www.gd.no Open in urlscan Pro
87.238.38.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Effective URL:
https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Submission: On September 12 via manual (September 12th 2022, 6:19:36 pm UTC) from IN — Scanned from NO

Summary HTTP 212 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 37 domains to perform 212 HTTP transactions. The main IP is 87.238.38.2, located in Oslo, Norway and belongs to REDPILL-LINPRO Redpill Linpro, NO. The main domain is www.gd.no.
TLS certificate: Issued by R3 on August 29th 2022. Valid for: 3 months.

This is the only time www.gd.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	87.238.38.2 87.238.38.2	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
8	87.238.38.6 87.238.38.6	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
1	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
7	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
8 74	87.238.38.3 87.238.38.3	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
12	87.238.38.4 87.238.38.4	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
1	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
5	142.250.184.240 142.250.184.240	15169 (GOOGLE) (GOOGLE)
1	46.30.126.165 46.30.126.165	47527 (DLX-AS) (DLX-AS)
2 5	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
13	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
3	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
3	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
1	87.238.38.20 87.238.38.20	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	35.244.159.191 35.244.159.191	15169 (GOOGLE) (GOOGLE)
1	87.238.38.9 87.238.38.9	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	136.243.95.176 136.243.95.176	24940 (HETZNER-AS) (HETZNER-AS)
4	35.227.200.190 35.227.200.190	15169 (GOOGLE) (GOOGLE)
1	157.240.200.14 157.240.200.14	32934 (FACEBOOK) (FACEBOOK)
6	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	213.19.162.31 213.19.162.31	3356 (LEVEL3) (LEVEL3)
4	99.80.189.31 99.80.189.31	16509 (AMAZON-02) (AMAZON-02)
2	172.67.201.228 172.67.201.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.140.156 74.125.140.156	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
2	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
9	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1 3	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	156.146.33.17 156.146.33.17	60068 (CDN77 ^_^) (CDN77 ^_^)
4	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.78.84 13.225.78.84	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	3.66.143.217 3.66.143.217	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2	213.155.156.188 213.155.156.188	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 2	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
3 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB) (YAHOO-DEB)
6	212.102.56.182 212.102.56.182	60068 (CDN77 ^_^) (CDN77 ^_^)
1	52.218.97.219 52.218.97.219	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.108 151.101.1.108	() ()
212	53

5 87.238.38.2 (Oslo, Norway) 1 redirects

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

www.gd.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.api.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 87.238.38.6 (Oslo, Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)
PTR: services.api.no

services.api.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 87.238.38.3 (Oslo, Norway) 8 redirects

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)
PTR: varnish-stable.api.no

assets.acdn.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.acdn.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 87.238.38.4 (Oslo, Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)
PTR: varnish-stable.api.no

r.acdn.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.api.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.240 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.30.126.165 (Herning, Denmark)

ASN47527 (DLX-AS, DK)
PTR: www-05.e-pages.dk

www.e-pages.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.238.38.20 (Oslo, Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

varnish-local.api.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.191 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 191.159.244.35.bc.googleusercontent.com

services.gcloud.api.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.238.38.9 (Oslo, Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)
PTR: vds.api.no

www.aid.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.95.176 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.176.95.243.136.clients.your-server.de

pp.lp4.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.200.190 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 190.200.227.35.bc.googleusercontent.com

collect.adplogger.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.200.14 (Ballerup Municipality, Denmark)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-cph2.fbcdn.net

scontent-cph2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cl.k5a.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.medietall.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.31 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.80.189.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-189-31.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.201.228 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.169 (Uppsala, Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 156.146.33.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-156-146-33-17.cdn77.com

cdn.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-84.fra2.r.cloudfront.net

sync.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.143.217 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-143-217.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.188 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com

sting.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.102.56.182 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-212-102-56-182.cdn77.com

sting-cdn.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.97.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

marketertechnologies.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	acdn.no 8 redirects assets.acdn.no — Cisco Umbrella Rank: 400717 r.acdn.no — Cisco Umbrella Rank: 420264 g.acdn.no — Cisco Umbrella Rank: 394362	772 KB
17	googlesyndication.com 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	91 KB
13	de17a.com 1 redirects d5p.de17a.com — Cisco Umbrella Rank: 6721 cdn.de17a.com sting.de17a.com — Cisco Umbrella Rank: 555548 sting-cdn.de17a.com — Cisco Umbrella Rank: 593788	102 KB
13	rubiconproject.com 3 redirects micro.rubiconproject.com — Cisco Umbrella Rank: 3627 fastlane.rubiconproject.com — Cisco Umbrella Rank: 694 eus.rubiconproject.com — Cisco Umbrella Rank: 840 pixel.rubiconproject.com — Cisco Umbrella Rank: 494 token.rubiconproject.com — Cisco Umbrella Rank: 1115	111 KB
12	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 582 scontent-cph2-1.xx.fbcdn.net — Cisco Umbrella Rank: 111838	159 KB
12	api.no services.api.no — Cisco Umbrella Rank: 498207 r.api.no — Cisco Umbrella Rank: 447136 varnish-local.api.no services.gcloud.api.no — Cisco Umbrella Rank: 461199 s.api.no — Cisco Umbrella Rank: 825131	115 KB
11	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	190 KB
7	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3442 s2.adform.net — Cisco Umbrella Rank: 6247 adx.adform.net — Cisco Umbrella Rank: 3113 dmp.adform.net — Cisco Umbrella Rank: 5535	35 KB
5	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 706	94 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274 s.amazon-adsystem.com — Cisco Umbrella Rank: 415	3 KB
4	360yield.com ad.360yield.com — Cisco Umbrella Rank: 848	9 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 329 acdn.adnxs.com	26 KB
4	k5a.io cl.k5a.io — Cisco Umbrella Rank: 28031	19 KB
4	adplogger.no collect.adplogger.no — Cisco Umbrella Rank: 445700	224 B
4	gd.no 1 redirects www.gd.no	72 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 419 ads.yahoo.com — Cisco Umbrella Rank: 3595	580 B
3	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	16 KB
3	gstatic.com fonts.gstatic.com	27 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 486	1 KB
2	casalemedia.com 1 redirects dsum.casalemedia.com — Cisco Umbrella Rank: 2337	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	88 KB
2	google.no adservice.google.no — Cisco Umbrella Rank: 182062 www.google.no — Cisco Umbrella Rank: 17993	1 KB
2	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 42562	4 KB
2	medietall.no log.medietall.no — Cisco Umbrella Rank: 95347	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	111 KB
1	amazonaws.com marketertechnologies.s3.eu-west-1.amazonaws.com	171 KB
1	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 885	581 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1612	192 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1557	423 B
1	userreport.com sync.userreport.com	586 B
1	lp4.io pp.lp4.io — Cisco Umbrella Rank: 35066
1	aid.no www.aid.no — Cisco Umbrella Rank: 519206	654 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 493	1 KB
1	e-pages.dk www.e-pages.dk — Cisco Umbrella Rank: 143230	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	41 KB
212	37

	Domain	Requested by
68	assets.acdn.no	8 redirects www.gd.no
11	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
11	r.acdn.no	www.gd.no
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com tpc.googlesyndication.com
8	services.api.no	www.gd.no services.api.no
7	securepubads.g.doubleclick.net	www.gd.no securepubads.g.doubleclick.net www.googletagservices.com
6	sting-cdn.de17a.com	sting.de17a.com sting-cdn.de17a.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	g.acdn.no	www.gd.no
5	storage.googleapis.com	www.gd.no assets.acdn.no
4	token.rubiconproject.com	3 redirects 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
4	eus.rubiconproject.com	01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com eus.rubiconproject.com micro.rubiconproject.com
4	ad.360yield.com	micro.rubiconproject.com
4	cl.k5a.io	services.api.no cl.k5a.io log.medietall.no
4	collect.adplogger.no	services.api.no
4	www.gd.no	1 redirects assets.acdn.no services.api.no
3	cm.g.doubleclick.net	1 redirects 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
3	pixel.rubiconproject.com	d5p.de17a.com 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
3	d5p.de17a.com	1 redirects 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com d5p.de17a.com
3	ib.adnxs.com	1 redirects micro.rubiconproject.com acdn.adnxs.com
3	www.facebook.com	www.gd.no
3	fonts.gstatic.com	assets.acdn.no
3	track.adform.net	2 redirects www.gd.no
2	match.adsrvr.org	2 redirects
2	s.amazon-adsystem.com	1 redirects 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
2	aax-eu.amazon-adsystem.com	1 redirects 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
2	sting.de17a.com	d5p.de17a.com
2	ups.analytics.yahoo.com	1 redirects d5p.de17a.com
2	dsum.casalemedia.com	1 redirects d5p.de17a.com
2	cdn.de17a.com	01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com sting.de17a.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
2	www.google.com	www.gd.no tpc.googlesyndication.com
2	01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ads.adnuntius.delivery	micro.rubiconproject.com
2	adx.adform.net	micro.rubiconproject.com
2	log.medietall.no	services.api.no log.medietall.no
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.gd.no connect.facebook.net
1	acdn.adnxs.com	micro.rubiconproject.com
1	marketertechnologies.s3.eu-west-1.amazonaws.com	d5p.de17a.com
1	ads.yahoo.com	01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
1	id.rlcdn.com	1 redirects
1	dmp.adform.net	d5p.de17a.com
1	pixel.advertising.com	1 redirects
1	image2.pubmatic.com	d5p.de17a.com
1	sync.userreport.com	d5p.de17a.com
1	www.google.no	www.gd.no
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.no	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	scontent-cph2-1.xx.fbcdn.net	www.facebook.com
1	s.api.no	www.gd.no
1	pp.lp4.io	assets.acdn.no
1	www.aid.no	assets.acdn.no
1	services.gcloud.api.no	assets.acdn.no
1	cdn.jsdelivr.net	micro.rubiconproject.com
1	varnish-local.api.no	services.api.no
1	s2.adform.net	www.gd.no
1	www.e-pages.dk	www.gd.no
1	r.api.no	www.gd.no
1	www.googletagmanager.com	www.gd.no
1	micro.rubiconproject.com	www.gd.no
212	63

This site contains links to these domains. Also see Links.

Domain
www.aid.no
www.mittlillehammer.no
www.vise.no
www.direktesport.no
www.gdhytte.no
eavis.gd.no
annonseweb.gd.no
kulturnett.oppland.org
www.facebook.com
www.twitter.com
www.instagram.com
www.ais-oppland.net
forms.gle
www.gudbrandsdolen.as
soknad.sparebankstiftelsen.no
avisretur.di.no
personvern.amedia.no
presse.no
www.pfu.no
www.nored.no
www.amedia.no

Subject Issuer	Validity	Valid
gd.no R3	`2022-08-29` - `2022-11-27`	3 months	crt.sh
api.no R3	`2022-08-31` - `2022-11-29`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
acdn.no R3	`2022-08-12` - `2022-11-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.e-pages.dk RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-01` - `2022-10-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-22` - `2022-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
services.gcloud.api.no GTS CA 1D4	`2022-08-06` - `2022-11-04`	3 months	crt.sh
aid.no R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.lp4.io Go Daddy Secure Certificate Authority - G2	`2021-11-11` - `2022-12-13`	a year	crt.sh
collect.adplogger.no GTS CA 1D4	`2022-08-12` - `2022-11-10`	3 months	crt.sh
cl.k5a.io R3	`2022-08-12` - `2022-11-10`	3 months	crt.sh
log.medietall.no R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.google.no GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-20` - `2022-12-20`	a year	crt.sh
1072570458.rsc.cdn77.org R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
1147033924.rsc.cdn77.org R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Frame ID: D0D1BFDB5E0F8CB513B94AC870475720
Requests: 143 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/gudbrandsdolen/&tabs=timeline&width=500&height=70&small_header=true&adapt_container_width=false&hide_cover=true&show_facepile=false&locale=nb_NO&appId=1381762785377592
Frame ID: EFD358CB64F0D7D48BD81D1D979B478F
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 89DC61F0D7C81CDDC784AD977154B861
Requests: 1 HTTP requests in this frame

Frame: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A5C8BB962CD137003474FBC177D6CE6
Requests: 1 HTTP requests in this frame

Frame: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA34F2B953D712017433EE39536EEBD2
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhTubc7T08cW2KJ4o1kgSVjL_B2ohOEzm3x20f1L_yQqZM2HM5p1hpPQRv6sBoG8pTda43Em9cbEgDU507PPDW_G6A6e2JdTrvIRuHohQvt33hvPelYbJXBRzxiBEGebe85Yv-SwUG63JtbyiRR6JzbAe3KQDL57aC9Xb9hUoRAPxDig0T5Ui0g3SkdqlSAO_fa_WLTf1zdq16WdDnvpn4Dk2KfjHPTb3s44WovidTyCKMOfz-m8GIN7xoTB-0IFw1C-5AAypRpJ8s2mzcN-WQ6noIJeb3yubSgvFbguCFKcuSjbZTAs9bSSr3nMdSjxfHZw&sai=AMfl-YTyFy3g7ZYh8xwg2kinDKJGIq5x8DI4nWEqhtLddh8E-vcjJyHOby62wuDThlocn_IfJHjzBhQemap-HiWFi75G4vnEATr_r4Hvn30efshBAZros4tJbBsqKjbI15S_Xrmw&sig=Cg0ArKJSzMniMtEb1wmYEAE&uach_m=[UACH]&adurl=
Frame ID: 0FF502978217D9B53D1C687AB571F4D2
Requests: 8 HTTP requests in this frame

Frame: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Frame ID: F13AB45802A7656697BDECF8E8D60B13
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=no
Frame ID: C4B5129665068FDE56175A463AB9E62A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3EC2DC5A6EE70EF3D2F41B0036128033
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96218F87FED5BFAD64685DC951E28F2B
Requests: 2 HTTP requests in this frame

Frame: https://sting.de17a.com/api/tags
Frame ID: 8B7C19B81706912EFCDBE5E3277BE1D9
Requests: 1 HTTP requests in this frame

Frame: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/styles/style.css
Frame ID: A2E3A5A230A5EB9585C3E95772067049
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8D58B39DE48F477DF8B866B8281D51B1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FC815E6D38C4E1B63AF0D7EB1E56D94B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nyheter | Tidenes transport til Lillehammer i nattaID logoArtikkelen er for abonnenter.Artikkelen er for abonnenter.Artikkelen er for abonnenter.

Page URL History Show full URLs

http://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762 HTTP 301
https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

212
Requests

90 %
HTTPS

0 %
IPv6

37
Domains

63
Subdomains

53
IPs

8
Countries

2301 kB
Transfer

5830 kB
Size

38
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.aid.no/aid/profil
Title: Min aID

Search URL Search Domain Scan URL

URL: https://www.aid.no/aid/personvern/oversikt
Title: Personvern

Search URL Search Domain Scan URL

URL: https://www.mittlillehammer.no/
Title: Mitt Lillehammer

Search URL Search Domain Scan URL

URL: https://www.vise.no/vis/annonsekjop?meny=click
Title: Kjøp annonse

Search URL Search Domain Scan URL

URL: https://www.direktesport.no/?publication=www.gd.no
Title: Direktesport

Search URL Search Domain Scan URL

URL: https://www.gdhytte.no/
Title: GD Hytte

Search URL Search Domain Scan URL

URL: https://eavis.gd.no/
Title: Papiravisen (eAvis)

Search URL Search Domain Scan URL

URL: https://www.aid.no/aid/familie
Title: Del abonnementet: aID Familie

Search URL Search Domain Scan URL

URL: https://annonseweb.gd.no/
Title: Bedrift

Search URL Search Domain Scan URL

URL: https://kulturnett.oppland.org/
Title: Legg til arrangement

Search URL Search Domain Scan URL

URL: http://www.facebook.com/gudbrandsdolen

Search URL Search Domain Scan URL

URL: http://www.twitter.com/avisagd

Search URL Search Domain Scan URL

URL: http://www.instagram.com/avisa_gd

Search URL Search Domain Scan URL

URL: http://www.ais-oppland.net/
Title: Avis i skolen

Search URL Search Domain Scan URL

URL: https://forms.gle/6tiutjvYbh4xhVHb8
Title: GD-fondet

Search URL Search Domain Scan URL

URL: http://www.gudbrandsdolen.as/
Title: Gudbrandsdølen AS

Search URL Search Domain Scan URL

URL: https://soknad.sparebankstiftelsen.no/amedia
Title: Lokalavisenes søknadsordning

Search URL Search Domain Scan URL

URL: https://avisretur.di.no/#!/logg-inn
Title: Løssalg

Search URL Search Domain Scan URL

URL: https://personvern.amedia.no/
Title: Personvernpolicy / Informasjonskapsler

Search URL Search Domain Scan URL

URL: http://presse.no/Etisk-regelverk/Redaktoerplakaten
Title: Redaktørplakaten

Search URL Search Domain Scan URL

URL: http://www.pfu.no/simple.php
Title: PFU

Search URL Search Domain Scan URL

URL: https://www.nored.no/Redaktoeransvar

Search URL Search Domain Scan URL

URL: https://www.aid.no/aid/logg_inn/med_passord?requestedUrl=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762&publication_domain=www.gd.no
Title: Logg inn med aID

Search URL Search Domain Scan URL

URL: https://www.amedia.no/personvern/
Title: Les mer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762 HTTP 301
https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://assets.acdn.no/pkg/@amedia/user/v0/user.js HTTP 302
https://assets.acdn.no/pkg/@amedia/user/0.14.54/user.js

Request Chain 72

https://assets.acdn.no/pkg/@amedia/browserid/v1/index.js HTTP 302
https://assets.acdn.no/pkg/@amedia/browserid/1.1.7/index.js

Request Chain 73

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 84

https://assets.acdn.no/pkg/@amedia/brick-button/v4/brick-button.js HTTP 302
https://assets.acdn.no/pkg/@amedia/brick-button/4.3.1/brick-button.js

Request Chain 85

https://track.adform.net/Serving/TrackPoint/?pm=794013&ADFPageName=Audiences&ADFdivider=%7C&ord=440416496879&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyIn0&loc=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=794013&ADFPageName=Audiences&ADFdivider=%7C&ord=440416496879&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyIn0&loc=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762

Request Chain 86

https://assets.acdn.no/pkg/@amedia/include/v3/include.js HTTP 302
https://assets.acdn.no/pkg/@amedia/include/3.0.6/include.js

Request Chain 87

https://assets.acdn.no/pkg/@amedia/brick-image/v1/brick-image.js HTTP 302
https://assets.acdn.no/pkg/@amedia/brick-image/1.3.1/brick-image.js

Request Chain 92

https://assets.acdn.no/pkg/@amedia/brick-icon/v0/brick-icon.js HTTP 302
https://assets.acdn.no/pkg/@amedia/brick-icon/0.5.1/brick-icon.js

Request Chain 93

https://assets.acdn.no/pkg/@amedia/brick-tokens/v2/brick-tokens.js HTTP 302
https://assets.acdn.no/pkg/@amedia/brick-tokens/2.8.0/brick-tokens.js

Request Chain 94

https://assets.acdn.no/pkg/@amedia/component/v1/component.js HTTP 302
https://assets.acdn.no/pkg/@amedia/component/1.0.8/component.js

Request Chain 165

https://d5p.de17a.com/victory/rubicon_open_rtb?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC HTTP 302
https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC

Request Chain 173

https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=5807721230888045162&expiration=1665598772 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=5807721230888045162&expiration=1665598772&C=1

Request Chain 176

https://pixel.advertising.com/ups/55955/sync?uid=5807721230888045162&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55955/sync?uid=5807721230888045162&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55955/sync?uid=5807721230888045162&_origin=1&verify=true

Request Chain 177

https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
https://d5p.de17a.com/setuid/appnexus?anxs_uid=7675885488335073466

Request Chain 186

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEB6oZ7ps_s-rTtsGS6W_a5o&google_cver=1

Request Chain 188

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaM0FLTFAtMVotM0RLSA==&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 189

https://id.rlcdn.com/709414.gif?gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 307
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 190

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t

Request Chain 191

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThhOWE5ZDI1ZTFlMzYzNDQ1MmUzYmMwN2NlYTJjODRhYjdmMjgzNw&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 192

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=501132e0-17df-4610-b648-d50aa1999cdc&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30

Request Chain 193

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7Z3AKLP-1Z-3DKH&sigv=1&esig=2~d8512fd6a15db3052c3a6e6206e62b82b33224de&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

