-5ualdnl7.googlevideo.com/videoplayback?expire=1677141503&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANagoR4W1qkKU2la1RnbE8jFq3LA5JOZdDA4KDxqR7nC&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=Gs&mm=31%2C29&mn=sn-5ualdnl7%2Csn-5uaeznle&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2596250&spc=H3gIhqI7niDCTXF-TygaaghAWKTqXHQ67bTjiCYq4n5rextzcw&vprv=1&mime=video%2Fmp4&ns=1vZDaDCjnr_sPAHHJF0wRDwL&gir=yes&clen=3592635&dur=14.760&lmt=1664752327623225&mt=1677119579&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=MtTutNTDv5NO8Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMrXZ69SgoeIV49yIbuqyk8N667SQuRwNHYD_YNu-dFrAiAsWJuLVBPf631w6FfclWrhahmv7-DVhuwUtR_NlE-6sw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBym0jMcz9Xf9eyA1WPM_xVP2-4sEvjtaUM-fhJXKx_ECIQCr-qZb1tG2BFn45fiNNpFAoMfNTebAIcwYNY9rt1W3mg%3D%3D&alr=yes&cpn=RST6cseVWdUxRjui&cver=1.20230215.01.00&range=1128571-2496940&rn=4&rbuf=5120&pot=D_x4UOEtyi9r_EB5HpcP2yPDdYEk5UBJDxQOs1_lHmVVrqmwRPyc7ndlrEEj830lYbc9tjKuvVxRxAdtNzHhDI7Wv_cwltETwArVP94NsfurwhpJAARjwnDsH8uY0pbMiNXl4Gc=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002::6 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
8c0923ebaab3b7f422c6153a76bb8baf429111b0ccc48fa4e1dfb7d74de37368
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 23 Feb 2023 02:38:25 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1234
last-modified
Wed, 02 May 2007 10:26:10 GMT
server
gvs 1.0
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21298
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 23 Feb 2023 02:38:25 GMT
videoplayback
rr3---sn-vgqsrned.googlevideo.com/ Frame 6132 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-vgqsrned.googlevideo.com/videoplayback?expire=1677141503&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANagoR4W1qkKU2la1RnbE8jFq3LA5JOZdDA4KDxqR7nC&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=H3gIhqI7niDCTXF-TygaaghAWKTqXHQ67bTjiCYq4n5rextzcw&vprv=1&mime=video%2Fmp4&ns=1vZDaDCjnr_sPAHHJF0wRDwL&gir=yes&clen=3592635&dur=14.760&lmt=1664752327623225&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=MtTutNTDv5NO8Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMrXZ69SgoeIV49yIbuqyk8N667SQuRwNHYD_YNu-dFrAiAsWJuLVBPf631w6FfclWrhahmv7-DVhuwUtR_NlE-6sw%3D%3D&alr=yes&cpn=RST6cseVWdUxRjui&cver=1.20230215.01.00&redirect_counter=1&cm2rm=sn-5uayz7e&cms_redirect=yes&cmsv=e&mh=Gs&mm=34&mn=sn-vgqsrned&ms=ltu&mt=1677119065&mv=u&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK6Pqt3yPXK3uZcb7iHTGfHHTcJMs07wXd0xK_Ao5y7iAiEAx8GxwLG7K_tQutoPxNGWNfBum05N7Y-SToGPXqPJSxk%3D&range=1128571-2390293&rn=5&rbuf=4955&pot=D_x4UOEtyi9r_EB5HpcP2yPDdYEk5UBJDxQOs1_lHmVVrqmwRPyc7ndlrEEj830lYbc9tjKuvVxRxAdtNzHhDI7Wv_cwltETwArVP94NsfurwhpJAARjwnDsH8uY0pbMiNXl4Gc=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4017:35::8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9b6148bb74a0cd566a9c06a00d58a259205ffbe174acbf7e46b6d145bd5f924c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 23 Feb 2023 02:38:25 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1261723
last-modified
Sun, 02 Oct 2022 23:12:07 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21298
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 23 Feb 2023 02:38:25 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 6132 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-Goog-Request-Time
1677119905886
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-YouTube-Client-Version
1.20230215.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D
X-YouTube-Ad-Signals
dt=1677119903104&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2065%2C1162&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 23 Feb 2023 02:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
videoplayback