212 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1-934610-6636762 Show response
www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/
Redirect Chain

http://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

280 KB
72 KB

456ms
79ms

Document
text/html

87.238.38.2
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.2 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

Resource Hash

215e60d054aff7d0e222cc514f364e8d93cf90e6431e6bf82c6b324acfb941e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=0
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 02:42:23 GMT
vary: x-edition,x-pushapp, Accept-Encoding, User-Agent
via: 1.1 varnish (Varnish/6.0) 1.1 varnish (Varnish/6.0)
x-age: 0
x-dynamic-fallback-status: false
x-emergency-mode: payment-nets
x-last-modified: 1367562069000
x-site: osl4
x-varnish: 538865952 1037358674 808821432

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 12 Sep 2022 18:19:28 GMT
Location: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Server: Varnish
X-Varnish: 1028274566

GET
H2 200 main-982228e9.js Show response
services.api.no/api/adplogger/v3/ 162 KB
34 KB 489ms
75ms Script
application/javascript 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/adplogger/v3/main-982228e9.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

29bdcca7988fa6dea5e7546c4441db57f6ef3f5df7956301dd7d169fe5a73261

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:20:51 GMT
content-encoding: gzip
x-site: osl2
last-modified: Mon, 12 Sep 2022 09:19:08 GMT
access-control-allow-origin: https://www.gd.no
vary: Accept-Encoding, Origin
x-varnish: 346182201 249075919
x-dynamic-fallback-status: false
cache-control: public, max-age=604800, immutable
content-security-policy: upgrade-insecure-requests
x-age: 25117
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 34833
via: 1.1 varnish (Varnish/6.0)

GET
H2 200 frontend-rpc-840f032e.js Show response
services.api.no/api/adplogger/v3/@amedia/ 2 KB
1 KB 489ms
76ms Script
application/javascript 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/adplogger/v3/@amedia/frontend-rpc-840f032e.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

701e3e3005728fe19d111002c535ec8144ef2cffa13582ba479e03b71a870f55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:20:53 GMT
content-encoding: gzip
x-site: osl2
last-modified: Mon, 12 Sep 2022 09:19:08 GMT
access-control-allow-origin: https://www.gd.no
vary: Accept-Encoding, Origin
x-varnish: 346182202 131658644
x-dynamic-fallback-status: false
cache-control: public, max-age=604800, immutable
content-security-policy: upgrade-insecure-requests
x-age: 25115
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 780
via: 1.1 varnish (Varnish/6.0)

GET
H2 200 uuid-63a4572e.js Show response
services.api.no/api/adplogger/v3/@amedia/ 1 KB
1004 B 559ms
146ms Script
application/javascript 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/adplogger/v3/@amedia/uuid-63a4572e.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

79966d0aacbea87c014970458585fab50d68f4aa3e6a91284c3f9915f0805397

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:21:03 GMT
content-encoding: gzip
x-site: osl2
last-modified: Mon, 12 Sep 2022 09:19:08 GMT
access-control-allow-origin: https://www.gd.no
vary: Accept-Encoding, Origin
x-varnish: 346182203 205307247
x-dynamic-fallback-status: false
cache-control: public, max-age=604800, immutable
content-security-policy: upgrade-insecure-requests
x-age: 25105
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 600
via: 1.1 varnish (Varnish/6.0)

GET
H2 200 uuid-d7440bed.js Show response
services.api.no/api/adplogger/v3/ 3 KB
2 KB 558ms
144ms Script
application/javascript 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/adplogger/v3/uuid-d7440bed.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

269aaa59c1c3d0d8b4c95d90c3a36984965ac51996eeec52f2a21f6f018d4822

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:27:10 GMT
content-encoding: gzip
x-site: osl2
last-modified: Mon, 05 Sep 2022 14:41:44 GMT
access-control-allow-origin: https://www.gd.no
vary: Accept-Encoding, Origin
x-varnish: 346182204 654349529
x-dynamic-fallback-status: false
cache-control: public, max-age=604800, immutable
content-security-policy: upgrade-insecure-requests
x-age: 478338
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1340
via: 1.1 varnish (Varnish/6.0)

GET
H2 200 resize-observer-fe2d89f2.js Show response
services.api.no/api/adplogger/v3/@juggle/ 18 KB
5 KB 521ms
108ms Script
application/javascript 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/adplogger/v3/@juggle/resize-observer-fe2d89f2.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

0551900f79cf03e7ddf00f1cc907661cdcfd5c8ed3e19af7fb4fe26b9998b736

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:21:06 GMT
content-encoding: gzip
x-site: osl2
last-modified: Mon, 12 Sep 2022 09:19:08 GMT
access-control-allow-origin: https://www.gd.no
vary: Accept-Encoding, Origin
x-varnish: 346182205 267226066
x-dynamic-fallback-status: false
cache-control: public, max-age=604800, immutable
content-security-policy: upgrade-insecure-requests
x-age: 25102
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 4383
via: 1.1 varnish (Varnish/6.0)

GET
H2 200 10856.js Show response
micro.rubiconproject.com/prebid/dynamic/ 258 KB
82 KB 244ms
101ms Script
text/javascript 23.75.240.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Requested by: Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.240.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-240-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48d3acbda5b48867d8c9c0ab7fe1da540d483d82d235b031d723cd22045fc366

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 23:23:14 GMT
server: Apache
vary: Accept-Encoding
edge-cache-tag: prod-prebid-10856_Gudbrandsdolen_Dagningen_Desktop.js
content-type: text/javascript
access-control-expose-headers: x-trp-pba
cache-control: public, must-revalidate, max-age=0
content-length: 83095
x-trp-pba: {"ruleId":"21","rulePos":0,"ruleName":"Gudbrandsdolen_Dagningen_Desktop","wrapperName":"10856_Gudbrandsdolen_Dagningen_Desktop","isPrimary":true,"randomProb":39,"account":10856,"device":"desktop","country":"NO","host":"gd.no","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://www.gd.no/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36","query":"section=test","ranAt":"2022-09-12T18:19:29.320Z","runId":"1663006769320-2268","wrapperPath":"/prebid/10856_Gudbrandsdolen_Dagningen_Desktop.js","redirectUrl":"/prebid/get-wrapper/Gudbrandsdolen_Dagningen_Desktop/10856_Gudbrandsdolen_Dagningen_Desktop.js"}
expires: Tue, 13 Sep 2022 09:59:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 572ms
84ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

bf38f71fa2e61b562e2a71da8b192b9bc848dae7f1985f7e91d4e32dc5477a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28717
x-xss-protection: 0
server: sffe
etag: "1331 / 664 of 1000 / last-modified: 1662980886"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 12 Sep 2022 18:19:29 GMT

GET
H2 200 bundle.js Show response
services.api.no/api/bazaar/assets/v2/ 135 KB
31 KB 483ms
108ms Script
application/javascript 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/bazaar/assets/v2/bundle.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

cb2f41eea01b9afd28520fbfd487552fb0999540b91ba5e539bcf89c7808bf22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:53:21 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 23167
content-length: 30854
x-site: osl2
last-modified: Wed, 31 Aug 2022 11:50:13 GMT
etag: W/"21b4c-182f3bccd08"
vary: Accept-Encoding
x-varnish: 346182206 237350151
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=900
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H2 200 migrate-app.css
assets.acdn.no/pkg/foxfield/1.27.42-1661772403/css/native-app-messages/ 639 B
759 B 451ms
36ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/css/native-app-messages/migrate-app.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

4e41491859c0d86b112be811beba7962576c511f61e93c3fa8661821061a25e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:30:48 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 1234120
x-emergency-mode: payment-nets
content-length: 329
x-site: osl2
etag: CNbWo9H46/kCEAE=
vary: Origin, accept-encoding
x-varnish: 887823150, 692724529 242144814
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/css

GET
H2 200 db9dc3dc27dce9190b0101e786b48e278f73894cd5a45d3e8ce6192a36d68482
r.acdn.no/api/shoal/v1/single_bundle/ 14 KB
3 KB 447ms
37ms Stylesheet
text/css 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.acdn.no/api/shoal/v1/single_bundle/db9dc3dc27dce9190b0101e786b48e278f73894cd5a45d3e8ce6192a36d68482

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

e02b1f4ce3146a5cb0182d5f53ee3151540e26e4d2ea52c287dbeea1f0c55afa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:49:43 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 23385
content-encoding: gzip
x-emergency-mode: payment-nets
content-length: 2805
x-varnish: 655667719, 746915269 517872669
x-site: osl2
etag: W/"3824-7+KisSotE+N7UXjftI6oRvF4/Ls"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ad.default.css
assets.acdn.no/pkg/article/0.0.5-1660655095/css/external-content/ad-position/ 2 KB
942 B 452ms
37ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/css/external-content/ad-position/ad.default.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

d591b79c58b1a14c6a8e9494ae9ac2eb34ee8e3fe1a3af1901f3df2a7567cc9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:02 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CKzSn6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 13303698, 692724530 1003077930
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: text/css
content-length: 543
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 ad.nettavisen.css
assets.acdn.no/pkg/article/0.0.5-1660655095/css/external-content/ad-position/ 3 KB
960 B 452ms
38ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/css/external-content/ad-position/ad.nettavisen.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

a5140edca54c0344325893a0d1950f1a6839b7cd050fd4d28494e1105efb7371

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:02 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CL2in6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 702958357, 692724531 985155060
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: text/css
content-length: 561
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 css-publication-vars
r.acdn.no/api/css-config/v1/ 3 KB
1 KB 448ms
38ms Stylesheet
text/css 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.acdn.no/api/css-config/v1/css-publication-vars?publication=www.gd.no

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

496fafedfbba91e4f6daddb1f8e8a5d30c748770055191ff26cf415d261c4f7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 02:09:48 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 58179
content-encoding: gzip
x-emergency-mode: payment-nets
content-length: 949
x-varnish: 542934518 529647740, 746915270 274277339
x-site: osl2
etag: W/"ad5-M2WHgTvj+IRj4rR2ISQa2hLRq/Q"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=30
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 amedia-aid-menu.css
assets.acdn.no/pkg/ego/1.0.38-1662475230/css/ 1 KB
841 B 452ms
38ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/css/amedia-aid-menu.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

ceb8c1a2c156c19a5a5e2816a921d1dda230f6c1e00a3c7df367c1ebabb22db0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:42:44 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CO+u8u6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 579471712, 692724532 763686246
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 531404
accept-ranges: bytes
content-type: text/css
content-length: 443
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 top.css
assets.acdn.no/pkg/ego/1.0.38-1662475230/css/ 2 KB
1 KB 452ms
39ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/css/top.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

76797d7358e312bd04f7d71f0a1863a57140c7cb6d46aa48b375d8e60e428237

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:42:44 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CPeg9O6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 973779231, 692724533 895586531
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 531404
accept-ranges: bytes
content-type: text/css
content-length: 773
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-user-arrow.css
assets.acdn.no/pkg/ego/1.0.38-1662475230/css/ 276 B
613 B 453ms
39ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/css/amedia-user-arrow.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

3661f1fdb174cebc3c9ec868a294c916c45de0008c939f11040c95454ab35dba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:42:44 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 531404
x-emergency-mode: payment-nets
content-length: 184
x-site: osl2
etag: COK08u6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 496784749, 692724534 894604606
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/css

GET
H2 200 amedia-username.css
assets.acdn.no/pkg/ego/1.0.38-1662475230/css/ 864 B
798 B 484ms
71ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/css/amedia-username.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

6d08e7c51e4c88b2499a5153f51c03e00095533a9481368842d19ac357b7b73c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:42:44 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CLP68e6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 970258530, 692724536 866297644
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 531404
accept-ranges: bytes
content-type: text/css
content-length: 400
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-privacybox.css
assets.acdn.no/pkg/ego/1.0.38-1662475230/css/ 2 KB
1 KB 484ms
70ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/css/amedia-privacybox.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

8e717d2adc2f121129d6b1c3a9d653d983c20ae9b5537ef79575667c1bba4133

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:42:44 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CKr78e6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 574996719, 692724535 790291071
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 531404
accept-ranges: bytes
content-type: text/css
content-length: 641
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-privacybox-button.css
assets.acdn.no/pkg/ego/1.0.38-1662475230/css/ 513 B
723 B 487ms
74ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/css/amedia-privacybox-button.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

26d3f178c60b6ea779ba1b45a78f7acd7e74024935564d93d538f60161d75c8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:42:44 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 531404
x-emergency-mode: payment-nets
content-length: 294
x-site: osl2
etag: CIiP8e6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 499040444, 692724540 787833113
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/css

GET
H2 200 footer.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-footer-css/ 2 KB
892 B 487ms
74ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-footer-css/footer.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

4019865540259c02939d5803461810750130445d4b75235a2fb568cf58600aec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:43 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: COSKn7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 392306880, 692724539 359667321
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446546
accept-ranges: bytes
content-type: text/css
content-length: 493
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 header.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-header-css/ 3 KB
1 KB 486ms
73ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-header-css/header.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

3b70ff171f1f743023b6c55f7399161c17f38809a7272301ca17f70815cf8f85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:52 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CM6dn7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 391586602, 692724538 257257402
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446536
accept-ranges: bytes
content-type: text/css
content-length: 956
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 menutrigger.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menutrigger-css/ 4 KB
2 KB 485ms
73ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menutrigger-css/menutrigger.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

3c1a1f94d044bcf103d45c2fd170a4a7cf2e7a9395f0c50cbcf26691c946a486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: COXan7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 822354610 824675166, 692724537 231144856
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446567
accept-ranges: bytes
content-type: text/css
content-length: 1261
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 menubar.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menubar-css/ 2 KB
1 KB 489ms
76ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menubar-css/menubar.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

a968dd8e4e777d0c482a1a2f33061c67ea931d6edffef5802645141026c3eb54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CI+ln7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 460723471 461181268, 692724544 229701553
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446567
accept-ranges: bytes
content-type: text/css
content-length: 647
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 xmas.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-xmas-css/ 153 B
534 B 487ms
75ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-xmas-css/xmas.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

321f741d0db111bd72b6456ebcffcdcb51c82f3e033522a21dba1e29564d9d77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CKyVo7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 393482449 394265957, 692724543 229701554
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446567
accept-ranges: bytes
content-type: text/css
content-length: 125
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 pushapp.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-pushapp-css/ 1 KB
817 B 487ms
75ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-pushapp-css/pushapp.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

78dbd0938d988e520591c4d7164767f40d79c9995b9bf24a84b197bbf5129c2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:52 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: COmfn7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 822354612, 692724542 328313591
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446536
accept-ranges: bytes
content-type: text/css
content-length: 418
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 menu.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menu-css/ 17 KB
6 KB 487ms
74ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menu-css/menu.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

3102005c007d707083ec8e0eea7e78e94f4f54d22c3450bf9dd5f35d3765df35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CKHin7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 460723473 458498978, 692724541 374246176
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446567
accept-ranges: bytes
content-type: text/css
content-length: 5615
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 subscription-menu.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-subscription-menu-css/ 733 B
742 B 519ms
107ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-subscription-menu-css/subscription-menu.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

25ab07981e73f5e07969e59b8597c3559a48c4d15a853cb30b934858e3b907ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CJSTn7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 393482451 391586443, 692724548 357602809
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446567
accept-ranges: bytes
content-type: text/css
content-length: 333
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 plussalt.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-plussalt-css/ 732 B
752 B 489ms
77ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-plussalt-css/plussalt.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

02a0fcb3d1047d0295a302fd0e883d7e0e3346fea7a520bff476ff307ba97985

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CNebn7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 818532348 823824556, 692724547 246806374
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446567
accept-ranges: bytes
content-type: text/css
content-length: 343
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 classifieds.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-classifieds-css/ 3 KB
1 KB 489ms
77ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-classifieds-css/classifieds.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

8be0047338f9d34ee1b8136dcd37a695624e46a96e5a1b4f772c91ae2f2b8096

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:52 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CM+/n7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 460723475, 692724546 348920889
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446536
accept-ranges: bytes
content-type: text/css
content-length: 818
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 searchbox.css
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-searchbox-css/ 1 KB
876 B 488ms
76ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-searchbox-css/searchbox.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

193d4b8c83ed2ff85f7f67dccc48297ed99f3fdd9fceeb0b30a8fb9f811d0a6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:52 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CJ2fn7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 393482453, 692724545 371886810
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446536
accept-ranges: bytes
content-type: text/css
content-length: 477
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 install-app.css
assets.acdn.no/pkg/foxfield/1.27.42-1661772403/css/native-app-messages/ 364 B
633 B 519ms
107ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/css/native-app-messages/install-app.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

fd40c2374d2b37fdf4ca6006a5e39490e3789ba817b3757c8561f5cdb2665dad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:30:48 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CMiUo9H46/kCEAE=
vary: Origin, accept-encoding
x-varnish: 352222816, 692724551 325193548
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 1234120
accept-ranges: bytes
content-type: text/css
content-length: 234
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 related-articles.css
assets.acdn.no/pkg/foxfield/1.27.42-1661772403/css/relatedarticles/ 444 B
686 B 519ms
108ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/css/relatedarticles/related-articles.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

ef99ec5df6bc33358d25701568d2709abe5e97e696811e116e61c33c3254b36b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:30:48 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 1234120
x-emergency-mode: payment-nets
content-length: 256
x-site: osl2
etag: CJ3PpdH46/kCEAE=
vary: Origin, accept-encoding
x-varnish: 887823144, 692724550 264061189
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/css

GET
H2 200 story.css
assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/ 52 KB
9 KB 489ms
78ms Stylesheet
text/css 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/story.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

892744c9a6b18fdbf455b76587b7a22e3abbd493ca678bb3df7886869def2857

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:29:39 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CNX75/n38PkCEAE=
vary: Origin, accept-encoding
x-varnish: 428142289, 692724549 481268349
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 1061389
accept-ranges: bytes
content-type: text/css
content-length: 8304
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 bazaar.css
services.api.no/api/bazaar/assets/ 17 KB
4 KB 419ms
43ms Stylesheet
text/css 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/bazaar/assets/bazaar.css

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

99e26abc41fbff34b2d7edd4d20a094cf844b7436089934e0af62e9b2630cb7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:53:22 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 23166
content-length: 3258
x-site: osl2
last-modified: Wed, 31 Aug 2022 11:48:09 GMT
etag: W/"4327-182f3bae8a8"
vary: Accept-Encoding
x-varnish: 471533872 218086794
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=900
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/css; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 540ms
86ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115482469-2

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

8d3a8d3e1fa9978c12e7f71468e1e0e41d1798e116bc7ef966f07f35d532785b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41969
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 18:19:29 GMT

GET
H2 200 browserwarning-standalone.js Show response
storage.googleapis.com/amedia-statics/js/ 11 KB
11 KB 547ms
73ms Script
text/javascript 142.250.184.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/amedia-statics/js/browserwarning-standalone.js
Requested by: Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 185d846210b7718197dcf89ee14b7ff7adb767d58f00f4b6f87504c0a936bb5e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:12:30 GMT
age: 419
x-guploader-uploadid: ADPycdttNUEx6BE2YPdUdTS1ZxeouPD4COmB3I8LAm0rhPNOIzbw0YsVV-8EB6d7m6LzI4RSiXqTPi5C6_Nf-st0DSUcoA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11169
last-modified: Thu, 24 Jun 2021 07:16:06 GMT
server: UploadServer
etag: "560c99adc4e4fc3be63591069bac4169"
x-goog-hash: crc32c=JW5bBA==, md5=VgyZrcTk/DvmNZEGm6xBaQ==
x-goog-generation: 1624518966277396
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 11169
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 12 Sep 2022 19:12:30 GMT

GET
H2 200 small.svg
r.api.no/local/v3/publications/www.gd.no/gfx/ 950 B
1 KB 452ms
38ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.api.no/local/v3/publications/www.gd.no/gfx/small.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.54 (Unix) /

Resource Hash

5480a5e2d431768b3c9b987cc46764ef2215e4908aa9f6f151ce6e054701b8e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:39:51 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/svg+xml
last-modified: Thu, 09 Jun 2022 09:39:07 GMT
server: Apache/2.4.54 (Unix)
etag: "3b6-5e10097d324c0"
x-varnish: 689113143 686102354, 607412978 755499482
x-dynamic-fallback-status: false
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
x-age: 577
accept-ranges: bytes
timing-allow-origin: *
content-length: 950

GET
H/1.1 200
OK small.jpg
www.e-pages.dk/gudbrandsdolen/2693/teasers/ 17 KB
17 KB 169ms
52ms Image
image/jpeg 46.30.126.165
DLX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.e-pages.dk/gudbrandsdolen/2693/teasers/small.jpg
Requested by: Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.30.126.165 Herning, Denmark, ASN47527 (DLX-AS, DK),
Reverse DNS: www-05.e-pages.dk
Software: nginx /
Resource Hash: f68a8c2040c7b3f0e00f7ff391eaeb9e0114793932acd28392a2d9cecc01de8d

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 18:19:29 GMT
Last-Modified: Sun, 11 Sep 2022 19:33:00 GMT
Server: nginx
ETag: "631e37ec-4373"
Content-Type: image/jpeg
Cache-Control: max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17267
Expires: Mon, 12 Sep 2022 18:20:29 GMT

GET
H2 200 classifieds-eiendom.svg
r.acdn.no/brandheader/default/ 1 KB
2 KB 39ms
37ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/brandheader/default/classifieds-eiendom.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

083f64d80e5c6042382f74401a48b076a953f2b1a52735a55444b03c4218aded

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:59:57 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 1172
x-emergency-mode: payment-nets
content-length: 1096
x-varnish: 11989466 8621231, 746915272 695573923
x-site: osl2
last-modified: Fri, 11 Sep 2020 13:15:03 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "448-5af0979077dcb"
content-type: image/svg+xml
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 classifieds-stillingledig.svg
r.acdn.no/brandheader/default/ 1 KB
2 KB 40ms
37ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/brandheader/default/classifieds-stillingledig.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

23df79eb59c2477a126f1cbf0cb5e653ebc84d900c328e940177e73596e44701

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:59:47 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/svg+xml
last-modified: Fri, 11 Sep 2020 13:15:04 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "53d-5af0979126b0f"
x-varnish: 11361733 13391022, 746915273 717098859
x-dynamic-fallback-status: false
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
x-age: 1182
accept-ranges: bytes
timing-allow-origin: *
content-length: 1341

GET
H2 200 classifieds-derdubor.svg
r.acdn.no/brandheader/default/ 3 KB
3 KB 40ms
38ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/brandheader/default/classifieds-derdubor.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

172fce398d77aa305b81083fe3883b43ef47d33fdc49f2008d3db0f443a23e46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:59:51 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 1177
x-emergency-mode: payment-nets
content-length: 2828
x-varnish: 724677071 713218402, 746915274 732398383
x-site: osl2
last-modified: Fri, 11 Sep 2020 13:15:04 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "b0c-5af0979126b0f"
content-type: image/svg+xml
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 nacommentEmbed.js Show response
r.acdn.no/api/amediacomments/frontend/nacomment/comments-frontend/ 12 KB
3 KB 43ms
36ms Script
application/javascript 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.acdn.no/api/amediacomments/frontend/nacomment/comments-frontend/nacommentEmbed.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

48faf83767e20c0960e7569b68022db89d56dfeb063492842c875ae822982cf7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:17:50 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 32498
content-encoding: gzip
x-emergency-mode: payment-nets
content-length: 2882
x-varnish: 629967882, 746915271 471208340
x-site: osl2
last-modified: Fri, 05 Aug 2022 12:00:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 redaktoransvar.svg
r.acdn.no/brandheader/default/ 10 KB
10 KB 41ms
38ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/brandheader/default/redaktoransvar.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

11517ef9a0ed8cbc8d72482f07c563fc53a2dc3061428fd87457e43657f21e7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 15:29:42 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/svg+xml
last-modified: Mon, 14 Sep 2020 13:20:03 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "2719-5af45e46d2e0e"
x-varnish: 19600381 1060956982, 746915275 655833477
x-dynamic-fallback-status: false
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
x-age: 1186
accept-ranges: bytes
timing-allow-origin: *
content-length: 10009

GET
H2 200 migrate-app.js Show response
assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/native-app-messages/ 2 KB
1 KB 414ms
39ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/native-app-messages/migrate-app.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

f8e660e904475f15703d5697c4c05f4c61a560067cef4ca9ced581a3dd7d0757

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:30:55 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CKyNldH46/kCEAE=
vary: Origin, accept-encoding
x-varnish: 363768350 363439960, 655572053 281818301
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 1234113
accept-ranges: bytes
content-type: application/javascript
content-length: 818
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-factbox.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/factbox/ 4 KB
2 KB 413ms
38ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/factbox/amedia-factbox.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

1b1ca5c448cf3daac077e537a8a0e94d2e9cb5badbb307f2d0ec4cf30873ed10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CPqQn6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 674986842, 655572052 1045734892
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 1514
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-image.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/picture/ 12 KB
5 KB 412ms
38ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/picture/amedia-image.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

f9d947982f1c56732a8a4739500b63218e5135906cd88de6295fdf55b75edd0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CIXaqKu2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 30246709, 655572051 1034956685
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 4240
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 scrollytelling-embed.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/ 3 KB
1 KB 482ms
107ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/scrollytelling-embed.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

7534c423b8e9afdbfbe0b1e802263f892be22b8fbac81830d8c7c347f73dbf21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CPy0o6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 704328233, 655572058 1018017879
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 1096
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 scrollytelling-image.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/ 3 KB
1 KB 446ms
72ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/scrollytelling-image.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

f7394c70951b3f3103027dd5779ef6defefb611887be1dafde77750856523a2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CKjHo6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 679782984, 655572054 1043441326
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 1113
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 scrollytelling-video.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/ 1 KB
926 B 447ms
73ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/scrollytelling-video.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

81d71d7d574e9d29fdda1cbee09978add886fbf1b5559622e876f2db38761487

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CL6UpKu2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 28216487, 655572057 1045603865
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 513
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 scrollytelling.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/ 20 KB
6 KB 446ms
72ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/scrollytelling/scrollytelling.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

d22d97abbb6b09bfea3f01be8f17ead6086bc1347184317ce878f58a9cec8100

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CI3mpau2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 678143362, 655572056 1004225199
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 5340
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-timeline.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/timeline/ 2 KB
1 KB 445ms
71ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/timeline/amedia-timeline.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

4bf9b5a7c3d8a0d8aff55b599558a4c8d8437821aa93704e4cdfdc48f6ef1a0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CO63o6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 706877723, 655572055 938863420
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 630
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 swiper.custom.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/lib/vendor/ 174 KB
32 KB 450ms
76ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/lib/vendor/swiper.custom.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

5091474843a698c7bb78c5827bfdf7f75f19f32c6f859656701f80017865576a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CMess6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 17494244, 655572062 1043113725
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 32012
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 bodytext.nettavisen.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/body-text/ 1 KB
874 B 484ms
110ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/body-text/bodytext.nettavisen.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

4ba2d95f875ee0dcff17257df0c9f36ff4cce25336675fb1fce58a357e726bb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CN6Cn6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 698118876, 655572061 1063557551
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 460
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 byline-description.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/byline/ 3 KB
1 KB 485ms
111ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/byline/byline-description.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

99cb113c947df168d0fb6f5810092386c495f7a57bb86ae70c067d4bf7218cc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CNbbo6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 683219890, 655572060 988790952
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 863
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 byline.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/byline/ 409 B
649 B 449ms
75ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/byline/byline.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

f9b0c8229f048b8e38fba5cc792dd8a14c96b91cbd578e120963d7c8003fed5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CI6rn6u2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 15368111, 655572059 1027354204
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 236
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 image-slider.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/image-slider/ 192 KB
36 KB 485ms
112ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/image-slider/image-slider.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

35c0924ea5632746bf9c2dc874557763b59672e7a36aef81beb926707a1dcc8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CMjJrau2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 706551495, 655572066 938110750
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 36620
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-refresh-reminder.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/refresh-reminder/ 16 KB
5 KB 485ms
112ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/refresh-reminder/amedia-refresh-reminder.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

ac547429d8cab54be8716cbab7f23ac1bf4ca1bdbb7be971d8441175754f0184

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: COXBrKu2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 677815880, 655572065 938076720
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 4586
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-share-btns.browser.js Show response
assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/share-btns/ 7 KB
2 KB 484ms
111ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/article/0.0.5-1660655095/js/content-types/partials/share-btns/amedia-share-btns.browser.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

b12944a7d029641d7c8a851534f3461ecdfde62cfa3e70a097541cff56017fcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:15:03 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CIrVqKu2y/kCEAE=
vary: Origin, accept-encoding
x-varnish: 20310742, 655572064 11079292
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2351066
accept-ranges: bytes
content-type: application/javascript
content-length: 2093
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 top.js Show response
assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/ 5 KB
2 KB 481ms
108ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/top.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

296fd466d62dd665a2e6ecafecde5544d280c3b881f8e4978b95b1de9bbaf22b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:55:23 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CImj8e6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 673853777, 655572063 213652308
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 476645
accept-ranges: bytes
content-type: application/javascript
content-length: 1635
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-user-arrow.js Show response
assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/ 2 KB
1003 B 488ms
115ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/amedia-user-arrow.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

e032d096ed56ccaa6150606d4164e1db78d23a668fb00b84ad1fe3df62c175cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:55:23 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 476645
x-emergency-mode: payment-nets
content-length: 560
x-site: osl2
etag: CI2o8u6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 609849317, 655572070 248713825
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 amedia-username.js Show response
assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/ 3 KB
1 KB 485ms
113ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/amedia-username.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

ecd13ede845eadd068b316367136c2a1afa349c6ee2f0b661216e7acecbf1bca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:54:46 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CN/b8u6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 1072054050 1065119898, 655572069 263094818
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 476683
accept-ranges: bytes
content-type: application/javascript
content-length: 1092
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-aid-menu.js Show response
assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/ 3 KB
2 KB 487ms
114ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/amedia-aid-menu.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

272d665659e4dbd0ae02f031294448cf7949ccf004792edb2f8064b14669a4c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:54:45 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 476683
x-emergency-mode: payment-nets
content-length: 1324
x-site: osl2
etag: CNyr8e6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 606521423 604119131, 655572068 247009783
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 amedia-privacybox.js Show response
assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/ 6 KB
2 KB 485ms
112ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/amedia-privacybox.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

b9ccbc5e52bd10c0ff859f74574dbda035a65951da59b768e368d9d1ac9ed386

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:55:23 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CLnD8u6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 1067104959, 655572067 256084239
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 476645
accept-ranges: bytes
content-type: application/javascript
content-length: 1989
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 amedia-privacybox-button.js Show response
assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/ 2 KB
1 KB 489ms
117ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/ego/1.0.38-1662475230/build/js/amedia-privacybox-button.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

e1b0b3d4f1f4a60ddcd90662df73c966ada9cfb9ccc49a0d9f3a0f5b751e7570

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:55:23 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: COiz8e6ygPoCEAE=
vary: Origin, accept-encoding
x-varnish: 676532670, 655572072 207984023
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 476645
accept-ranges: bytes
content-type: application/javascript
content-length: 820
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 menutrigger.js Show response
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menutrigger-js/ 6 KB
2 KB 486ms
115ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menutrigger-js/menutrigger.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

d7fbe5c3a673b85a123e74aba674a84b0d1163bd7515a790d2fb1f3a900bef99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:43:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CIOrn7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 395542920 391293875, 655572071 275539326
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446567
accept-ranges: bytes
content-type: application/javascript
content-length: 1721
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 menubar.js Show response
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menubar-js/ 6 KB
2 KB 485ms
114ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menubar-js/menubar.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

ddfd08b3e0fd831811e01aaf341f9f60394bf94e866533d7188f4afa564647ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:44:04 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CM6on7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 822188489, 655572073 279798288
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446525
accept-ranges: bytes
content-type: application/javascript
content-length: 1791
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 xmas.js Show response
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-xmas-js/ 10 KB
3 KB 517ms
145ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-xmas-js/xmas.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

1d0d390ac17ff7f82a15190289b248632f20862cf807431a023959f96e826ddb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:44:04 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CN2Un7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 448396548, 655572077 322156561
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446525
accept-ranges: bytes
content-type: application/javascript
content-length: 2979
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 menucontainer.js Show response
assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menucontainer-js/ 6 KB
2 KB 488ms
116ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/brandheader/1.1.2-1660560092/default-menucontainer-js/menucontainer.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

bfdb702ddb538ce175f17913e7a8691275652ff564008e3b7c99b78b415ed392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:44:04 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CI+en7bUyPkCEAE=
vary: Origin, accept-encoding
x-varnish: 388318750, 655572076 302239075
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2446525
accept-ranges: bytes
content-type: application/javascript
content-length: 1825
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 200 install-app.js Show response
assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/native-app-messages/ 2 KB
1 KB 487ms
116ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/native-app-messages/install-app.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

9e328e753b82ce8b126bd628ca24582e9a58c2f294ca685f10415af5de22aa21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:30:55 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 1234113
x-emergency-mode: payment-nets
content-length: 960
x-site: osl2
etag: CK3Uj9H46/kCEAE=
vary: Origin, accept-encoding
x-varnish: 883742788 874870100, 655572075 253055132
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 related-articles.js Show response
assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/relatedarticles/ 252 KB
55 KB 486ms
115ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/relatedarticles/related-articles.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

07bc1aa14d9270639dc23fe2ce1967578588e67bd2af1720c3ece50f81cce54d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:31:01 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 1234107
x-emergency-mode: payment-nets
content-length: 56100
x-site: osl2
etag: CJG8ptH46/kCEAE=
vary: Origin, accept-encoding
x-varnish: 888843289 889560423, 655572074 335480618
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 story.js Show response
assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/js/page/ 11 KB
5 KB 485ms
116ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/js/page/story.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

87f61d2ff1ad3ea7cf20b6d5b5620322b1d94927a18d5fcf533e2033655b72ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:29:54 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CK3C5fn38PkCEAE=
vary: Origin, accept-encoding
x-varnish: 838271641, 655572078 446805253
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 1061374
accept-ranges: bytes
content-type: application/javascript
content-length: 4374
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2

200

user.js Show response
assets.acdn.no/pkg/@amedia/user/0.14.54/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/user/v0/user.js
https://assets.acdn.no/pkg/@amedia/user/0.14.54/user.js

74 KB
23 KB

108ms
107ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/user/0.14.54/user.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

b4987ad736d395b680c7abf132f1baeaf2b097a5780eda9c9126bea3ec385006

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://services.api.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 11:44:57 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CJLrp4zkzfkCEAE=
vary: Origin, accept-encoding
x-varnish: 932905649, 655572080 555370099
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 2270072
accept-ranges: bytes
content-type: application/javascript
content-length: 23034
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

Redirect headers

date: Mon, 12 Sep 2022 17:59:41 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 689425471 689865497, 655572050 737839678
location: /pkg/@amedia/user/0.14.54/user.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 1187
content-type: text/plain
content-length: 0
x-dynamic-fallback-status: false

GET
H2

200

index.js Show response
assets.acdn.no/pkg/@amedia/browserid/1.1.7/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/browserid/v1/index.js
https://assets.acdn.no/pkg/@amedia/browserid/1.1.7/index.js

8 KB
3 KB

65ms
65ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/browserid/1.1.7/index.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

46e0cea73769bffd8a09549cfb81b9ded662e88f8389386bd773f9cb7814ab24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://services.api.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 08:57:30 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CMjT1+2ptPgCEAE=
vary: Origin, accept-encoding
x-varnish: 18776073, 655572082 38436877
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 5304119
accept-ranges: bytes
content-type: application/javascript
content-length: 3062
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

Redirect headers

date: Mon, 12 Sep 2022 18:01:26 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 724844960 719025923, 655572079 722113590
location: /pkg/@amedia/browserid/1.1.7/index.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 1082
content-type: text/plain
x-emergency-mode: payment-nets
content-length: 0
x-dynamic-fallback-status: false

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
30 KB

214ms
58ms

Script
application/javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Protocol: H2
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx0000000000000a23df8b0-00631f65e2-32334d62-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 12 Sep 2022 18:19:29 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 504ms
68ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: 6+GVbzwGDHVzWdb9KRunGQyflVirzT+SRdbFayye4YiqSc+xmMofltT29Oc49dy4mKJra0fqJq1vIqvB2/TyJw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 12 Sep 2022 18:19:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 534ms
71ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/story.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.acdn.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 03:01:28 GMT
x-content-type-options: nosniff
age: 487081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8892
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 07 Sep 2023 03:01:28 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame EFD3 44 KB
16 KB 722ms
289ms Document
text/html 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/gudbrandsdolen/&tabs=timeline&width=500&height=70&small_header=true&adapt_container_width=false&hide_cover=true&show_facepile=false&locale=nb_NO&appId=1381762785377592

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

9b7994789b533a07bc76391c2a1747e92c4e4a37d93d0dccb19bbc31f62abcd5

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 12 Sep 2022 18:19:29 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: /B3iXZKQa66pDZ1ITrFsvBWlvw6V8UKkrdc/rW8Ma8lPkJxMlDZckFphpkL5UDUDuHW5mKP7VnB+IkT6jbMiAw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 527ms
91ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/story.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.acdn.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 19:31:45 GMT
x-content-type-options: nosniff
age: 341264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8800
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 19:31:45 GMT

GET
H2 200 GuardianSans-Black-Web-subset.woff2
storage.googleapis.com/amedia-statics/non-critical/ 31 KB
31 KB 527ms
78ms Font
font/woff2 142.250.184.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/amedia-statics/non-critical/GuardianSans-Black-Web-subset.woff2
Requested by: Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/story.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 33dc4d330a12a60715560b975774b349d7eec7529646ed9d9ff6e1cefc3d9a1b

Request headers

Referer: https://assets.acdn.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:34:00 GMT
age: 2729
x-guploader-uploadid: ADPycdudFXjcGlBy4qQLLRogVbJ_u3NVo9pBO9EPaz2lJcGFRgHrrGMWUtOFsCnIyTMopMyLrYJb1NCHMRkoYZkxjlThOA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31820
last-modified: Thu, 08 Mar 2018 12:51:21 GMT
server: UploadServer
etag: "90207fcd663a3bef8e4474a16bcb54f1"
x-goog-hash: crc32c=23x9uA==, md5=kCB/zWY6O++ORHSha8tU8Q==
x-goog-generation: 1520513481735450
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 31820
accept-ranges: bytes
content-type: font/woff2
expires: Mon, 12 Sep 2022 18:34:00 GMT

GET
H2 200 glyphs.woff
storage.googleapis.com/amedia-statics/full/ 7 KB
8 KB 519ms
69ms Font
application/font-woff 142.250.184.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/amedia-statics/full/glyphs.woff
Requested by: Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/story.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 287feb66cc3b3fbe790379448315a631dfc59d0ab595cb9e4ce73837945dffe2

Request headers

Referer: https://assets.acdn.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:09:33 GMT
age: 596
x-guploader-uploadid: ADPycds9DCIvCPcMG5QtpjPaAXaFuuDlH7mqTPm6mTPb_IRWfNxdqa45zOTy58Pid0zIuFqxhonWybpK0OBZlAs5W_uz5Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7272
last-modified: Tue, 13 Mar 2018 10:17:26 GMT
server: UploadServer
etag: "6809a056148cd9ab8922b0a9b8cbe66a"
x-goog-hash: crc32c=/8uTag==, md5=aAmgVhSM2auJIrCpuMvmag==
x-goog-generation: 1520936246178944
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 7272
accept-ranges: bytes
content-type: application/font-woff
expires: Mon, 12 Sep 2022 19:09:33 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 516ms
81ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/story.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.acdn.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 09:34:44 GMT
x-content-type-options: nosniff
age: 463485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8732
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 07 Sep 2023 09:34:44 GMT

GET
H2 200 GuardianSans-Black-Web.woff2
storage.googleapis.com/amedia-statics/critical/ 42 KB
43 KB 598ms
161ms Font
font/woff2 142.250.184.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/amedia-statics/critical/GuardianSans-Black-Web.woff2
Requested by: Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/css/page/story.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 4d64ca9979a0118dd2c572020f492601b3be2c1fa8ff5da8ba653d58d52df35a

Request headers

Referer: https://assets.acdn.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:56:23 GMT
age: 1386
x-guploader-uploadid: ADPycdtTSoUSHBlEQiIk9IdIpYY3BcIwR3XSaa3jSHdzK1RSJUiVX6XETQmQwyP4bMJ5lmMKOnzDyEqe7yHfSX9fFnIrqw
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43388
x-goog-meta-
last-modified: Mon, 01 Nov 2021 13:14:04 GMT
server: UploadServer
etag: "d1963f9d876838d5426ee47aed25029f"
x-goog-hash: crc32c=YCam4g==, md5=0ZY/nYdoONVCbuR67SUCnw==
x-goog-generation: 1635772444689077
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 43388
accept-ranges: bytes
content-type: font/woff2
expires: Mon, 12 Sep 2022 18:56:23 GMT

GET
H2 200 siteconfig Show response
varnish-local.api.no/gaia/api/public/v1/ 295 KB
35 KB 476ms
78ms Fetch
application/json 87.238.38.20
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://varnish-local.api.no/gaia/api/public/v1/siteconfig

Requested by

Host: services.api.no
URL: https://services.api.no/api/adplogger/v3/main-982228e9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.20 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

Resource Hash

a4bc566695c91d0144fab5a365c6afb1a5de3c54fc98f1939d58388e3cbc8591

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 14:01:14 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 15495
x-emergency-mode: payment-nets
content-length: 35393
x-site: osl4
etag: ef12a271d6bb57ff5db78a028f59dde4--gzip
vary: Accept, Accept-Encoding, group-name
content-language: no
x-varnish: 730086568 684461577
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=30
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/json
access-control-allow-headers: Content-Type

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 441ms
44ms XHR
application/json 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220912

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d032fe90ef5162d39743f10922091cbd3f54b0a7cbffaeabd7b2e45d0d4c4552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 11912
x-jsd-version: 1.0.1461
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 914
etag: W/"66b-EyiK/k9Ky5feaHXFQp8/VwTvLIk"
x-served-by: cache-fra19122-FRA, cache-bma1677-BMA
x-jsd-version-type: version
date: Mon, 12 Sep 2022 18:19:29 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

brick-button.js Show response
assets.acdn.no/pkg/@amedia/brick-button/4.3.1/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/brick-button/v4/brick-button.js
https://assets.acdn.no/pkg/@amedia/brick-button/4.3.1/brick-button.js

5 KB
2 KB

37ms
37ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/brick-button/4.3.1/brick-button.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

732efe55c3d91865211c9416fe1b0445a463ac3cf79e7029f8db9c76c2652f14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/native-app-messages/migrate-app.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:30:57 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CP6W5suC3/kCEAE=
vary: Origin, accept-encoding
x-varnish: 363768375, 655572085 309795073
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 1234112
accept-ranges: bytes
content-type: application/javascript
content-length: 1669
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

Redirect headers

date: Mon, 12 Sep 2022 18:14:21 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 19672454 20553523, 655572081 732793407
location: /pkg/@amedia/brick-button/4.3.1/brick-button.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 308
content-type: text/plain
content-length: 0
x-dynamic-fallback-status: false

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=794013&ADFPageName=Audiences&ADFdivider=%7C&ord=440416496879&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5nZC5uby9u...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=794013&ADFPageName=Audiences&ADFdivider=%7C&ord=440416496879&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5nZC5...