rr3---sn-vgqsrned.googlevideo.com/ Frame 6132 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-vgqsrned.googlevideo.com/videoplayback?expire=1677141503&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANagoR4W1qkKU2la1RnbE8jFq3LA5JOZdDA4KDxqR7nC&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=H3gIhqI7niDCTXF-TygaaghAWKTqXHQ67bTjiCYq4n5rextzcw&vprv=1&mime=video%2Fmp4&ns=1vZDaDCjnr_sPAHHJF0wRDwL&gir=yes&clen=3592635&dur=14.760&lmt=1664752327623225&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=MtTutNTDv5NO8Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAMrXZ69SgoeIV49yIbuqyk8N667SQuRwNHYD_YNu-dFrAiAsWJuLVBPf631w6FfclWrhahmv7-DVhuwUtR_NlE-6sw%3D%3D&alr=yes&cpn=RST6cseVWdUxRjui&cver=1.20230215.01.00&redirect_counter=1&cm2rm=sn-5uayz7e&cms_redirect=yes&cmsv=e&mh=Gs&mm=34&mn=sn-vgqsrned&ms=ltu&mt=1677119065&mv=u&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK6Pqt3yPXK3uZcb7iHTGfHHTcJMs07wXd0xK_Ao5y7iAiEAx8GxwLG7K_tQutoPxNGWNfBum05N7Y-SToGPXqPJSxk%3D&range=2390294-3592634&rn=6&rbuf=7988&pot=D_x4UOEtyi9r_EB5HpcP2yPDdYEk5UBJDxQOs1_lHmVVrqmwRPyc7ndlrEEj830lYbc9tjKuvVxRxAdtNzHhDI7Wv_cwltETwArVP94NsfurwhpJAARjwnDsH8uY0pbMiNXl4Gc=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4017:35::8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1cad64a20248fa90b4c5107438d4e38ada64fec5259871f6ebad572c285fa179
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 23 Feb 2023 02:38:26 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1202341
last-modified
Sun, 02 Oct 2022 23:12:07 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21297
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 23 Feb 2023 02:38:26 GMT
watchtime
www.youtube.com/api/stats/ Frame 6132 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=RST6cseVWdUxRjui&ver=2&cmt=1.605&fmt=136&fs=0&rt=3.001&euri=https%3A%2F%2Fgammel-no.malangenresort.com%2F&lact=2809&cl=509820939&state=playing&volume=100%2C100&cbr=Chrome&cbrver=110.0.5481.100&c=WEB_EMBEDDED_PLAYER&cver=1.20230215.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=US&len=15&rtn=13&afmt=251&idpj=-9&ldpj=-5&rti=3&size=2065%3A1162&inview=0&st=0%2C0.102&et=0.019%2C1.605&muted=1%2C1&docid=ytFzp8yXLho&ei=n9H2Y8GULt6Ky_sPx-2G6AE&plid=AAX1VOgdCHcNZ9CY&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FytFzp8yXLho%3Fcontrols%3D0%26rel%3D0%26playsinline%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fgammel-no.malangenresort.com%26widgetid%3D1&of=wbAUJoLFDaeeOSJrHXH1sg&vm=CAEQABgEOjJBRlNkMkZ1TTVSZVNzRzNESklzSlZfNV9JUGotWHZXQWNGWkZYMkNlVlJSazJzekx0QWJTQVBta0tESWp5TjZsM0JNNGRhWWdXcmJOTExDZ1YtZkZoaXRSY2NCSkVGdGRXQVd2R2tQZVZyWWRlSXJ2RUc3YW5zRHlMR0E5S1ZSWHRvdkQ3a3doAQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ytFzp8yXLho?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fgammel-no.malangenresort.com&widgetid=1
X-YouTube-Client-Version
1.20230215.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtoNERVaDRJUUk2RSido9ufBg%3D%3D
X-YouTube-Ad-Signals
dt=1677119903253&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2065%2C1162&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 02:38:26 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr1---sn-5ualdnl7.googlevideo.com/ Frame 6132 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-5ualdnl7.googlevideo.com/videoplayback?expire=1677141503&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANagoR4W1qkKU2la1RnbE8jFq3LA5JOZdDA4KDxqR7nC&itag=251&source=youtube&requiressl=yes&mh=Gs&mm=31%2C29&mn=sn-5ualdnl7%2Csn-5uaeznle&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2596250&spc=H3gIhqI7niDCTXF-TygaaghAWKTqXHQ67bTjiCYq4n5rextzcw&vprv=1&mime=audio%2Fwebm&ns=1vZDaDCjnr_sPAHHJF0wRDwL&gir=yes&clen=6970&dur=14.781&lmt=1664752302915312&mt=1677119579&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=MtTutNTDv5NO8Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgbY0ICsbagBRrBUR1K6goV1j9hXDmdISUfJVBqyEhNDkCIQCV5Lo2ZGiyxmgpSlnPTD27Cbt7V4qZpriubm79Mk5O8g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgBym0jMcz9Xf9eyA1WPM_xVP2-4sEvjtaUM-fhJXKx_ECIQCr-qZb1tG2BFn45fiNNpFAoMfNTebAIcwYNY9rt1W3mg%3D%3D&alr=yes&cpn=RST6cseVWdUxRjui&cver=1.20230215.01.00&range=4801-6969&rn=7&rbuf=7992&pot=D_x4UOEtyi9r_EB5HpcP2yPDdYEk5UBJDxQOs1_lHmVVrqmwRPyc7ndlrEEj830lYbc9tjKuvVxRxAdtNzHhDI7Wv_cwltETwArVP94NsfurwhpJAARjwnDsH8uY0pbMiNXl4Gc=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002::6 