109 B
589 B

55ms
55ms

Script
text/javascript

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=794013&ADFPageName=Audiences&ADFdivider=%7C&ord=440416496879&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyIn0&loc=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a27e853286431c17372330ab665bfa67c9df2a6d8b23ecaf758e98767c82a4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 183
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:29 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=794013&ADFPageName=Audiences&ADFdivider=%7C&ord=440416496879&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjEiOiJodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyIn0&loc=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

include.js Show response
assets.acdn.no/pkg/@amedia/include/3.0.6/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/include/v3/include.js
https://assets.acdn.no/pkg/@amedia/include/3.0.6/include.js

5 KB
3 KB

37ms
37ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/include/3.0.6/include.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

330b96cf90599060207e300b59bab5b2fbc90c18c7d12a55aa34d4880c413446

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/js/page/story.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 08:57:44 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: COrbx7Lcm/gCEAE=
vary: Origin, accept-encoding
x-varnish: 17695284, 655572086 95354887
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 5304105
accept-ranges: bytes
content-type: application/javascript
content-length: 2373
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

Redirect headers

date: Mon, 12 Sep 2022 18:18:13 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 724844917 729069818, 655572083 754976745
location: /pkg/@amedia/include/3.0.6/include.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 76
content-type: text/plain
x-emergency-mode: payment-nets
content-length: 0
x-dynamic-fallback-status: false

GET
H2

200

brick-image.js Show response
assets.acdn.no/pkg/@amedia/brick-image/1.3.1/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/brick-image/v1/brick-image.js
https://assets.acdn.no/pkg/@amedia/brick-image/1.3.1/brick-image.js

5 KB
3 KB

37ms
37ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/brick-image/1.3.1/brick-image.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

b4746746058dbd993e56bccd6334de5576d09d4f963ec686e3dddf4235ae7a75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://assets.acdn.no/pkg/foxfield/1.27.42-1661772403/js/relatedarticles/related-articles.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:31:09 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CL2F5cuC3/kCEAE=
vary: Origin, accept-encoding
x-varnish: 367493346, 655572087 343147204
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 1234100
accept-ranges: bytes
content-type: application/javascript
content-length: 2293
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

Redirect headers

date: Mon, 12 Sep 2022 18:10:48 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 691243122 687584807, 655572084 692461779
location: /pkg/@amedia/brick-image/1.3.1/brick-image.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 520
content-type: text/plain
content-length: 0
x-dynamic-fallback-status: false

GET
H2 401 self Show response
www.gd.no/api/aid/users/ 146 B
557 B 48ms
47ms Fetch
application/problem+json 87.238.38.2
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gd.no/api/aid/users/self?filter=(uuid%2Cname%2Ctracking_key)

Requested by

Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/@amedia/user/0.14.54/user.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.2 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

Resource Hash

4f16e81e59aaa64d326361e42ceb4baa202b0787625ddcbc4882368ad47a7698

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:29 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-site: osl4
x-varnish: 23628402, 1037358676
x-dynamic-fallback-status: false
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: upgrade-insecure-requests
x-age: 0
content-type: application/problem+json
x-emergency-mode: payment-nets
content-length: 146

GET
H2 200 adsbygoogle.js
www.gd.no/api/bazaar/v2/ad/ 0
0 42ms
41ms Fetch
application/javascript 87.238.38.2
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gd.no/api/bazaar/v2/ad/adsbygoogle.js

Requested by

Host: services.api.no
URL: https://services.api.no/api/bazaar/assets/v2/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.2 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:53:27 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl4
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary: Accept-Encoding
x-varnish: 840015722 836542822, 1037358677 808323766
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-age: 1059961
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-emergency-mode: payment-nets
content-length: 0
x-dynamic-fallback-status: false

GET
H2 200 consent.json Show response
services.api.no/api/bazaar/v2/iab/ 781 B
629 B 38ms
37ms XHR
application/json 87.238.38.6
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.api.no/api/bazaar/v2/iab/consent.json

Requested by

Host: services.api.no
URL: https://services.api.no/api/bazaar/assets/v2/bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.6 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

services.api.no

Software

Resource Hash

8e402c308b7183ddc0a472a0de04825c063e36d9c8ef1f43595178d711d6d439

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:53:21 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: W/"30d-JFl9Mt/iZfzu3fLKwMqdNrvItkY"
vary: Accept-Encoding
x-varnish: 346182207 216610517
x-dynamic-fallback-status: false
cache-control: max-age=172800
content-security-policy: upgrade-insecure-requests
x-age: 23167
accept-ranges: bytes
content-type: application/json; charset=utf-8
content-length: 268
via: 1.1 varnish (Varnish/6.0)

GET
H2 200 724986944298891 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 305ms
304ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/724986944298891?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

af9b5425dbc7c57542e97fa8c4901c7f1b681ceff3e1f92fc3f329e58c1bfac0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 2IH4s2fAGUdvb8Nq5ihMWYpWl35eE4xnspSNoXzT7C5T/SP4+ys+TOiHBD2cDP4dihnmzbZBcWlQt8KMxtFm+Q==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 12 Sep 2022 18:19:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

brick-icon.js Show response
assets.acdn.no/pkg/@amedia/brick-icon/0.5.1/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/brick-icon/v0/brick-icon.js
https://assets.acdn.no/pkg/@amedia/brick-icon/0.5.1/brick-icon.js

2 KB
1 KB

38ms
38ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/brick-icon/0.5.1/brick-icon.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

9cae748ccbfd561e2ee3d2eb9e795879c68b6438b1aa4dfb15be09b6977a7a23

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://assets.acdn.no/pkg/@amedia/brick-button/4.3.1/brick-button.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:10:32 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CLCP4suC3/kCEAE=
vary: Origin, accept-encoding
x-varnish: 351262320 359171208, 655572091 337656765
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 1678137
accept-ranges: bytes
content-type: application/javascript
content-length: 1087
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

Redirect headers

date: Mon, 12 Sep 2022 17:59:43 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 724844928 721344420, 655572088 713397701
location: /pkg/@amedia/brick-icon/0.5.1/brick-icon.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 1185
content-type: text/plain
x-emergency-mode: payment-nets
content-length: 0
x-dynamic-fallback-status: false

GET
H2

200

brick-tokens.js Show response
assets.acdn.no/pkg/@amedia/brick-tokens/2.8.0/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/brick-tokens/v2/brick-tokens.js
https://assets.acdn.no/pkg/@amedia/brick-tokens/2.8.0/brick-tokens.js

126 KB
22 KB

37ms
37ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/brick-tokens/2.8.0/brick-tokens.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

ae6c55ba95eec1eebe7ad27e27f4aebb324b1c9fb183a90e1dc53a4a6567f1e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://assets.acdn.no/pkg/@amedia/brick-button/4.3.1/brick-button.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 14:15:22 GMT
content-encoding: gzip
access-control-allow-origin: *
x-dynamic-fallback-status: false
x-age: 2174647
x-emergency-mode: paywall
content-length: 21941
x-site: osl2
etag: CKWn6KPJ0PkCEAE=
vary: Origin, accept-encoding
x-varnish: 142982526, 655572092 205139550
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: application/javascript

Redirect headers

date: Mon, 12 Sep 2022 18:14:06 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 684975996 688237154, 655572089 582285927
location: /pkg/@amedia/brick-tokens/2.8.0/brick-tokens.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 323
content-type: text/plain
content-length: 0
x-dynamic-fallback-status: false

GET
H2

200

component.js Show response
assets.acdn.no/pkg/@amedia/component/1.0.8/
Redirect Chain

https://assets.acdn.no/pkg/@amedia/component/v1/component.js
https://assets.acdn.no/pkg/@amedia/component/1.0.8/component.js

3 KB
2 KB

37ms
37ms

Script
application/javascript

87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/pkg/@amedia/component/1.0.8/component.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

a3a4a8de6e38825dcef1c531d9c5d0275c0ace2727a5564e4432188f8abe70d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://assets.acdn.no/pkg/@amedia/include/3.0.6/include.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:17:19 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: COms0YSSmfkCEAE=
vary: Origin, accept-encoding
x-varnish: 81370952, 655572093 380082064
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 4078930
accept-ranges: bytes
content-type: application/javascript
content-length: 1415
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

Redirect headers

date: Mon, 12 Sep 2022 18:10:37 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
access-control-allow-origin: *
vary: Origin
x-varnish: 18524387 19405129, 655572090 742852541
location: /pkg/@amedia/component/1.0.8/component.js
cache-control: public, max-age=1200
content-security-policy: upgrade-insecure-requests
x-age: 531
content-type: text/plain
content-length: 0
x-dynamic-fallback-status: false

GET
H2 200 info Show response
services.gcloud.api.no/api/nebula/v1/ 2 B
142 B 178ms
70ms Fetch
application/json 35.244.159.191
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://services.gcloud.api.no/api/nebula/v1/info?domain=www.gd.no&browser_id=53e15211-bc15-4c73-838d-0af51226f4a0
Requested by: Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/@amedia/user/0.14.54/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.191 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 191.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.gd.no
date: Mon, 12 Sep 2022 18:19:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: application/json

GET
H2 403 current Show response
www.aid.no/api/pluto/v1/sessions/ 164 B
654 B 476ms
42ms Fetch
application/json 87.238.38.9
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aid.no/api/pluto/v1/sessions/current

Requested by

Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/@amedia/user/0.14.54/user.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.9 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

vds.api.no

Software

Resource Hash

f92b8443b3d213a0718bc69be2598a5656e0799c75a25c0db31bee85e43283d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.gd.no
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-dynamic-fallback-status: false
x-age: 0
content-length: 154
x-site: osl3
vary: Origin, Accept-Encoding
x-varnish: 573108452
via: 1.1 varnish (Varnish/6.0)
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
content-type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 543ms
73ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115482469-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4650
date: Mon, 12 Sep 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 19:02:00 GMT

GET
H2 200 pubads_impl_2022090701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 75ms
74ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 10:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133090
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:36:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Sep 2023 10:50:47 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 58 B
702 B 557ms
108ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gd.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0143995614ad53faeb9f7d11c66dc18bc29d08fd62e2d90762529c297b7fd0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
x-xss-protection: 0
expires: Mon, 12 Sep 2022 18:19:30 GMT

GET
H2 200 stitches.js Show response
assets.acdn.no/npm/@stitches/core/1.2.5/ 17 KB
6 KB 38ms
37ms Script
application/javascript 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.acdn.no/npm/@stitches/core/1.2.5/stitches.js

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

13fe0242e0b45e2c61c3e7c3dc69726b628f24b70bc92a3cd1c4a6bfe11d3a84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://assets.acdn.no/pkg/@amedia/brick-tokens/2.8.0/brick-tokens.js
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 09:35:51 GMT
content-encoding: gzip
x-site: osl2
access-control-allow-origin: *
etag: CJ3RkaiIs/QCEAE=
vary: Origin, accept-encoding
x-varnish: 290785002, 655572094 46402793
x-dynamic-fallback-status: false
cache-control: public, max-age=31536000, immutable
content-security-policy: upgrade-insecure-requests
x-age: 5301818
accept-ranges: bytes
content-type: application/javascript
content-length: 6038
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)

GET
H2 404 544e1e69e45a1d0757aa4802.js
pp.lp4.io/app/54/4e/1e/ 0
0 250ms
76ms Script
text/html 136.243.95.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/app/54/4e/1e/544e1e69e45a1d0757aa4802.js
Requested by: Host: assets.acdn.no
URL: https://assets.acdn.no/pkg/maelstrom/1.64.27-1661944018/js/page/story.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.95.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.176.95.243.136.clients.your-server.de
Software: /
Resource Hash

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 1-934610-6636762.gif
s.api.no/mittari/c/article/www.gd.no/sectionId/ 79 B
542 B 464ms
41ms Image
image/gif 87.238.38.2
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.api.no/mittari/c/article/www.gd.no/sectionId/1-934610-6636762.gif?ts=1663006769860

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.2 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

74a08b8dacc3a3cc2c2e49d59c1ecbbf06a79fdd95cea7664d0dab4ba7968c91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 0
x-emergency-mode: payment-nets
content-length: 79
x-application-context: Mittari:8080
pragma: no-cache
x-site: osl4
server: nginx/1.21.3
x-varnish: 23338004, 1021208811
cache-control: no-cache, must-revalidate
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: image/gif; charset=UTF-8
expires: Wed, 09 Jun 1999 00:00:00 GMT

GET
H2 200 GAIA.gif
g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T11%3A03%3A35.000%2B0000/gudb/2022/9/12/13/ 34 KB
34 KB 105ms
42ms Image
image/gif 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T11%3A03%3A35.000%2B0000/gudb/2022/9/12/13/GAIA.gif?chk=CA3042

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

7b5753789c768da1e281b323446266e7af6c32f7fb588cd037bae88d1bb9ed9c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:49:15 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/gif
x-varnish: 676686814, 655572098 721193074
access-control-allow-origin: *
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
x-age: 1814
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 34798
x-dynamic-fallback-status: false

GET
H2 200 L%25C3%25A5gen.jpg
g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2021-08-31T07%3A41%3A23.000%2B0000/gudb/2021/8/31/9/ 17 KB
18 KB 104ms
41ms Image
image/jpeg 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2021-08-31T07%3A41%3A23.000%2B0000/gudb/2021/8/31/9/L%25C3%25A5gen.jpg?chk=294CA5

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

13c350e352f459dd7878db83d868083b5c09aadc233dd258e84dc8808eeacc16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 14:58:26 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/jpeg
x-varnish: 1057833458, 655572096 572504451
access-control-allow-origin: *
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
x-age: 12062
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 17755
x-dynamic-fallback-status: false

GET
H2 200 1662968769327.jpg
g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T07%3A46%3A10.000%2B0000/gudb/2022/9/12/9/ 21 KB
21 KB 105ms
42ms Image
image/jpeg 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T07%3A46%3A10.000%2B0000/gudb/2022/9/12/9/1662968769327.jpg?chk=2A5F1E

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

25fb2d2807e44f2762b92dc8c27d69ef5f5fd2001d66e4c7a1fd5dc2f3dbe93d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 14:57:41 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/jpeg
access-control-allow-headers: Content-Type
x-varnish: 695110448, 655572099 494172610
access-control-allow-origin: *
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
x-age: 12107
accept-ranges: bytes
timing-allow-origin: *
x-emergency-mode: payment-nets
content-length: 21206
x-dynamic-fallback-status: false

GET
H2 200 _DSC3692.jpg
g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T11%3A22%3A31.000%2B0000/gudb/2022/9/11/22/ 5 KB
6 KB 103ms
41ms Image
image/jpeg 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T11%3A22%3A31.000%2B0000/gudb/2022/9/11/22/_DSC3692.jpg?chk=284441

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

23bee20e8743707ba7c5e1400f950458d4c540589585b2110875998dd0ebe5b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:33:43 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/jpeg
x-varnish: 615084475 616421174, 655572097 426732079
access-control-allow-origin: *
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
x-age: 24345
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 5370
x-dynamic-fallback-status: false

GET
H2 200 hytter%2Btinn.jpg
g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T10%3A39%3A54.000%2B0000/gudb/2022/9/12/12/ 21 KB
21 KB 102ms
40ms Image
image/jpeg 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.acdn.no/obscura/API/dynamic/r1/ece5/tr_310_174_l_f-tc_310_174_c_m/2022-09-12T10%3A39%3A54.000%2B0000/gudb/2022/9/12/12/hytter%2Btinn.jpg?chk=6C17AF

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

88204a4b209737d1522e04c5b2e89f27e713eabda2683fcfce40fcf8f466dfd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 11:11:15 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/jpeg
access-control-allow-headers: Content-Type
x-varnish: 643756477, 655572095 414349025
access-control-allow-origin: *
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
x-age: 25693
accept-ranges: bytes
timing-allow-origin: *
x-emergency-mode: payment-nets
content-length: 21513
x-dynamic-fallback-status: false

POST
H2 200 / Show response
collect.adplogger.no/ 3 B
203 B 54ms
53ms Fetch
text/plain 35.227.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.adplogger.no/
Requested by: Host: services.api.no
URL: https://services.api.no/api/adplogger/v3/main-982228e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.200.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 190.200.227.35.bc.googleusercontent.com
Software: /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

x-adp-site: gudbrd
Referer: https://www.gd.no/
x-adp-logger: adplogger2JS:4.1.0
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
via: 1.1 google
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Referer, User-Agent, X-Forwarded-For, X-ADP-Logger, X-ADP-Site, X-ADP-User
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.gd.no
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3

OPTIONS
H2 200 /
collect.adplogger.no/ Frame 0
0 203ms
60ms Preflight 35.227.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.adplogger.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.200.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 190.200.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-adp-logger,x-adp-site
Access-Control-Request-Method: POST
Origin: https://www.gd.no
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Referer, User-Agent, X-Forwarded-For, X-ADP-Logger, X-ADP-Site, X-ADP-User
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.gd.no
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 12 Sep 2022 18:19:30 GMT
via: 1.1 google

GET
H2 200 share-btn.svg
r.acdn.no/article/nettavisen/ 951 B
1 KB 45ms
44ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/article/nettavisen/share-btn.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

09ab3f75689d0848855e4d0979f8ac2fc205a6e2a7b56b9d2f991ce1bb20f980

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 15:59:43 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/svg+xml
last-modified: Thu, 25 Jun 2020 05:35:04 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "3b7-5a8e1f458f816"
x-varnish: 689669578 658239313, 746915276 678799067
x-dynamic-fallback-status: false
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
x-age: 1184
accept-ranges: bytes
timing-allow-origin: *
content-length: 951

GET
H2 200 share-icon-fb.svg
r.acdn.no/article/nettavisen/ 605 B
1 KB 45ms
44ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/article/nettavisen/share-icon-fb.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

51d68cd4ffed50c6b4565da1ac2ad4eb4f8f067528d0232ea791eb4aabc474fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:29:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 1180
x-emergency-mode: payment-nets
content-length: 605
x-varnish: 721576439 722305964, 746915277 621335723
x-site: osl2
last-modified: Thu, 25 Jun 2020 05:35:04 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "25d-5a8e1f458f816"
content-type: image/svg+xml
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 share-icon-twitter.svg
r.acdn.no/article/nettavisen/ 1 KB
2 KB 45ms
45ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/article/nettavisen/share-icon-twitter.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

fecc666c75a8616502af584e4353bb2d15975cf0fb91544bbe03890ffd30d716

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:59:50 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-dynamic-fallback-status: false
x-age: 1180
x-emergency-mode: payment-nets
content-length: 1122
x-varnish: 686862316 667835179, 746915278 674015003
x-site: osl2
last-modified: Thu, 25 Jun 2020 05:35:03 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "462-5a8e1f455eaa7"
content-type: image/svg+xml
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 share-icon-copy-link.svg
r.acdn.no/article/nettavisen/ 2 KB
2 KB 45ms
45ms Image
image/svg+xml 87.238.38.4
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.acdn.no/article/nettavisen/share-icon-copy-link.svg

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.4 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Apache/2.4.7 (Ubuntu) /

Resource Hash

0ac006e637f805ba40e91bc29b9fbd386833129e62d96f679336600f33241b17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:29:51 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/svg+xml
last-modified: Thu, 25 Jun 2020 05:35:03 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "635-5a8e1f4531a0e"
x-varnish: 678771744 684100075, 746915279 737509872
x-dynamic-fallback-status: false
cache-control: max-age=1800, channel-maxage
content-security-policy: upgrade-insecure-requests
x-age: 1178
accept-ranges: bytes
timing-allow-origin: *
content-length: 1589

GET
H2 200 qFPBl3gYo9t.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/ Frame EFD3 21 KB
6 KB 509ms
62ms Stylesheet
text/css 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/qFPBl3gYo9t.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/gudbrandsdolen/&tabs=timeline&width=500&height=70&small_header=true&adapt_container_width=false&hide_cover=true&show_facepile=false&locale=nb_NO&appId=1381762785377592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

d475da024a75700dc86802e397f24e57560738b5e69b6f97c9b25c1719fb5138

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FfzOhI8SB/zlTpXmd7OCNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5298
x-fb-rlafr: 0
x-fb-debug: 0qVuyZk5Ccj6hiEfrjx9kyRjprXpQttiFZ3EDT5Iktts0oeFtLpa0FnCxpj61+ThZlm8UPDVY1zWNgBeST79vA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 11 Sep 2023 17:25:57 GMT

GET
H2 200 5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame EFD3 2 KB
1020 B 509ms
63ms Stylesheet
text/css 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qp62alFG777So/ro/wbkaA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 829
x-fb-rlafr: 0
x-fb-debug: CWbiFxxiYib+hR8iqE1kIYimJ/sSdiFKJHYcDAwB0035HDBSLTTgwkfaWhUhi48L+ekZD9mhXUYepE/rV02QiQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Sep 2023 19:21:24 GMT

GET
H2 200 xUCu69_VoIG.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame EFD3 6 KB
1 KB 509ms
63ms Stylesheet
text/css 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G4bSvzLG2IH4kVzNTn3U6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 871
x-fb-rlafr: 0
x-fb-debug: notiw9NWhE6PBYokBqvhWiSI7KSYGWtI1FXcXIObDyAUOgaLvkm1OjOFR7r5gn/biyqKEQxog9Dco7pysGT4wA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Sep 2023 19:17:36 GMT

GET
H2 200 OVsz4HotoAk.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame EFD3 320 KB
87 KB 509ms
63ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/OVsz4HotoAk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

22ae1badce6b58fbf0884022126b7adba00f50c8e68b6e9dbe9913e939650d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JbcIvZzz9En1H9F+uEUKXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88477
x-fb-rlafr: 0
x-fb-debug: h/KKT+iWjaAvgDHtJHwkYDoU0I/wFfp3Ow/CYXpdtf/jEafcgzGLHbS1qjcpMelewzuj9SMDczgAUiPkQYHOrg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Sep 2023 17:05:18 GMT

GET
H2 200 iiDbYMCPtB3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame EFD3 5 KB
2 KB 509ms
63ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/iiDbYMCPtB3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

4c01bda88c70f4508fe21057233d32a63b91052cac425a9027a1f930866d4e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Uz/0UZ4sf3f6xy7wRFf48w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: b9X/fVWTkcqr0ijNsQDebBLV+QAQ/1TMPtsxTZ6hpDLSWS4CM1e2t1ydBx82Xs0XMA+8Eh5ZE5SIZdTmFtFrsA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Sep 2023 21:06:14 GMT

GET
H2 200 WaP6_wt5x02.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame EFD3 38 KB
12 KB 626ms
181ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/WaP6_wt5x02.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

b60301c156ad1a0c965b17b78660a631499a95fa8a13c14be4a1710b6a77b593

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pmUz9YRPCxPUqCkbwwkZ2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12174
x-fb-rlafr: 0
x-fb-debug: sAorJKqnLCJ7VgxnmJVMNsxFxYfNKVyur17clGtEV5cG0ZQI+AyKMpmJoc693iUa6B7Y6yGmgUMm7lBjYe7Nmg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Sep 2023 05:18:50 GMT

GET
H2 200 Oz0iPPgh22l.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame EFD3 50 KB
16 KB 626ms
181ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/Oz0iPPgh22l.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

93cb7596fc6a830eadbab0f5aaa62a44875c3222cce6ab8d8a0784c2c93c50b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6dxwWtzxByfjtGEXnrZviw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15843
x-fb-rlafr: 0
x-fb-debug: C8z/AsRV9WzHa5K/OZknsaIPeomHzH8VBkINNltHttOiW2qF0Yoc3VQRwmdYvxnOzw04VUJgZAJJ6YmQ487g/g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 31 Aug 2023 16:13:27 GMT

GET
H2 200 InKNvzcBSB1.js Show response
static.xx.fbcdn.net/rsrc.php/v3iM264/yF/l/nb_NO/ Frame EFD3 83 KB
23 KB 626ms
181ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iM264/yF/l/nb_NO/InKNvzcBSB1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

73184e7fe366b4dbe8998b1f64070ab3e6f0e548d046478e239f883c74755f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1E7zX66VDL1kM1IreS+9mQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23361
x-fb-rlafr: 0
x-fb-debug: 3vb2wl/8sPloT3TB1QJMSevPw6yFL/br8dpeZi161iLzdD9IsH1Rfkr67Hl2IngJ6ckkdmKyXkTJvpLMbb0sGg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 01 Sep 2023 04:56:00 GMT

GET
H2 200 27867_115162625186272_2701496_n.jpg
scontent-cph2-1.xx.fbcdn.net/v/t1.18169-1/ Frame EFD3 1 KB
2 KB 458ms
50ms Image
image/jpeg 157.240.200.14
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cph2-1.xx.fbcdn.net/v/t1.18169-1/27867_115162625186272_2701496_n.jpg?stp=c0.5.50.50a_cp0_dst-jpg_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=S2LrSn08dlAAX-9W1St&_nc_ht=scontent-cph2-1.xx&edm=ADwHzz8EAAAA&oh=00_AT8bBHooqCu2Mvxpmrue74zIsAWLHT0Y870LH4_atRARwQ&oe=63433B8B
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/gudbrandsdolen/&tabs=timeline&width=500&height=70&small_header=true&adapt_container_width=false&hide_cover=true&show_facepile=false&locale=nb_NO&appId=1381762785377592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.200.14 Ballerup Municipality, Denmark, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-cph2.fbcdn.net
Software: /
Resource Hash: 76a23e2204c430b0be1fabf485181d61958e13bde2551c69b569b11d566da338

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-haystack-needlechecksum: 2689903188
date: Mon, 12 Sep 2022 18:19:31 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=854964971
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1995309857
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1432

GET
H2 200 Nett_IMG_3913_4862389a.jpg
g.acdn.no/obscura/API/dynamic/r1/escenic/tr_2000_2000_s_f/0000/archive/04862/ 362 KB
363 KB 479ms
443ms Image
image/jpeg 87.238.38.3
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.acdn.no/obscura/API/dynamic/r1/escenic/tr_2000_2000_s_f/0000/archive/04862/Nett_IMG_3913_4862389a.jpg?chk=38F4DB

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.238.38.3 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

varnish-stable.api.no

Software

Resource Hash

27ddee2a37f6e0f926ae258ef98b5dea859dba0e0946d49d0d5e41965af8d460

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
x-site: osl2
content-type: image/jpeg
access-control-allow-headers: Content-Type
x-varnish: 720565199, 692724552
access-control-allow-origin: *
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
x-age: 0
accept-ranges: bytes
timing-allow-origin: *
x-emergency-mode: payment-nets
content-length: 370709
x-dynamic-fallback-status: false

GET
H2 200 6143532e3fb9a76297593ea2.js Show response
cl.k5a.io/ 304 B
454 B 160ms
48ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.k5a.io/6143532e3fb9a76297593ea2.js
Requested by: Host: services.api.no
URL: https://services.api.no/api/adplogger/v3/main-982228e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: Apache/2.4.46 (Unix) /
Resource Hash: 2d6b6cc9354545b34e61bae3eb39d3e4be2420fdbee7eed38419589f0fd129ec

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 14:33:59 GMT
server: Apache/2.4.46 (Unix)
etag: "130-5e5571fadf27c"
x-hw: 1663006770.cds239.sk1.hn,1663006770.cds001.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=676
accept-ranges: bytes
content-length: 258

GET
H2 200 analytics.js Show response
log.medietall.no/ 334 B
485 B 168ms
52ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.medietall.no/analytics.js
Requested by: Host: services.api.no
URL: https://services.api.no/api/adplogger/v3/main-982228e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a047c0d9788592aff211be91bb22799af40af337e552f47f754740d5d4151573

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 11:55:05 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "14e-5e7882af54f79-gzip"
x-hw: 1663006770.cds020.sk1.hn,1663006770.cds229.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 283

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 298ms
166ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5886215a002ae581d0ec96779cd94113a4c0153d8b6eadeecafa0097e8baf31b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Sep 2022 18:19:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.255.148.172; 178.255.148.172; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8d1321df-a016-4249-bdf4-7cf4d7ccccc1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.gd.no
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
495 B 121ms
87ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.gd.no
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 3 KB
4 KB 794ms
224ms XHR
application/json 213.19.162.31
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10856&site_id=55962&zone_id=832544%3B832548%3B832556%3B832576&size_id=31%3B15%3B15%3B15&alt_size_ids=78%2C79%2C113%2C145%3B9%2C10%2C33%2C54%2C159%2C282%3B159%2C566%3B64%2C67%2C159%2C232&rp_schain=1.0,1!netricsales.com,10856,1,,,&rf=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762&tg_i.aupname=.*gd.no%2Ftoppbanner%3B.*gd.no%2Fskyskraper%3B.*gd.no%2Fartikkelboard%3B.*gd.no%2Fnetboard&tk_flint=dmpbjs_v7.11.0&x_source.tid=3712de0e-e90c-44a8-8cfd-b6ff2eb35dc7%3B94f2d559-406a-4e5b-8fa2-0a2e095f7b35%3B04d51944-27c9-40e2-86fa-8a87def67123%3B33452f04-29f1-4e70-a59e-e9b46e6ac7f9&l_pb_bid_id=163e6c23fdd766c%3B17907e7e598b8c9%3B18b2725238c0b16%3B19a048bb04890c9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.3627512406188065
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b0cf6d9d2ca9f4977751da8363b2f309f0038a31be18145f267293d5155a3dcf

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 18:19:30 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.gd.no
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 1840
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ 3 KB
2 KB 121ms
87ms XHR
application/json 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

eaad50237f61c6b04e879844c50b73f71b4321bc61cffbfa2180acbb63eade42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.gd.no
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 pb Show response
ad.360yield.com/ 3 KB
2 KB 306ms
143ms XHR
application/json 99.80.189.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2dbc883174b4fc9d605f6cf3387e719a20bea516d4635e4338e17b12e3bf1a2c

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gd.no
date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1936
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 pb Show response
ad.360yield.com/ 3 KB
2 KB 304ms
142ms XHR
application/json 99.80.189.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 44d9d25f0a31294254e81e693683527b38905d38e24f68dc1d95fc7ce83bd24f

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gd.no
date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1928
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 pb Show response
ad.360yield.com/ 3 KB
2 KB 369ms
207ms XHR
application/json 99.80.189.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6f12f02da9633a67d26b7b3e67cc4ce7355bb1edaf2cdc66b73851ff976e0421

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gd.no
date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1931
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 pb Show response
ad.360yield.com/ 3 KB
2 KB 302ms
140ms XHR
application/json 99.80.189.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9e6836b8ffc808a508f270a873c6d5832205b602a670467c8714e0e4ff5ef3be

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gd.no
date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1931
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 i Show response
ads.adnuntius.delivery/ 13 KB
2 KB 256ms
166ms XHR
application/json 172.67.201.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb56db9b053b030092e6f0b9b2710368d834a1059975d89eadfe91717ab36dc

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: cb1e2dc7a2e451d0808c1f38c896a7ba
x-adn-backend-server-id: f132cd67
content-length: 1442
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6nqBsnDWF%2FknY2k8V2tlDifAY1xNGtN9gDBbqV%2FSW6SUBo6ISnmmpXIl1jDfvscK%2BRDs2GgWr76Dm4U5KLNbXH4ZP6V8%2FJvUySb7mki9HdsKgCd5QAEkEZag7BUvj%2F47JVm34llA75k"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gd.no
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 749aa6d97bfc0b61-OSL
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 i Show response
ads.adnuntius.delivery/ 13 KB
2 KB 244ms
156ms XHR
application/json 172.67.201.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44023840ee22c019fdd6b41e16bc2d8d34a3e02cf78730223efb44c799d3fe94

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: c997b743dbb441e68365c5047086ce75
x-adn-backend-server-id: f132cd67
content-length: 1358
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ie0vXEYRiEyxagSXQTNRAXFh5kbjIJ4CEAX%2F7c%2FKxdIgs8HAn1C6i0JY5LmxeYy6GXHV0u37yj30L8T49puHiPyAVM2jj4iQEg%2B3%2F%2Bx8prjzwC6dXBKhf679Q7acdTPNLUapVTgM4dij"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gd.no
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 749aa6d97c020b61-OSL
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 404 1-934610-6636762.json Show response
storage.googleapis.com/amedia-content-updates/production/ 217 B
514 B 127ms
126ms Fetch
application/xml 142.250.184.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/amedia-content-updates/production/1-934610-6636762.json?buster=1663006770049
Requested by: Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f16.1e100.net
Software: UploadServer /
Resource Hash: 1f6853e8c35d43e503c6a2193c04e053212953031ce443d81075a302728bb029

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
server: UploadServer
x-guploader-uploadid: ADPycdu7VBLz910sj0vKBvEryhXZrcQpi_rRGcNrx_rCyywiauYeaVRt5aE7uNPFFZZYb_0WPaL_zQpV70fG5f7zEXUy4A
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
expires: Mon, 12 Sep 2022 18:19:30 GMT

GET
H2 200 6143532e3fb9a76297593ea2.module.js Show response
cl.k5a.io/ 67 KB
18 KB 138ms
49ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.k5a.io/6143532e3fb9a76297593ea2.module.js
Requested by: Host: cl.k5a.io
URL: https://cl.k5a.io/6143532e3fb9a76297593ea2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: Apache/2.4.46 (Unix) /
Resource Hash: cd0d22893a7d3036d724a54526f0e551f8f707a828c8b81ea6af60d38ba89725

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
last-modified: Fri, 09 Sep 2022 07:28:36 GMT
server: Apache/2.4.46 (Unix)
etag: "10a9b-5e8397e7627a0"
x-hw: 1663006770.cds252.sk1.hn,1663006770.cds253.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=677
accept-ranges: bytes
content-length: 18511

GET
H2 200 analytics.v2.js Show response
log.medietall.no/ 38 KB
11 KB 140ms
50ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.medietall.no/analytics.v2.js
Requested by: Host: log.medietall.no
URL: https://log.medietall.no/analytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 7b6cc3c4f715fb85b735a6400211eb264d22184d9417512a08c8f4055b185b0f

Request headers

Referer: https://www.gd.no/
Origin: https://www.gd.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
content-encoding: gzip
last-modified: Sun, 03 Apr 2022 11:55:19 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "979b-5dbbeaf995413-gzip"
x-hw: 1663006770.cds021.sk1.hn,1663006770.cds225.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
content-length: 10903

GET
H2 200 /
www.facebook.com/tr/ 44 B
363 B 363ms
62ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=724986944298891&ev=PageView&dl=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762&rl=&if=false&ts=1663006770290&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1663006770289.293455742&it=1663006769741&coo=false&rqm=GET

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 12 Sep 2022 18:19:30 GMT

POST
H2 204 /
cl.k5a.io/ 0
95 B 76ms
76ms Ping
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.k5a.io/?i=607d77e46bf6b242026472c2&l=p&u=https%3A%2F%2Fwww.gd.no%2F1-934610-6636762&c=desktop&ptp=article&psn=&sbs=&ul=&lcid=na&uid=D8u0pYc9Pop5bwvn&ns=1&_h=pageView&_s=js&_l=DOMContentLoaded&_m=b
Requested by: Host: log.medietall.no
URL: https://log.medietall.no/analytics.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: Apache/2.4.46 (Unix) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 12 Sep 2022 18:19:30 GMT
server: Apache/2.4.46 (Unix)
x-hw: 1663006770.cds239.sk1.hn,1663006770.cds066.sk1.sc,1663006770.cds066.sk1.p
content-type: application/octet-stream

POST
H2 204 /
cl.k5a.io/ 0
77 B 81ms
80ms Ping
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.k5a.io/?i=6143532e3fb9a76297593ea2&l=p&u=https%3A%2F%2Fwww.gd.no%2F1-934610-6636762&pig=https%3A%2F%2Fg.api.no%2Fobscura%2FAPI%2Fdynamic%2Fr1%2Fescenic%2Ftr_2000_2000_s_f%2F1367561974000%2Farchive%2F04862%2FNett_IMG_3913_4862389a.jpg%3Fchk%3D38F4DB&c=desktop&ptp=article&psn=&pssn=&ptl=Tidenes%20transport%20til%20Lillehammer%20i%20natt&pwct=287&par=terje%20lis%C3%B8deg%C3%A5rd&ptg=nyheter&pctg=&pstg=&ppt=2013-05-03T07%3A30%3A51.000%2B0200&pmt=2013-05-03T06%3A21%3A09.000Z&pw=&pd=&sbs=&cs=&r=_&ul=&uid=cvOpl3jNdLwmmy5G&ns=1&_h=pageView&_s=js&_l=DOMContentLoaded&_m=b
Requested by: Host: cl.k5a.io
URL: https://cl.k5a.io/6143532e3fb9a76297593ea2.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: Apache/2.4.46 (Unix) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 12 Sep 2022 18:19:30 GMT
server: Apache/2.4.46 (Unix)
x-hw: 1663006770.cds239.sk1.hn,1663006770.cds224.sk1.sc,1663006770.cds224.sk1.p
content-type: application/octet-stream

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 381ms
79ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=933915316&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762&ul=en-us&de=UTF-8&dt=Nyheter%20%7C%20Tidenes%20transport%20til%20Lillehammer%20i%20natt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=527575227&gjid=1029247787&cid=304576634.1663006770&tid=UA-115482469-2&_gid=2139694470.1663006770&_r=1&gtm=2ou970&z=1584502193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gd.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame EFD3 3 KB
3 KB 374ms
73ms Image
image/png 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:31 GMT
x-content-type-options: nosniff
content-md5: iN31dShDArRt9ZikrDb13w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2616
x-fb-rlafr: 0
x-fb-debug: npuUb/9SF65xlUpS7XIDwLS0g5GmXFpzv7hVVHViKnatAmesIdvGwdU3yfCpzHsOgFez9dBbMOSWlPgePMGZpQ==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 01 Sep 2023 02:59:41 GMT