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5bc9de742fce019e00d91844426ade36c5fef8b6d54259944301cae161eb15a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 23 Feb 2023 02:38:26 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1195
last-modified
Wed, 02 May 2007 10:26:10 GMT
server
gvs 1.0
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21297
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 23 Feb 2023 02:38:26 GMT
videoplayback
rr3---sn-vgqsrned.googlevideo.com/ Frame 6132 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-vgqsrned.googlevideo.com/videoplayback?expire=1677141503&ei=n9H2Y8GULt6Ky_sPx-2G6AE&ip=2001%3A550%3A1d05%3A1%3A%3A7&id=o-ANagoR4W1qkKU2la1RnbE8jFq3LA5JOZdDA4KDxqR7nC&itag=251&source=youtube&requiressl=yes&spc=H3gIhqI7niDCTXF-TygaaghAWKTqXHQ67bTjiCYq4n5rextzcw&vprv=1&mime=audio%2Fwebm&ns=1vZDaDCjnr_sPAHHJF0wRDwL&gir=yes&clen=6970&dur=14.781&lmt=1664752302915312&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=MtTutNTDv5NO8Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgbY0ICsbagBRrBUR1K6goV1j9hXDmdISUfJVBqyEhNDkCIQCV5Lo2ZGiyxmgpSlnPTD27Cbt7V4qZpriubm79Mk5O8g%3D%3D&alr=yes&cpn=RST6cseVWdUxRjui&cver=1.20230215.01.00&redirect_counter=1&cm2rm=sn-5uayz7e&cms_redirect=yes&cmsv=e&mh=Gs&mm=34&mn=sn-vgqsrned&ms=ltu&mt=1677119065&mv=u&mvi=3&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPMOZCJLEJA8HbJby_FiAaG5ReYS6HxFyG_5UZ1-XL6FAiEAo8AETfTeXDvjKx4lyubEGzK_mUKV_VhCj90Au7S-Fok%3D&range=4801-6969&rn=8&rbuf=7679&pot=D_x4UOEtyi9r_EB5HpcP2yPDdYEk5UBJDxQOs1_lHmVVrqmwRPyc7ndlrEEj830lYbc9tjKuvVxRxAdtNzHhDI7Wv_cwltETwArVP94NsfurwhpJAARjwnDsH8uY0pbMiNXl4Gc=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4017:35::8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e46cc4ccc20fc1161e70f180cd39aca49e9e8fcad3190879017bc811099e5808
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 23 Feb 2023 02:38:27 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2169
last-modified
Sun, 02 Oct 2022 23:11:42 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21296
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 23 Feb 2023 02:38:27 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange string| gtm4wp_datalayer_name object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| dateFormat undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| monsterinsights_frontend object| mecdata object| FullCalendar object| mecSingleEventDisplayer undefined| mec_search_callback1 undefined| mec_search_callback2 function| mec_gateway_selected function| mec_wrap_resize function| get_parameter_by_name object| mec_g_month_id function| mecFocusDay function| mec_focus_week function| mec_book_form_submit function| mec_book_form_back_btn_cache function| mec_agreement_change function| mec_book_form_back_btn_click function| gmapSkin function| mecFluentSinglePage function| mecFluentFullCalendar function| mecFluentSmartFilterIcon function| mecFluentMoreViewsContent function| mecFluentWrapperFullScreenWidth function| mecFluentUI function| mecFluentCurrentTimePosition function| mecFluentNiceSelect function| mecFluentCustomScrollbar function| mecFluentTimeTableUI function| mecFluentSliderUI function| mecFluentToggleFilterContent function| mecFluentToggoleDisplayValueFilterContent function| mecFluentToggleMoreEvents function| mecFluentOutsideEvent function| mecFluentYearlyCalendar function| mecFluentYearlyUI string| datepicker_format function| mec_location_toggle