GET
H2 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame EFD3 573 B
848 B 373ms
72ms Image
image/png 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/qFPBl3gYo9t.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/qFPBl3gYo9t.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:31 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: +UdllBYLhAPi1FSLhErt7l8sRPIC4kGXYqteywDvb+gmSE/klfpNIAnGly/W9wEXtkUso4B3M8PTENJKHQxgVQ==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Aug 2023 02:33:50 GMT

GET
H2 200 1lYRIUv3fB9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame EFD3 22 KB
7 KB 362ms
61ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/1lYRIUv3fB9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/OVsz4HotoAk.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

faf79cb9e29372a0c931d3c576f286c1ae40f22a5c24c089ab51e06685775660

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5PIhxmQubFGcokYgJ6FXEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7237
x-fb-rlafr: 0
x-fb-debug: a6aGur8llFI4UjXlF691beJVH3L0HeRlm1ZYpvEkys3SCt8Cy6cpMKpEPqffLvq+8EHnDlVJTJbfpMXEeVaRxA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 08 Sep 2023 21:06:15 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 510ms
64ms XHR
text/plain 74.125.140.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-115482469-2&cid=304576634.1663006770&jid=527575227&gjid=1029247787&_gid=2139694470.1663006770&_u=YEBAAUAAAAAAAC~&z=1484462068

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gd.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 18:19:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.gd.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 89DC 0
103 B 363ms
62ms Document
text/plain 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.gd.no
Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.gd.no
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 18:19:31 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 integrator.js Show response
adservice.google.no/adsid/ 107 B
792 B 577ms
82ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.no/adsid/integrator.js?domain=www.gd.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 18:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 554ms
84ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gd.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 18:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 157 KB
29 KB 1330ms
1030ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1159619972173386&correlator=554029779421892&eid=31069465&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&iu_parts=56257416%2Cwww.gd.no%2Ctoppbanner%2Cskyskraper%2Cartikkelboard%2Cnetboard%2Ctakeover%2Cmidtbanner&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=320x50%7C980x120%7C980x150%7C980x200%7C980x240%7C980x300%7C1000x150%7C1000x300%2C180x500%7C160x600%7C180x700%7C250x500%7C280x500%7C300x600%7C300x250%7C320x250%7C320x400%7C320x480%7C300x300%2C320x50%7C320x250%7C300x250%2C320x50%7C480x400%7C580x400%7C580x500%2C1920x1080%2C320x50%7C980x120%7C980x150%7C980x200%7C980x240%7C980x300%7C980x500%7C980x600%7C1920x1080&fluid=height%2C0%2Cheight%2Cheight%2C0%2Cheight&ifi=1&adks=169855212%2C1670952708%2C1359594908%2C3214422195%2C1794063768%2C343346685&sfv=1-0-38&fsapi=false&prev_scp=keyword%3Dart%2Cnyheter%2Cart_1%26position%3D1%26format%3Dtoppbanner%26threshold%3D200%26demandmanager1%3Ddemandmanager1%26hb_format_improvedig%3Dbanner%26hb_size_improvedigit%3D980x300%26hb_pb_improvedigital%3D9.52%26hb_adid_improvedigit%3D5059f582c141db2%26hb_bidder_improvedig%3Dimprovedigital%26hb_format%3Dbanner%26hb_size%3D980x300%26hb_pb%3D9.52%26hb_adid%3D5059f582c141db2%26hb_bidder%3Dimprovedigital%7Ckeyword%3Dart%2Cnyheter%2Cart_1%26position%3D1%26format%3Dskyskraper%26threshold%3D0%26demandmanager1%3Ddemandmanager1%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D320x400%26hb_pb_appnexus%3D8.47%26hb_adid_appnexus%3D4742a6e62c942cb%26hb_bidder_appnexus%3Dappnexus%26hb_format_improvedig%3Dbanner%26hb_size_improvedigit%3D300x600%26hb_pb_improvedigital%3D9.10%26hb_adid_improvedigit%3D49532809df73ee4%26hb_bidder_improvedig%3Dimprovedigital%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D9.10%26hb_adid%3D49532809df73ee4%26hb_bidder%3Dimprovedigital%7Ckeyword%3Dart%2Cnyheter%2Cart_1%26position%3D1%26format%3Dartikkelboard%26threshold%3D-100%26demandmanager1%3Ddemandmanager1%26hb_format_improvedig%3Dbanner%26hb_size_improvedigit%3D320x250%26hb_pb_improvedigital%3D9.10%26hb_adid_improvedigit%3D51e5a6757a0cff1%26hb_bidder_improvedig%3Dimprovedigital%26hb_format%3Dbanner%26hb_size%3D320x250%26hb_pb%3D9.10%26hb_adid%3D51e5a6757a0cff1%26hb_bidder%3Dimprovedigital%7Ckeyword%3Dart%2Cnyheter%2Cart_1%26position%3D1%26format%3Dnetboard%26threshold%3D200%26demandmanager1%3Ddemandmanager1%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D580x500%26hb_pb_rubicon%3D17.22%26hb_adid_rubicon%3D526615aa3698a6f%26hb_bidder_rubicon%3Drubicon%26hb_format_improvedig%3Dbanner%26hb_size_improvedigit%3D580x400%26hb_pb_improvedigital%3D9.10%26hb_adid_improvedigit%3D486a7d7a31d29f7%26hb_bidder_improvedig%3Dimprovedigital%26hb_format_adform%3Dbanner%26hb_size_adform%3D580x400%26hb_pb_adform%3D6.23%26hb_adid_adform%3D46293ceb1520163%26hb_bidder_adform%3Dadform%26hb_format%3Dbanner%26hb_size%3D580x500%26hb_pb%3D17.22%26hb_adid%3D526615aa3698a6f%26hb_bidder%3Drubicon%7Ckeyword%3Dart%2Cnyheter%2Cart_1%26position%3D1%26format%3Dtakeover%26demandmanager1%3Ddemandmanager1%7Ckeyword%3Dart%2Cnyheter%2Cart_1%26position%3D1%26format%3Dmidtbanner%26threshold%3D200%26demandmanager1%3Ddemandmanager1&eri=1&cust_params=user_segments%3D%26publication%3Dwww.gd.no%26keyword%3Dart%252Cnyheter%26fritekst%3Dart%252Cnyheter%26bazaar%3Dinternal%26userAgent%3DChrome%2520art%26pageview_id%3D595d4c2e-999a-4e6c-a203-cc4e71f2ab54%26aid%3Dikkeinnlogget%26a_brws_id%3D53e15211-bc15-4c73-838d-0af51226f4a0&ppid=53e15211bc154c73838d0af51226f4a0&sc=1&cookie_enabled=1&abxe=1&dt=1663006770862&lmt=1663006770&dlt=1663006768574&idt=1483&adxs=800%2C-9%2C-9%2C-9%2C0%2C-9&adys=244%2C-9%2C-9%2C-9%2C0%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.gd.no%2Fnyheter%2Ftidenes-transport-til-lillehammer-i-natt%2Fs%2F1-934610-6636762&frm=20&vis=1&psz=1x0%7C0x-1%7C0x-1%7C0x-1%7C1600x1%7C0x-1&msz=1x0%7C0x-1%7C0x-1%7C0x-1%7C1600x0%7C0x-1&fws=4%2C2%2C2%2C2%2C4%2C2&ohw=1600%2C0%2C0%2C0%2C1600%2C0&rtgs=1!1!1!1!0!1&max_w=980!320!320!580!0!980&max_h=300!1050!300!500!0!600&min_w=700!100!200!300!0!700&min_h=50!400!125!250!0!50&ga_vid=304576634.1663006770&ga_sid=1663006771&ga_hid=933915316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

cf3c7639799181061285f0c6f5b230e9b2ff1efda537d028d5e7e410ea6c0d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 146597,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29045
x-xss-protection: 0
google-lineitem-id: -1,6094928305,5336763539,6107471716,-2,6107286914
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138401967899,138307745752,138404061489,-2,138403887125
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gd.no
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A5C 6 KB
4 KB 551ms
83ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 18:19:31 GMT
expires: Tue, 12 Sep 2023 18:19:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 570ms
107ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-115482469-2&cid=304576634.1663006770&jid=527575227&_u=YEBAAUAAAAAAAC~&z=974584510

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
501 B 568ms
105ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-115482469-2&cid=304576634.1663006770&jid=527575227&_u=YEBAAUAAAAAAAC~&z=974584510

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 591ms
122ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

56b1e07920aa91d281bcc7ba8e3a4ef5c021e4dd8fe12f024c73600e58b3974f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 18:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11135
x-xss-protection: 0

GET
H2 200 container.html Show response
01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA34 6 KB
3 KB 375ms
73ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 18:19:31 GMT
expires: Tue, 12 Sep 2023 18:19:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FF5 0
0 413ms
112ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhTubc7T08cW2KJ4o1kgSVjL_B2ohOEzm3x20f1L_yQqZM2HM5p1hpPQRv6sBoG8pTda43Em9cbEgDU507PPDW_G6A6e2JdTrvIRuHohQvt33hvPelYbJXBRzxiBEGebe85Yv-SwUG63JtbyiRR6JzbAe3KQDL57aC9Xb9hUoRAPxDig0T5Ui0g3SkdqlSAO_fa_WLTf1zdq16WdDnvpn4Dk2KfjHPTb3s44WovidTyCKMOfz-m8GIN7xoTB-0IFw1C-5AAypRpJ8s2mzcN-WQ6noIJeb3yubSgvFbguCFKcuSjbZTAs9bSSr3nMdSjxfHZw&sai=AMfl-YTyFy3g7ZYh8xwg2kinDKJGIq5x8DI4nWEqhtLddh8E-vcjJyHOby62wuDThlocn_IfJHjzBhQemap-HiWFi75G4vnEATr_r4Hvn30efshBAZros4tJbBsqKjbI15S_Xrmw&sig=Cg0ArKJSzMniMtEb1wmYEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 18:19:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 18:19:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 0FF5 23 KB
10 KB 537ms
72ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 18:14:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 0FF5 3 KB
1 KB 610ms
146ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 18:08:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FF5 141 KB
44 KB 555ms
79ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 18:19:32 GMT

GET
H2 200 2951223872551809518
tpc.googlesyndication.com/simgad/ Frame 0FF5 17 KB
17 KB 612ms
148ms Image
image/gif 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2951223872551809518

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

62618f7da93418ffdb6b387b0599b209012f0c4491fb7b908ba03b527d8dbc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 15:09:48 GMT
x-content-type-options: nosniff
age: 443384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17472
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:36:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 15:09:48 GMT

POST
H3 200 / Show response
collect.adplogger.no/ 3 B
21 B 56ms
56ms Fetch
text/plain 35.227.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.adplogger.no/
Requested by: Host: services.api.no
URL: https://services.api.no/api/adplogger/v3/main-982228e9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.200.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 190.200.227.35.bc.googleusercontent.com
Software: /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

x-adp-site: gudbrd
Referer: https://www.gd.no/
x-adp-logger: adplogger2JS:4.1.0
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Mon, 12 Sep 2022 18:19:32 GMT
via: 1.1 google
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Referer, User-Agent, X-Forwarded-For, X-ADP-Logger, X-ADP-Site, X-ADP-User
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.gd.no
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3

OPTIONS
H3 200 /
collect.adplogger.no/ Frame 0
0 58ms
58ms Preflight 35.227.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.adplogger.no/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.200.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 190.200.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-adp-logger,x-adp-site
Access-Control-Request-Method: POST
Origin: https://www.gd.no
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Referer, User-Agent, X-Forwarded-For, X-ADP-Logger, X-ADP-Site, X-ADP-User
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.gd.no
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 12 Sep 2022 18:19:32 GMT
via: 1.1 google

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 433ms
173ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 18:19:32 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AA34 0
0 419ms
118ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8JsJM3gfY7TIEY6VzQbW34mQBP7T969czs-92OoCwI23ARABIABgw4SAgJgYggEXY2EtcHViLTg0OTc0MTQ4MDkzNTc4ODWgAeqMwbYDyAEJ4AIAqAMBqgSgAk_QGdzyYmqQpv2PosatkVogwZso2QYCcgorrekQv7GPhq80OKVjcz5WPElRyIQ9koxao7W3qhGmubQjFBloOam-wlLd5O1J9B31yrSky5x0Inf1cMQY3workjckaPABq6DH7hNPKxxV_bEA55ZkxnVnRGz9mhswi1xjWZnOKlp1OIuSorkcPQl9rZKLxE_hM0qCNS9fgrHacEQsWW8a6GboomluoMmRthxTOQPOv-jfvNEKfB1jqnGziZJR5nJjPH6f8dW7UufmBySMYjzadn6OgetfwyujlmhlyBCp5q9NMaCM72z93M8Nc7OI8yjR7v5_he2B3OmL9qcGLhv2aQnfc6YU9PkbOs1ZOyjZpwinKRi_7x5_5bf35tiQ5ol9juAEAYAG-fXuj8je44a-AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODQ5NzQxNDgwOTM1Nzg4NRiI9x0&sigh=4YPzI1MXT9o&uach_m=[UACH]&cid=CAQSQACsnQUxbVg21zaMumEhI7yIOHdAHHFxf7pSU0pu_7NLDv-PwevTeTWKKGX2fakEKIS6vDASOiFw_kpMA1MNrAoYAQ&tpd=AGWhJmul_M8juyXb3dleEcBDVEz_qeb_Y--5u40B0MzX204yrfpPGT7Se9Vobn1ZjUa4bkVyWPn2OKJPAULRX6c46DaRS31pwS9bw7cfN6kICdz1g-sPq_gcGxtwh34PYD6brQ2pgaC8pzrvAC3JyBsGACIEyuxe5ug9tfkD3VZze_amBLXIOhnFbtIPn9X3MjPR_2El7EvDWiH6xVNlE33zFDNYLYvUKhNQrOVhBUMwBOUAuCkXw4Q8E-sGwTPf_-Q7s6SASxemcclh7uyKCbiS9De-vu5KfP5RHECLAwNyq1lS1geZcmwTCk-Hd3pX55ZAQrEd-pZ-e5hXOdfNDjS-cVtA3aS7PBkl9moxIIhimSE2nue4MIyY15xTOK5Sdm9cxJK2nibR52PlG_CVAKTZv_2qUfoDrOUkWum8oEMam3aXZNHnlR3QRwjJZ3De8hK0FcK0V8qU7t7KXqVhXipgXIy03ehl2jDgAg6eXr-J6dHjFoLoIE6O1gQKJ_4EK8bMzTdS1iQGay3XkaCrHGyUEA0J4Yb9EjlLMlvUBblqBBaDlIS55pogUPWd0qyPPaCxc4e8uAKmnKD2zXYtuPHFdarQW4_AsjYtJhZN7d-9CCRpN8UwZpniQpdJd_XdRx1_zOELGJzgwup_o6h9-PxiTiogPipmkDoLs5z1RSyvTSHxt5f9GDmhULhCMemj_X0XfRnZp-fkrj3PTQ6NWmWutRzjkJMMRi4cLrxD1Jk
Requested by: Host: www.gd.no
URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2

200

rubicon_open_rtb;c Show response
d5p.de17a.com/victory/ Frame F13A
Redirect Chain

https://d5p.de17a.com/victory/rubicon_open_rtb?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGV...
https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZ...

3 KB
3 KB

46ms
45ms

Document
text/html

213.155.156.169
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Requested by: Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.169 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-169.teliacarrier-cust.com
Software: /
Resource Hash: c4984b180503a0813e1158cbd75bd86d977629920c8860e689db83c59f2f6af2

Request headers

Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-length: 3076
content-type: text/html;charset=utf-8
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

content-length: 0
location: /victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 i6n.js Show response
cdn.de17a.com/ Frame AA34 13 KB
4 KB 513ms
61ms Script
application/javascript 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.de17a.com/i6n.js?source=dogfight&override_url=https%3A%2F%2Fd5p.de17a.com%2Fcontrol-notify%2Frubicon_open_rtb%3Fauction_id%3D763582668_2063191_1663006771443_1044549160_0
Requested by: Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-156-146-33-17.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: AZySIRAw6AT/rQEAAA
x-accel-expires: @1663006944
date: Mon, 12 Sep 2022 18:19:33 GMT
content-encoding: br
etag: W/"5c6e6493-3319"
last-modified: Thu, 21 Feb 2019 08:42:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: 4OWhsHCjDpI
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 429
x-77-pop: frankfurtDE

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C4B5 281 B
573 B 194ms
62ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=no
Requested by: Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 18:19:32 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame AA34 3 KB
1 KB 245ms
145ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 18:08:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA34 141 KB
44 KB 282ms
171ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 18:19:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame AA34 17 KB
8 KB 182ms
83ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 18:17:18 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AA34 22 KB
7 KB 192ms
93ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 09:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Sep 2023 09:18:57 GMT

GET
H/1.1 200
OK cs.gif
sync.userreport.com/ Frame F13A 43 B
586 B 510ms
60ms Image
image/gif 13.225.78.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.userreport.com/cs.gif?s=d3prj11&fk=5807721230888045162
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-84.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 25 Oct 2012 12:28:09 GMT
x-amz-version-id: null
Via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jan 2014 09:18:47 GMT
Server: AmazonS3
Age: 50541
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Date: Mon, 12 Sep 2022 04:27:45 GMT
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: pEkEd_rezSMo-kWFnlQXpKpGUAHCcbYAP9M_gGBKBNTBlPrYKMdE8A==

GET
H3

200

rum
dsum.casalemedia.com/ Frame F13A
Redirect Chain

https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=5807721230888045162&expiration=1665598772
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=5807721230888045162&expiration=1665598772&C=1

43 B
873 B

120ms
79ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=5807721230888045162&expiration=1665598772&C=1
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 749aa6eb6b84b4f4-OSL
pragma: no-cache
date: Mon, 12 Sep 2022 18:19:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qib3%2BHdu1spqMOEb0eMOT%2BmzkEpPVe6iOIaF0AvuJc13K90pFrENb8Xa5PdgZOroqqHM8OYT7F6nfOZa7mq%2FTRjglLqXXZvxl4Cf5iXCvu5b5zkBUewJa%2F5HeR%2F4ODEOYFhBUSBv"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT8zTxKefQ2LeJd%2FD2Bn2oLkTXsBjkPAfpjFIciFayil373wWXq%2FS6ydO4ftVnVnronunXkKJqqzQAaKhPs3VDBcmmPfcjM1xnLxZHu1Az4QOXT1ed0YARlyb1KBaVXFLU8t7y3%2B"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=175&external_user_id=5807721230888045162&expiration=1665598772&C=1
cache-control: no-cache
cf-ray: 749aa6eaacf40b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame F13A 42 B
423 B 187ms
53ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&piggybackCookie=5807721230888045162
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F13A 0
239 B 288ms
64ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=5807721230888045162&expires=30
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

404

sync
ups.analytics.yahoo.com/ups/55955/ Frame F13A
Redirect Chain

https://pixel.advertising.com/ups/55955/sync?uid=5807721230888045162&_origin=1
https://ups.analytics.yahoo.com/ups/55955/sync?uid=5807721230888045162&_origin=1
https://ups.analytics.yahoo.com/ups/55955/sync?uid=5807721230888045162&_origin=1&verify=true

0
17 B

64ms
64ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55955/sync?uid=5807721230888045162&_origin=1&verify=true

Requested by

Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:33 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55955/sync?uid=5807721230888045162&_origin=1&verify=true
date: Mon, 12 Sep 2022 18:19:33 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

appnexus
d5p.de17a.com/setuid/ Frame F13A
Redirect Chain

https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
https://d5p.de17a.com/setuid/appnexus?anxs_uid=7675885488335073466

35 B
125 B

44ms
44ms

Image
image/gif

213.155.156.169
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/setuid/appnexus?anxs_uid=7675885488335073466
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Protocol: H2
Server: 213.155.156.169 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-169.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 18:19:32 GMT
X-Proxy-Origin: 178.255.148.172; 178.255.148.172; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5346e195-e144-49b3-ada7-7027663a3213
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://d5p.de17a.com/setuid/appnexus?anxs_uid=7675885488335073466
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match
dmp.adform.net/serving/cookie/ Frame F13A 35 B
468 B 179ms
52ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match?party=1124&cid=5807721230888045162

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ctrl.js Show response
sting.de17a.com/ Frame F13A 47 KB
17 KB 190ms
85ms Script
application/javascript 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL

https://sting.de17a.com/ctrl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

213-155-156-188.teliacarrier-cust.com

Software

nginx/1.22.0 /

Resource Hash

204c8a77b6387ed0f4f572c209fd6f53b2682e863fe3271ee297c7267cecfff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Jun 2022 06:10:23 GMT
server: nginx/1.22.0
etag: "bbd0181a8eeac98"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
expires: Thu, 08 Sep 2022 08:32:24 GMT
cache-control: must-revalidate, private, max-age=0
x-proxy-cache: HIT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C4B5 31 KB
10 KB 66ms
65ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=no
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 18:19:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11626
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Mon, 12 Sep 2022 21:33:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3EC2 13 KB
5 KB 373ms
72ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 1622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 17:52:31 GMT
expires: Tue, 12 Sep 2023 17:52:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9621 783 B
970 B 378ms
77ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

GSE /

Resource Hash

67cf8392ff2701c9b4ea25625478fd522c72d61bfcd690f6a2590e223597166e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GUxPVLHo5Dxt-UxwUo9mUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-GUxPVLHo5Dxt-UxwUo9mUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 18:19:33 GMT
expires: Mon, 12 Sep 2022 18:19:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FF5 0
0 411ms
110ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWjBJqfsXPDBLLmyaBsBI1P6qpz0DeEdCOOHte-7LwuUdpGvjO0UQctWvE37r6LCFxstAnuCEutyW-g7td9CtkTBMmCclBfLsP3gLbkj0f8Wt7KH1rPxxSrpymSVSpZyTK6Ejs5l7DBTs9hgDdo8WYWiK-MLEUg3wmio14JP-9OohjNWfGtcrdQYHr6_MGfU38iiBKpWKcaulepp53mOn1gXpPLJb8HLeGU7nIHxR4qViN6aJ6rprRO0gR1dwcgusbwA2o3Le2NZRnM-4gDDOc9lJTYp9KLa2t0iKWGOJEYln7EtIlqDQNXpx9vdBntDszjmbW&sai=AMfl-YQPp92sffNCFyp8j5eaIxpuCm1waUjdW9avbpSXShz6HiMhpgYeoICrgJii1e2mSvQQ3_5azD9Ektdu44z0EFCqMl7-aARvqIeMVZ7TXEC81yMkGnQKTjbfQnnuYDkj4LSj&sig=Cg0ArKJSzJjP-aV0zSgaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 18:19:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 18:19:33 GMT

GET
DATA 200
OK truncated
/ Frame 0FF5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aca6c651dd5148bdf17ee45bbb0179f50f96b8ba65ff913dc55483480e53b046

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AA34 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5afc893db25be68d09bd1cde7f0d88abe7d3e158e91a09e1ba3f918e34fdec9f

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame C4B5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAA...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAA...

43 B
568 B

72ms
71ms

Image
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 18:19:33 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: RP1HND6H207CA72333ZC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 18:19:33 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: ZPT21QC0G7365TSEMJ71
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C4B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAA...
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAA...

42 B
895 B

81ms
64ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEB6oZ7ps_s-rTtsGS6W_a5o&google_cver=1
Requested by: Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEB6oZ7ps_s-rTtsGS6W_a5o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 511
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaM0FLTFAtMVotM0RLSA==&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABAR...

170 B
188 B

226ms
83ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaM0FLTFAtMVotM0RLSA==&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdaM0FLTFAtMVotM0RLSA==&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame C4B5
Redirect Chain

https://id.rlcdn.com/709414.gif?gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAg...
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAA...

0
214 B

162ms
62ms

Image
text/plain

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by: Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 12 Sep 2022 18:19:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame C4B5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSg...
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSg...

43 B
568 B

135ms
134ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 18:19:33 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: VVZQB1WE1Z3SB9VMPRGD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 18:19:33 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: ZVJVH72RNRCV5YMB0TAS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4B5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAA...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThhOWE5ZDI1ZTFlMzYzNDQ1MmUzYmMwN2NlYTJjODRhYjdmMjgzNw&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAA...

170 B
188 B

222ms
80ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThhOWE5ZDI1ZTFlMzYzNDQ1MmUzYmMwN2NlYTJjODRhYjdmMjgzNw&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MThhOWE5ZDI1ZTFlMzYzNDQ1MmUzYmMwN2NlYTJjODRhYjdmMjgzNw&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C4B5
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAA...
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAA...
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=501132e0-17df-4610-b648-d50aa1999cdc&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQ...

42 B
895 B

63ms
63ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=501132e0-17df-4610-b648-d50aa1999cdc&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
Requested by: Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=501132e0-17df-4610-b648-d50aa1999cdc&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 601

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C4B5
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABA...
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7Z3AKLP-1Z-3DKH&sigv=1&esig=2~d8512fd6a15db3052c3a6e6206e62b82b33224de&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQC...

0
194 B

525ms
69ms

Image
text/plain

87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7Z3AKLP-1Z-3DKH&sigv=1&esig=2~d8512fd6a15db3052c3a6e6206e62b82b33224de&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Requested by

Host: 01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
URL: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:33 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7Z3AKLP-1Z-3DKH&sigv=1&esig=2~d8512fd6a15db3052c3a6e6206e62b82b33224de&gdpr=1&gdpr_consent=BPfOrH-PfOrH-__AAA__DX-AAAAvlAOafahCwoWA3PIpJgAgEK6BgQCBAAAACAAEAAIABSAACAUkghQoCUAIAIRAAABARIJCAAgQAACSgAHAAAAIAgAAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 tags Show response
sting.de17a.com/api/ Frame 8B7C 3 KB
1 KB 48ms
48ms Document
text/html 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://sting.de17a.com/api/tags
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.22.0 /
Resource Hash: 9abef206ab90c999bcad08a4b85fb16c3bca723802ea558e717a2ba0b1f7d0ca

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://d5p.de17a.com
Referer: https://d5p.de17a.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 18:19:33 GMT
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV" CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
server: nginx/1.22.0

GET
H2 200 style.css
sting-cdn.de17a.com/files/1651861934000/001/146/920/components/styles/ Frame A2E3 4 KB
2 KB 518ms
61ms Stylesheet
text/css 212.102.56.182
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/styles/style.css
Requested by: Host: sting.de17a.com
URL: https://sting.de17a.com/ctrl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.56.182 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-56-182.cdn77.com
Software: CDN77-Turbo /
Resource Hash: e5e5c396b470872713c0f439625653842370ce54865f9c5eeb7b7e31f0343ad6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: AdRmOLSGFGz/lTQAAA
x-accel-expires: @1663079712
date: Mon, 12 Sep 2022 18:19:33 GMT
content-encoding: br
alt-svc: quic="212.102.56.180:443"; ma=2592000; v="44,43,39"
server: CDN77-Turbo
x-77-nzt-ray: PQ9iwRZp2sQ
x-77-cache: HIT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: HIT
x-age: 13461
x-77-pop: frankfurtDE
x-proxy-cache: HIT

GET
H2 200 script.js Show response
sting-cdn.de17a.com/files/1651861934000/001/146/920/components/scripts/ Frame A2E3 3 KB
1 KB 519ms
63ms Script
application/javascript 212.102.56.182
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/scripts/script.js
Requested by: Host: sting.de17a.com
URL: https://sting.de17a.com/ctrl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.56.182 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-56-182.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 7a2f71abf0401c7af8ece6f6d3c12b0514b5406f78858bf81b36149c7dbfe14f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: AdRmOLS/ygT/lTQAAA
x-accel-expires: @1663079712
date: Mon, 12 Sep 2022 18:19:33 GMT
content-encoding: br
alt-svc: quic="212.102.56.180:443"; ma=2592000; v="44,43,39"
server: CDN77-Turbo
x-77-nzt-ray: +yK0NaBWr54
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: HIT
x-age: 13461
x-77-pop: frankfurtDE
x-proxy-cache: HIT

GET
H2 200 logo.svg
sting-cdn.de17a.com/files/1651861934000/001/146/920/components/svgs/ Frame A2E3 3 KB
2 KB 520ms
64ms Image
image/svg+xml 212.102.56.182
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/svgs/logo.svg
Requested by: Host: sting.de17a.com
URL: https://sting.de17a.com/ctrl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.56.182 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-56-182.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 59b9ac9b1f75583ae094e132cc7dce10d2f2318182ce8051e50846222aca40a6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: AdRmOLQWgjL/lTQAAA
x-accel-expires: @1663079712
date: Mon, 12 Sep 2022 18:19:33 GMT
content-encoding: br
alt-svc: quic="212.102.56.180:443"; ma=2592000; v="44,43,39"
server: CDN77-Turbo
x-77-nzt-ray: m+lBmB3jTvM
x-77-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: HIT
x-age: 13461
x-77-pop: frankfurtDE
x-proxy-cache: HIT

GET
H2 200 arrow.svg
sting-cdn.de17a.com/files/1651861934000/001/146/920/components/svgs/ Frame A2E3 231 B
485 B 522ms
66ms Image
image/svg+xml 212.102.56.182
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/svgs/arrow.svg
Requested by: Host: sting.de17a.com
URL: https://sting.de17a.com/ctrl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.56.182 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-56-182.cdn77.com
Software: CDN77-Turbo /
Resource Hash: c9bfa1f7d1ed5f4c59cd254c7c5f3421809686326bf51a157d2f91dc105fe96a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: AdRmOLRfiBj/lTQAAA
x-accel-expires: @1663079712
date: Mon, 12 Sep 2022 18:19:33 GMT
content-encoding: br
alt-svc: quic="212.102.56.180:443"; ma=2592000; v="44,43,39"
server: CDN77-Turbo
x-77-nzt-ray: 4wPeJpMom20
x-77-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: HIT
x-age: 13461
x-77-pop: frankfurtDE
x-proxy-cache: HIT

GET
H2 200 i6n.js Show response
cdn.de17a.com/ Frame A2E3 13 KB
4 KB 65ms
65ms Script
application/javascript 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.de17a.com/i6n.js?source=sting&rid=xddxxqsxxsxhsbxjxxya
Requested by: Host: sting.de17a.com
URL: https://sting.de17a.com/ctrl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-156-146-33-17.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-nzt: AZySIRAYtJ//rQEAAA
x-accel-expires: @1663006944
date: Mon, 12 Sep 2022 18:19:33 GMT
content-encoding: br
etag: W/"5c6e6493-3319"
last-modified: Thu, 21 Feb 2019 08:42:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: 69QyrzREiXo
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 429
x-77-pop: frankfurtDE

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9621 0
0 854ms
106ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090701&jk=1159619972173386&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EC2 36 KB
16 KB 818ms
70ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 09:46:33 GMT

GET
H/1.1 200
OK 280469954436854.jpeg
marketertechnologies.s3.eu-west-1.amazonaws.com/public/campaigns/67708/images/ Frame A2E3 170 KB
171 KB 242ms
83ms Image
binary/octet-stream 52.218.97.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketertechnologies.s3.eu-west-1.amazonaws.com/public/campaigns/67708/images/280469954436854.jpeg
Requested by: Host: d5p.de17a.com
URL: https://d5p.de17a.com/victory/rubicon_open_rtb;c?auction_id=763582668_2063191_1663006771443_1044549160_0&bp=DC4A71BD0F4333C3&creative_id=507453&dfh=10&dd=1~ClVodHRwczovL3d3dy5nZC5uby9ueWhldGVyL3RpZGVuZXMtdHJhbnNwb3J0LXRpbC1saWxsZWhhbW1lci1pLW5hdHQvcy8xLTkzNDYxMC02NjM2NzYyEAAqKGI4ODY1ZjU3ZmFiNTM1ZWI4YjFiN2EzOTMwNTdhYTY5NTRiYTRiZDQw-vg9OQAAAAAAAERAQAVKDTE3OC4yNTUuMTQ4LjBQQFosNzYzNTgyNjY4XzIwNjMxOTFfMTY2MzAwNjc3MTQ0M18xMDQ0NTQ5MTYwXzBg1AdorAJwAXgAgAHozqkFkAHm4PuxDJgBm7XS4Q2pATRHmiPNkQpAsQEU5bLO6Cn8P7kBAAAAAAAAAADJAQAAAAAAADtA4QEAAAAAAADwPy8_CgASoQEIARKcAUJQZk9ySC1QZk9ySC1fX0FBQV9fRFgtQUFBQXZsQU9hZmFoQ3dvV0EzUElwSmdBZ0VLNkJnUUNCQUFBQUNBQUVBQUlBQlNBQUNBVWtnaFFvQ1VBSUFJUkFBQUJBUklKQ0FBZ1FBQUNTZ0FIQUFBQUlBZ0FBQUFBQUFBQkFBUUVBQUFBQUFCQUFBQUFBQUFBQUFBQUFBQUFnQUFBVSgC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.97.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4de27c297beb77dd603a16fd79a62ba62de82cb482b6328651694a341f224421

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://d5p.de17a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 18:19:34 GMT
Last-Modified: Mon, 12 Sep 2022 18:08:20 GMT
Server: AmazonS3
x-amz-request-id: E6A9FMDY7JHF4W98
ETag: "351327fcd1174f0cbd4becbacfdc02e9"
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 174570
x-amz-id-2: L7hYGoRQjI4tCGE3GxosS6PKMljNhjY7b1KI6t2VKfXc5GzLpIsSMdQWqkxEqF9pS79c17z2bYI=

GET
H2 200 DNB-Regular.woff2
sting-cdn.de17a.com/files/1651861934000/001/146/920/components/fonts/ Frame A2E3 34 KB
35 KB 486ms
61ms Font
application/octet-stream 212.102.56.182
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/fonts/DNB-Regular.woff2
Requested by: Host: sting-cdn.de17a.com
URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/styles/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.56.182 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-56-182.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 75fd07321268f7a02e7731ebd9f87728b86df26b66fc67e7fd97be347acca4ce

Request headers

Referer: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/styles/style.css
Origin: https://d5p.de17a.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Sep 2022 18:19:34 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 13462
alt-svc: quic="212.102.56.180:443"; ma=2592000; v="44,43,39"
content-length: 34980
x-77-nzt: AdRmOLTdbnL/ljQAAA
x-accel-expires: @1663079712
server: CDN77-Turbo
x-77-nzt-ray: zDpQsbCAAog
vary: Origin
content-type: application/octet-stream; charset=UTF-8
access-control-allow-origin: https://d5p.de17a.com
cache-control: max-age=86400
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 DNBMono-Regular.woff2
sting-cdn.de17a.com/files/1651861934000/001/146/920/components/fonts/ Frame A2E3 33 KB
33 KB 597ms
173ms Font
application/octet-stream 212.102.56.182
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/fonts/DNBMono-Regular.woff2
Requested by: Host: sting-cdn.de17a.com
URL: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/styles/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.56.182 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-212-102-56-182.cdn77.com
Software: CDN77-Turbo /
Resource Hash: d3f124c922ea867a2605c8ac531f89258c8e8e2a3cbc09625cda9638f808aac6