function| mec_organizer_toggle function| mec_repeat_toggle function| mec_repeat_type_toggle function| mec_in_days_remove function| mec_not_in_days_remove function| mec_bookings_unlimited_toggle function| mec_hourly_schedule_add_day_listener function| mec_hourly_schedule_listeners function| mec_hourly_schedule_remove function| mec_hourly_schedule_day_remove function| mec_ticket_remove function| mec_set_event_color function| mec_remove_fee function| mec_remove_ticket_variation function| add_variation_per_ticket function| mec_reg_fields_option_listeners function| mec_reg_fields_option_remove function| mec_reg_fields_remove function| mec_handle_add_price_date_button function| mec_ticket_price_remove function| mec_event_fields_option_listeners function| mec_event_fields_option_remove function| mec_event_fields_remove function| mec_bfixed_fields_option_listeners function| mec_bfixed_fields_option_remove function| mec_bfixed_fields_remove function| mec_additional_organizers_listeners function| mec_additional_organizers_remove function| MonsterInsights object| MonsterInsightsObject object| CLI_Cookie object| CLI object| cliBlocker object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents function| Base function| FlipClock object| NiceScroll object| FullCalendarVDom string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| dataLayer_content object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| monthlyCalendarUI function| customScrollbar function| lity function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| imagesLoaded object| wp object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorProFrontend function| Waypoint object| elementorFrontendConfig function| Swiper function| ShareLink object| DialogsManager object| elementorFrontend function| Sticky string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| newSS object| newJs function| checkHomePageLink function| injectcertificateOfExcellence5009 function| taOnLoad object| taValList number| taValIndex function| taValidate function| taAddValidator object| ta object| twemoji object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| ii function| fname object| hasNoFollow

11 Cookies

Domain/Path Name / Value
.malangenresort.com/ Name: _gcl_au
Value: 1.1.1934816293.1677119900
.malangenresort.com/ Name: _ga
Value: GA1.2.1701861227.1677119900
.malangenresort.com/ Name: _gid
Value: GA1.2.463089798.1677119900
.malangenresort.com/ Name: _gat_gtag_UA_87078307_3
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
gammel-no.malangenresort.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
gammel-no.malangenresort.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.youtube.com/ Name: YSC
Value: U19Ti3ZoCPA
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekl3TXpFM05URXlOREF4TWpreU5EazFNQT09EJyj258GGJyj258G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: h4DUh4IQI6E
gammel-no.malangenresort.com/ Name: viewed_cookie_policy
Value: yes

9 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js(Line 1109)
Message:
Unrecognized feature: 'web-share'.
security error URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js(Line 1117)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://gammel-no.malangenresort.com').
network error URL: https://gammel-no.malangenresort.com/wp-content/uploads/2020/06/Nytt-Malangen-kart-lite.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js(Line 1117)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://gammel-no.malangenresort.com').
security error URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js(Line 1117)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://gammel-no.malangenresort.com').
security error URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js(Line 1117)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://gammel-no.malangenresort.com').
security error URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js(Line 1117)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://gammel-no.malangenresort.com').
security error URL: https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js(Line 1117)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://gammel-no.malangenresort.com').
network error URL: https://malangenresort.no/wp-content/uploads/2021/08/Nordlys-Malangen-Buendia_2228.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gammel-no.malangenresort.com
googleads.g.doubleclick.net
hb.wpmucdn.com
i.ytimg.com
jnn-pa.googleapis.com
malangenresort.no
no.tripadvisor.com
r5---sn-5uaeznle.googlevideo.com
redirector.googlevideo.com
rr1---sn-5ualdnl7.googlevideo.com
rr3---sn-vgqsrned.googlevideo.com
static.doubleclick.net
static.tacdn.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.jscache.com
www.tripadvisor.com
www.youtube.com
yt3.ggpht.com
142.250.64.66
151.101.130.83
151.101.2.83
23.60.5.78
2607:f8b0:4002:4::a
2607:f8b0:4002::6
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2016
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2006
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4017:35::8
2a01:5b40:0:4a01:0:ebb2:1578:a4ed
2a02:6ea0:c454::1
09ce4efa7094c80afce22534013cea735e7f29db11b5fe4441fd7fd5bc6d3729
09cef3d10f1b996c7c26c157f3873336ca66ab3931cdaf84153b2c18733ae38a
0a206193cb02ff3f1e6cac30fd94b38673e743e25def8d481a2403d0d0bfc8fb
0b10cad4435422e4e790f306f6bda2566225e9def8e847db1ec9ce187678851a
0d95d3b2d94b7322b02b13971bc11dfed6b05d746377bfee0f310c8179dede18
1258a7f2758e64640fe5210a31ca19c88731e03d307233f697c23163b3f07b24
1689ed1edf0cfc921cffd974de2ca2f00120ec12ec5fff99b6dbc23226ce8729
170c72772b7bade02630529bff633493fc589ce990643045c562fdd78d56bc00
197c35e4639d70fa7f109326af6a9bcfa5aaff65dafa39664d85bddbeb20aad2
1a400560aceabb2687df0afc6854c37deae2c64144e5f49050733177099bcc08
1cad64a20248fa90b4c5107438d4e38ada64fec5259871f6ebad572c285fa179
1cc810fd33beefc013451115d231cf0d75bdada95de5faad1496cb83a7b4464b
1e1aab3496ffdc7bcc0da6a2f974eedbb3bacb70cbe84eaddc4d3bbd38d3c345
21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74
245d19384a78155ddb20b27852ef5fe4aa985779bdee79c87c1eee32edbcdf33
267075c6577d089a2588b9f8815c9e7139b39aedf293cf6afe0da224bc327ff8
27e063687e3e61b59863f43b451096a6dad69213551689ebde27266fb281a6b9
2c7f068b956afb9ba386919e695a0314c10724e2df7b4f9b7cc0bf5cbdfea52c
2fda5162e9e4e5f13ee00608eaed39db8b8eb38482c0503ba15f064ce87adcf4
30952f05fbb59736578534d9d8c1b7f368ec6cbc1affbc22235bac154ac1f2da
3d53e386319bca4a31e2f9716110ee6f37b049243efa9ed3e00d6bab77ee44b5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41e876e4651cefe23fc74ca17387c3f1a6c78c5f333cc3537599f13dd49eda00
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4735466348517b059d438984d72d3e99bbc57d52270a45e0fcea590ee4cb75ef
47fb7ec9e8121e2ce08d97cbfbcbbab458cd9d35d9f84b95fc566836654eaa72
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f39097bbbe888fb88ed804482a737e7259c6a73c87459ee394640f060f9b42e
55954ccd326c3cb70aaa31a9d8c70bb1243d214a13513c954da8ab93da4ae89a
5614a2336d6c7857be1049a807179334967b8a0f3f05cd0c1ae0f15db334f888
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bc9de742fce019e00d91844426ade36c5fef8b6d54259944301cae161eb15a1
606b8f05adf60e8d7eb498f25e1905ef9136e1db09fbeec2f41836d9371669ae
654f3d35af279e1568d8643aa7d09018f88d5986a8cb49f12a5fabb81ba0c587
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68a2a01d74effffbc2ed6c93f957b61e637528068c560b32a42473262a1e6625
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78635e60f885a5b150602af226c001981d410daf72a2f774b9b40dae66491078
7df5aba4e6ad43e9b13322dae71146ba91f5ce8701deca8f51106c94c90bd2ad
826ec6e0ef899bdb28570107d0dcdc9037d24439762e000b1c0d00ed607e863a
82c38300d40913d85cd8df77bc626ecda76d294013a4ae77acfc5e3182c480e7
8440f93ed627785a58ee317f66bd4b18f396950ef01b0b39cde0e9d06da682bd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a5d9b8ccd1cda2162720fbec517eb8d48959c9738222e1add272f6168ad95ce
8c0923ebaab3b7f422c6153a76bb8baf429111b0ccc48fa4e1dfb7d74de37368
8db7f7a4799becd2d7581a62e7d91d94ce6e614ab0002a0b33639f68d278c743
8f277db62484c8ca172689087de722bae34633e365439b82cd1326b9ec7a2bcb
912a730595797faaaebd94ff8f8aa255878b36e0c6b5b1112382ebf848e43e18
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93a3914a02d8eda623efd93f8126290771b764b3f9bdd9053216baffeb25d999
97dd1a0e5d5a0ae5ada630d445bda6e2581a74f2ceee5c9c2dfdd38a3c9aff5d
9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7
9b6148bb74a0cd566a9c06a00d58a259205ffbe174acbf7e46b6d145bd5f924c
9bac0edc4576a7b29afa7331c72e605a8936574c9eea48226528ba61bed79aac
a33d5b83f44e30bbaa279913ba11f40f966aedc8707b71c05ff02d5955fc808c
a352348ba01cea37498b6df873a474f7221ec2f39b57607b41690f02a97514f5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0c6836fec8ff50f7fb5973ff40ce815dc06124a2c5fec459116287cebc75abb
b119164d28a0aac3aa4ff86d346d5193d347fabbcfd6d5b06972309fb0c55f2d
b3fba8cf736d62f3143a4d5d2c9e231a3a21466981e193e97168a7d4920b7ceb
bd465a5a7af1dcd53b7bf21f370122e17d88c1b1b854d56fc1fd0aba43d01e59
bd6454c4ff08897cad54ad2aba17cd6977c32a360a78be58927ba3b793b3084e
bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f
c84b7106e37647df7ea5d2baabce7be9e90586eb898f182f6cca09933b54998e
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd
cedc0ab46c19bf7d729e8f14c695e5dd51236ceeac19200bf5f8be14e46dc0b4
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d22a1abd12c6205ae9d890c4c27733f2a787fea1dd4ffa1805b88ef37e84be37
d5a1b0563b1bc0dcc3c038a492c2eaa85df7257030bece9d0537bc284217ed8a
d78cecaa70758ba55eb66ba1b19b2b9c2dbe7c099260e4ea308d876a073bfa25
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7d5fae6a26a32d07d57e9c40ee13ccbdc3c46ba2999e3b4b8904b34ff243609
d7e848d96d29691d2c56df008421c1542bfb2875aa147a5d86d8f1e9b1bf8191
deef6657c0831f5ede9e7245ea23da3fbd380b56dd2a32a56bfddcf730b02331
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e2b2bb6a0d3d5dd5af086480b2a3a30ec6e36554affd50953d9895410c9a6adb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46cc4ccc20fc1161e70f180cd39aca49e9e8fcad3190879017bc811099e5808
e86431150dec287f1e7c8c2ea05badef179d2202be06c580e08f05caee5bc5fa
e8fe80dbd7433912f588031e96c8b45248c6c9269c9f2034fb5a616c35071bcd
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23c772ae34e0508bf15a0150a4bfe611ff5fb2804f549784dbaa81f7f37e441
f320535f23713bc85ca19b5642bdaecb4967c0cc1348f8697c2436bca29c2c1d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f866e163a8be1c9472e831567a1d6a0a9ea1281c4b78ac2ce9ebf9bff0499d8d
f8d7360ac7b9443039a013bebbbbe4e66aec84d6416f687f950bf7b7ffcef907
fd9cbf2f6bf70991482aac79cefc677c15b8aff5404104dd66ea964c7bbed106