Request headers

Referer: https://sting-cdn.de17a.com/files/1651861934000/001/146/920/components/styles/style.css
Origin: https://d5p.de17a.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Sep 2022 18:19:34 GMT
x-77-cache: HIT
x-cache: HIT
x-age: 13462
alt-svc: quic="212.102.56.180:443"; ma=2592000; v="44,43,39"
content-length: 33444
x-77-nzt: AdRmOLQHVd//ljQAAA
x-accel-expires: @1663079712
server: CDN77-Turbo
x-77-nzt-ray: J5ldgiWwNwE
vary: Origin
content-type: application/octet-stream; charset=UTF-8
access-control-allow-origin: https://d5p.de17a.com
cache-control: max-age=86400
accept-ranges: bytes
x-proxy-cache: HIT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0FF5 42 B
174 B 409ms
108ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKhzfZSjNbjc3wZU3zoQLg2xFzmoykQ9GN4NU4-CYFSizigSyMKS6cxjKEBUhm2i99-k7qrNaW5nHMErc0wTK8oJvwfn0t5L2rK5l9OjIGPgnpQpDt&sig=Cg0ArKJSzDcPa4xnlkt3EAE&id=lidar2&mcvt=1000&p=283,1320,533,1640&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=0.88&vu=1&app=0&itpl=3&adk=1670952708&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663006772230&rpt=683&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AA34 42 B
108 B 409ms
108ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssT_T92AAlKnTI4NxsPC_7ZyMBo0Yr1oLj4a83QkaS3kQ_RAO8dSv4tuU0sNyti8LBQuYBmjwdy0sLta9-yUOxVdIxg&sig=Cg0ArKJSzC5TeHNWT_8UEAE&id=lidar2&mcvt=1000&p=243,310,547,1290&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=169855212&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663006772215&rpt=736&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 18:19:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 3EC2 0
40 B 372ms
72ms Image
text/plain 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wt9j2w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:19:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 408ms
106ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090701&jk=1159619972173386&bg=!6-il6KzNAAZTikH4c4o7ACkAdvg8WuHjkrkrGjnJR0QeiaHWwC9BwFIxJlUoCMH1kkaZaraG2QNqjwIAAABEUgAAAANoAQcKAESVpceVJR0OdOnfHfhsAPv0Iqz26lEUM5ZI17j7bCJWhH5QRfDQ9QWCx3zln8lgyV40QDH8kSyhS0L97j5VWcZETgYVZJkCy06vDuh4JQa75LU4FuE1bb-kHSDdYaa9MfTi7UE6KLNIdJQeNupdzE4vYa5LsAVzA2zGMXPlHG8DUFnFqAmwoAaQx52wiYbnhZt0RtXH3bpdNqj4hH-3FqPdb4rmPVypDTDa4an0N-j8_y8i1qXeY3eP7DM_p5Lp6i7Iiz9kKAuHFkMSaOpVfQx5_u61OesmTbFYxbR0kemWw9C4PYol5dZfMgKRQf_N-T8V4cDGX__T5fAbeb_daeNb4r5nPJr-ZlJxl6d2VRjFN-ZgkuqvUEAunxHokdqJytTCzuZL2DmAmYXdCzpZWeI6XAh8gXbTt_zYUFfOkPo-zEv5Hf5OQy2Gy6JEVzQEHKKuBU37r5i460y0uXy9oCXI9DPWnO_I8i2T48ley9a_qBOgLaH0RrQVYzuQWv9wOjOAJp9qLjTy89r_qEatOw6o2obE6wV6YW-FLhy11Ke16JxGNhAbMDWaeMq-_RHzlHONJHznNJC6UsKCt0qjM7ZW1afGXF1tIGuNkbaWj7tRGovpnIINz5QADqGmqP1lIKBE4d_hqzRSKtBTZ8KU89uruWencLOEfsp4a2Y9Ircm5rXxI1D950xAtivbE1cATFvE1I1Jn-DHRkzBjRwTXcjVGvf_Bm_keDu7mudOT5F-k9FFPs95-ehlOSruHyN92QnM3jMJPLtx4gpGaKDD1SGh03MxuaN9IZ4yq5p_FKwhdrg4BkD5n4ZLQIh0ho5_D1rI-v6CGO6BraPY-oHI8aYvTyCeiuYgFK-L8kOnEwz5Gvp-D9Jw072zDL3dDgV-v9Fa42W5_WEboBpBzFDLdnoD977V57lZJOYViP4ivcrUTZPhz3rJfnpQDVNdi0eokaanXqbJnBo9SUt7p5TVKA5_xBpnm_jV-W_5Q9kpxF6BScbvLM28zpRM09vDBqCFxEhwTYE2pl5j-xWWP0JZajJ0qL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.gd.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8D58 52 KB
17 KB 158ms
44ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 49283
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 18:19:35 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 390, 146889
X-Served-By: cache-lga13626-LGA, cache-bma1670-BMA
X-Timer: S1663006776.975893,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FC81 281 B
573 B 62ms
62ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10856.js?section=test
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.gd.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 18:19:35 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC81 31 KB
10 KB 70ms
70ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 18:19:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11623
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Mon, 12 Sep 2022 21:33:18 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8D58 0
747 B 61ms
61ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 18:19:36 GMT
X-Proxy-Origin: 178.255.148.172; 178.255.148.172; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4a2276fe-93da-4ba0-8944-564788e0a99a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gd.no/	1970-01-20 15:32:46	Name: amedia:fpbid Value: 53e15211-bc15-4c73-838d-0af51226f4a0
.gd.no/	1970-01-20 05:56:48	Name: amedia:visitid Value: d474c61b-28aa-4345-a4c8-aadb59e5b231\|1663006769726
.adform.net/	1970-01-20 06:39:58	Name: C Value: 1
.adform.net/	1970-01-20 07:23:10	Name: uid Value: 875953878243863315
.ads.adnuntius.delivery/	1970-01-20 06:09:22	Name: i Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 06:09:22	Name: r Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 06:09:22	Name: s Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 06:09:22	Name: v Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 06:09:22	Name: c Value: 0AAAAAQAA
.gd.no/	1970-01-20 08:06:22	Name: _fbp Value: fb.1.1663006770289.293455742
.ads.adnuntius.delivery/	1970-01-20 06:39:58	Name: usi Value: try_opt!adnfpe1069606555a836b
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 4703e2cacea7724e7f0cc168d57ee0e2
.adnxs.com/	1970-01-20 08:06:22	Name: icu Value: ChgIvaNLEAoYASABKAEwsvD9mAY4AUABSAEQsvD9mAYYAA..
.adnxs.com/	1970-01-20 08:06:22	Name: uuid2 Value: 7675885488335073466
.360yield.com/	1970-01-20 08:06:22	Name: tuuid_lu Value: 1663006770
.gd.no/	1970-01-20 14:42:22	Name: __mbl Value: %7B%22u%22%3A%5B%7B%22uid%22%3A%22D8u0pYc9Pop5bwvn%22%2C%22ts%22%3A1663006770%7D%2C1663096770%5D%7D
.gd.no/	1970-01-20 14:42:22	Name: _k5a Value: %7B%22u%22%3A%5B%7B%22uid%22%3A%22cvOpl3jNdLwmmy5G%22%2C%22ts%22%3A1663006770%7D%2C1663096770%5D%7D
.gd.no/	1970-01-20 15:32:46	Name: _ga Value: GA1.2.304576634.1663006770
.gd.no/	1970-01-20 05:58:13	Name: _gid Value: GA1.2.2139694470.1663006770
.gd.no/	1970-01-20 05:56:46	Name: _gat_gtag_UA_115482469_2 Value: 1
.360yield.com/	1970-01-20 08:06:22	Name: tuuid Value: 4edd6cc5-b826-438d-9d5a-982a6d337843
.facebook.com/	1970-01-20 08:06:22	Name: fr Value: 0RnMXZvut71ftL8kU..BjH3gy...1.0.BjH3gy.
.rubiconproject.com/	1970-01-20 14:42:22	Name: khaos Value: L7Z3AKLP-1Z-3DKH
.gd.no/	1970-01-20 15:18:22	Name: __gads Value: ID=a2b2de6a6a8bea6a:T=1663006771:S=ALNI_MbcohcOb3bfRo-EJ9vqp8bWaDvTvA
.de17a.com/	1970-01-20 14:35:10	Name: guid Value: 1.5807721230888045162
.casalemedia.com/	1970-01-20 14:42:22	Name: CMID Value: Yx94NINZNNUO.rmgltoNMQAA
.casalemedia.com/	1970-01-20 08:06:22	Name: CMPS Value: 4396
.casalemedia.com/	1970-01-20 08:06:22	Name: CMPRO Value: 4396
.pubmatic.com/	1970-01-20 06:39:58	Name: KRTBCOOKIE_336 Value: 5844-5807721230888045162
.pubmatic.com/	1970-01-20 06:39:58	Name: PugT Value: 1663006772
.doubleclick.net/	1970-01-20 15:32:46	Name: IDE Value: AHWqTUngwh1rYxw5aIwfBqZMJyPgYGHL11WU38nu3CWpNDGD12xiaXyT1ev_iqfEFfo
.casalemedia.com/	1970-01-20 08:06:22	Name: CMTS Value: 4467
.rlcdn.com/	1970-01-20 14:42:22	Name: rlas3 Value: R2ql/LambSx6ikgWTdOirdphvdgzE1bbTwdl+oVXJGs=
.rlcdn.com/	1970-01-20 07:23:10	Name: pxrc Value: CLXw/ZgGEgYIkLwrEAA=
.adsrvr.org/	1970-01-20 14:42:22	Name: TDID Value: 501132e0-17df-4610-b648-d50aa1999cdc
.yahoo.com/	1970-01-20 14:42:44	Name: A3 Value: d=AQABBDV4H2MCEMSkoYslHcKdQB3YNmvsHHIFEgEBAQHJIGMpYwAAAAAA_eMAAA&S=AQAAAgLGv2cdwsZoW8RkcUh6jSg
.adsrvr.org/	1970-01-20 14:42:22	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCNL9tv2rvYo7EAUYBSABKAIyCwjo4fOqwr2KOxAFOAE.
.rubiconproject.com/	1970-01-20 14:42:22	Name: audit Value: 1\|naVuGyos1qqpF2ewkcXRjSB+/HrRb5FkDwR+tJIZNx9BvcNBPRJAlaJlVE8lOnldu+ieqNEZISpFZG9NOjT6ZATH4eK2PD9TaD8dA49hvi+PdFXUvO1NpwC/1pxVgvPuaJwGGfQbHaL3RxVPY+Jsy5p5j31s3zOGB3u6czGQ4YCbL4zOcD7l9AM+brkl4a/AlOj/a7ppEc5tGP2tQLqxY02V/ViTazWWhe8xlFMiINM+prLK8NoIif8K4tKB35HQG0+hVNm3/OgA86HqrisCa5Tsgl12YoCjOCbHL8av04Kma+WVcS1g3g==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.gd.no/nyheter/tidenes-transport-til-lillehammer-i-natt/s/1-934610-6636762(Line 745) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://www.gd.no/api/aid/users/self?filter=(uuid%2Cname%2Ctracking_key) Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://pp.lp4.io/app/54/4e/1e/544e1e69e45a1d0757aa4802.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://storage.googleapis.com/amedia-content-updates/production/1-934610-6636762.json?buster=1663006770049 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.aid.no/api/pluto/v1/sessions/current Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ups.analytics.yahoo.com/ups/55955/sync?uid=5807721230888045162&_origin=1&verify=true Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01917b4e26d7371fb29925ad7c5456b6.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.adnuntius.delivery
ads.yahoo.com
adservice.google.com
adservice.google.no
adx.adform.net
assets.acdn.no
cdn.de17a.com
cdn.jsdelivr.net
cl.k5a.io
cm.g.doubleclick.net
collect.adplogger.no
connect.facebook.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
g.acdn.no
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
log.medietall.no
marketertechnologies.s3.eu-west-1.amazonaws.com
match.adsrvr.org
micro.rubiconproject.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
pp.lp4.io
r.acdn.no
r.api.no
s.amazon-adsystem.com
s.api.no
s2.adform.net
scontent-cph2-1.xx.fbcdn.net
securepubads.g.doubleclick.net
services.api.no
services.gcloud.api.no
static.xx.fbcdn.net
stats.g.doubleclick.net
sting-cdn.de17a.com
sting.de17a.com
storage.googleapis.com
sync.userreport.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
varnish-local.api.no
www.aid.no
www.e-pages.dk
www.facebook.com
www.gd.no
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
www.googletagservices.com
104.18.18.126
13.225.78.84
136.243.95.176
142.250.181.225
142.250.181.226
142.250.184.227
142.250.184.240
142.250.185.162
142.250.185.226
142.250.185.78
142.250.186.131
142.250.186.161
142.250.186.34
15.197.193.217
151.101.1.108
151.101.65.229
151.139.128.11
156.146.33.17
157.240.200.14
157.240.236.1
157.240.236.35
172.217.18.4
172.67.201.228
18.156.0.31
185.64.190.80
212.102.56.182
213.155.156.169
213.155.156.188
213.19.162.31
216.58.212.136
23.205.235.133
23.75.240.210
3.66.143.217
35.227.200.190
35.244.159.191
35.244.174.68
37.157.2.234
37.157.3.29
37.157.5.73
37.252.172.250
46.30.126.165
52.218.97.219
52.46.128.147
52.94.223.167
69.173.144.139
69.173.144.165
74.125.140.156
87.238.38.2
87.238.38.20
87.238.38.3
87.238.38.4
87.238.38.6
87.238.38.9
87.248.119.252
99.80.189.31
0143995614ad53faeb9f7d11c66dc18bc29d08fd62e2d90762529c297b7fd0fe
02a0fcb3d1047d0295a302fd0e883d7e0e3346fea7a520bff476ff307ba97985
0551900f79cf03e7ddf00f1cc907661cdcfd5c8ed3e19af7fb4fe26b9998b736
0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7
07bc1aa14d9270639dc23fe2ce1967578588e67bd2af1720c3ece50f81cce54d
083f64d80e5c6042382f74401a48b076a953f2b1a52735a55444b03c4218aded
09ab3f75689d0848855e4d0979f8ac2fc205a6e2a7b56b9d2f991ce1bb20f980
0ac006e637f805ba40e91bc29b9fbd386833129e62d96f679336600f33241b17
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e9988b7982504119f9a3c3c077461ea03f9146e696614c5a18de5fa78bf7b1e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11517ef9a0ed8cbc8d72482f07c563fc53a2dc3061428fd87457e43657f21e7f
13c350e352f459dd7878db83d868083b5c09aadc233dd258e84dc8808eeacc16
13fe0242e0b45e2c61c3e7c3dc69726b628f24b70bc92a3cd1c4a6bfe11d3a84
172fce398d77aa305b81083fe3883b43ef47d33fdc49f2008d3db0f443a23e46
185d846210b7718197dcf89ee14b7ff7adb767d58f00f4b6f87504c0a936bb5e
193d4b8c83ed2ff85f7f67dccc48297ed99f3fdd9fceeb0b30a8fb9f811d0a6c
1b1ca5c448cf3daac077e537a8a0e94d2e9cb5badbb307f2d0ec4cf30873ed10
1d0d390ac17ff7f82a15190289b248632f20862cf807431a023959f96e826ddb
1f6853e8c35d43e503c6a2193c04e053212953031ce443d81075a302728bb029
204c8a77b6387ed0f4f572c209fd6f53b2682e863fe3271ee297c7267cecfff6
215e60d054aff7d0e222cc514f364e8d93cf90e6431e6bf82c6b324acfb941e9
22ae1badce6b58fbf0884022126b7adba00f50c8e68b6e9dbe9913e939650d87
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
23bee20e8743707ba7c5e1400f950458d4c540589585b2110875998dd0ebe5b6
23df79eb59c2477a126f1cbf0cb5e653ebc84d900c328e940177e73596e44701
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
25ab07981e73f5e07969e59b8597c3559a48c4d15a853cb30b934858e3b907ca
25fb2d2807e44f2762b92dc8c27d69ef5f5fd2001d66e4c7a1fd5dc2f3dbe93d
269aaa59c1c3d0d8b4c95d90c3a36984965ac51996eeec52f2a21f6f018d4822
26d3f178c60b6ea779ba1b45a78f7acd7e74024935564d93d538f60161d75c8e
272d665659e4dbd0ae02f031294448cf7949ccf004792edb2f8064b14669a4c0
27ddee2a37f6e0f926ae258ef98b5dea859dba0e0946d49d0d5e41965af8d460
287feb66cc3b3fbe790379448315a631dfc59d0ab595cb9e4ce73837945dffe2
296fd466d62dd665a2e6ecafecde5544d280c3b881f8e4978b95b1de9bbaf22b
29bdcca7988fa6dea5e7546c4441db57f6ef3f5df7956301dd7d169fe5a73261
2d6b6cc9354545b34e61bae3eb39d3e4be2420fdbee7eed38419589f0fd129ec
2dbc883174b4fc9d605f6cf3387e719a20bea516d4635e4338e17b12e3bf1a2c
3102005c007d707083ec8e0eea7e78e94f4f54d22c3450bf9dd5f35d3765df35
321f741d0db111bd72b6456ebcffcdcb51c82f3e033522a21dba1e29564d9d77
330b96cf90599060207e300b59bab5b2fbc90c18c7d12a55aa34d4880c413446
33dc4d330a12a60715560b975774b349d7eec7529646ed9d9ff6e1cefc3d9a1b
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
35c0924ea5632746bf9c2dc874557763b59672e7a36aef81beb926707a1dcc8b
3661f1fdb174cebc3c9ec868a294c916c45de0008c939f11040c95454ab35dba
3b70ff171f1f743023b6c55f7399161c17f38809a7272301ca17f70815cf8f85
3c1a1f94d044bcf103d45c2fd170a4a7cf2e7a9395f0c50cbcf26691c946a486
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4019865540259c02939d5803461810750130445d4b75235a2fb568cf58600aec
44023840ee22c019fdd6b41e16bc2d8d34a3e02cf78730223efb44c799d3fe94
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d9d25f0a31294254e81e693683527b38905d38e24f68dc1d95fc7ce83bd24f
46e0cea73769bffd8a09549cfb81b9ded662e88f8389386bd773f9cb7814ab24
48d3acbda5b48867d8c9c0ab7fe1da540d483d82d235b031d723cd22045fc366
48faf83767e20c0960e7569b68022db89d56dfeb063492842c875ae822982cf7
496fafedfbba91e4f6daddb1f8e8a5d30c748770055191ff26cf415d261c4f7d
4ba2d95f875ee0dcff17257df0c9f36ff4cce25336675fb1fce58a357e726bb3
4bf9b5a7c3d8a0d8aff55b599558a4c8d8437821aa93704e4cdfdc48f6ef1a0d
4c01bda88c70f4508fe21057233d32a63b91052cac425a9027a1f930866d4e33
4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444
4d64ca9979a0118dd2c572020f492601b3be2c1fa8ff5da8ba653d58d52df35a
4de27c297beb77dd603a16fd79a62ba62de82cb482b6328651694a341f224421
4e41491859c0d86b112be811beba7962576c511f61e93c3fa8661821061a25e4
4f16e81e59aaa64d326361e42ceb4baa202b0787625ddcbc4882368ad47a7698
5091474843a698c7bb78c5827bfdf7f75f19f32c6f859656701f80017865576a
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
51d68cd4ffed50c6b4565da1ac2ad4eb4f8f067528d0232ea791eb4aabc474fd
5480a5e2d431768b3c9b987cc46764ef2215e4908aa9f6f151ce6e054701b8e5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b1e07920aa91d281bcc7ba8e3a4ef5c021e4dd8fe12f024c73600e58b3974f
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
5886215a002ae581d0ec96779cd94113a4c0153d8b6eadeecafa0097e8baf31b
59b9ac9b1f75583ae094e132cc7dce10d2f2318182ce8051e50846222aca40a6
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5afc893db25be68d09bd1cde7f0d88abe7d3e158e91a09e1ba3f918e34fdec9f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62618f7da93418ffdb6b387b0599b209012f0c4491fb7b908ba03b527d8dbc98
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
67cf8392ff2701c9b4ea25625478fd522c72d61bfcd690f6a2590e223597166e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d08e7c51e4c88b2499a5153f51c03e00095533a9481368842d19ac357b7b73c
6f12f02da9633a67d26b7b3e67cc4ce7355bb1edaf2cdc66b73851ff976e0421
701e3e3005728fe19d111002c535ec8144ef2cffa13582ba479e03b71a870f55
73184e7fe366b4dbe8998b1f64070ab3e6f0e548d046478e239f883c74755f1e
732efe55c3d91865211c9416fe1b0445a463ac3cf79e7029f8db9c76c2652f14
74a08b8dacc3a3cc2c2e49d59c1ecbbf06a79fdd95cea7664d0dab4ba7968c91
7534c423b8e9afdbfbe0b1e802263f892be22b8fbac81830d8c7c347f73dbf21
75fd07321268f7a02e7731ebd9f87728b86df26b66fc67e7fd97be347acca4ce
76797d7358e312bd04f7d71f0a1863a57140c7cb6d46aa48b375d8e60e428237
76a23e2204c430b0be1fabf485181d61958e13bde2551c69b569b11d566da338
78dbd0938d988e520591c4d7164767f40d79c9995b9bf24a84b197bbf5129c2b
79966d0aacbea87c014970458585fab50d68f4aa3e6a91284c3f9915f0805397
7a2f71abf0401c7af8ece6f6d3c12b0514b5406f78858bf81b36149c7dbfe14f
7b5753789c768da1e281b323446266e7af6c32f7fb588cd037bae88d1bb9ed9c
7b6cc3c4f715fb85b735a6400211eb264d22184d9417512a08c8f4055b185b0f
81d71d7d574e9d29fdda1cbee09978add886fbf1b5559622e876f2db38761487
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f61d2ff1ad3ea7cf20b6d5b5620322b1d94927a18d5fcf533e2033655b72ac
88204a4b209737d1522e04c5b2e89f27e713eabda2683fcfce40fcf8f466dfd7
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
892744c9a6b18fdbf455b76587b7a22e3abbd493ca678bb3df7886869def2857
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8be0047338f9d34ee1b8136dcd37a695624e46a96e5a1b4f772c91ae2f2b8096
8d3a8d3e1fa9978c12e7f71468e1e0e41d1798e116bc7ef966f07f35d532785b
8e402c308b7183ddc0a472a0de04825c063e36d9c8ef1f43595178d711d6d439
8e717d2adc2f121129d6b1c3a9d653d983c20ae9b5537ef79575667c1bba4133
93cb7596fc6a830eadbab0f5aaa62a44875c3222cce6ab8d8a0784c2c93c50b5
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
99cb113c947df168d0fb6f5810092386c495f7a57bb86ae70c067d4bf7218cc2
99e26abc41fbff34b2d7edd4d20a094cf844b7436089934e0af62e9b2630cb7f
9abef206ab90c999bcad08a4b85fb16c3bca723802ea558e717a2ba0b1f7d0ca
9b7994789b533a07bc76391c2a1747e92c4e4a37d93d0dccb19bbc31f62abcd5
9cae748ccbfd561e2ee3d2eb9e795879c68b6438b1aa4dfb15be09b6977a7a23
9e328e753b82ce8b126bd628ca24582e9a58c2f294ca685f10415af5de22aa21
9e6836b8ffc808a508f270a873c6d5832205b602a670467c8714e0e4ff5ef3be
a047c0d9788592aff211be91bb22799af40af337e552f47f754740d5d4151573
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27e853286431c17372330ab665bfa67c9df2a6d8b23ecaf758e98767c82a4d0
a3a4a8de6e38825dcef1c531d9c5d0275c0ace2727a5564e4432188f8abe70d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bc566695c91d0144fab5a365c6afb1a5de3c54fc98f1939d58388e3cbc8591
a5140edca54c0344325893a0d1950f1a6839b7cd050fd4d28494e1105efb7371
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a968dd8e4e777d0c482a1a2f33061c67ea931d6edffef5802645141026c3eb54
ac547429d8cab54be8716cbab7f23ac1bf4ca1bdbb7be971d8441175754f0184
aca6c651dd5148bdf17ee45bbb0179f50f96b8ba65ff913dc55483480e53b046
ae6c55ba95eec1eebe7ad27e27f4aebb324b1c9fb183a90e1dc53a4a6567f1e4
af9b5425dbc7c57542e97fa8c4901c7f1b681ceff3e1f92fc3f329e58c1bfac0
b0cf6d9d2ca9f4977751da8363b2f309f0038a31be18145f267293d5155a3dcf
b12944a7d029641d7c8a851534f3461ecdfde62cfa3e70a097541cff56017fcb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4746746058dbd993e56bccd6334de5576d09d4f963ec686e3dddf4235ae7a75
b4987ad736d395b680c7abf132f1baeaf2b097a5780eda9c9126bea3ec385006
b60301c156ad1a0c965b17b78660a631499a95fa8a13c14be4a1710b6a77b593
b9ccbc5e52bd10c0ff859f74574dbda035a65951da59b768e368d9d1ac9ed386
beb56db9b053b030092e6f0b9b2710368d834a1059975d89eadfe91717ab36dc
bf38f71fa2e61b562e2a71da8b192b9bc848dae7f1985f7e91d4e32dc5477a3b
bfdb702ddb538ce175f17913e7a8691275652ff564008e3b7c99b78b415ed392
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4984b180503a0813e1158cbd75bd86d977629920c8860e689db83c59f2f6af2
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c9bfa1f7d1ed5f4c59cd254c7c5f3421809686326bf51a157d2f91dc105fe96a
cb2f41eea01b9afd28520fbfd487552fb0999540b91ba5e539bcf89c7808bf22
cd0d22893a7d3036d724a54526f0e551f8f707a828c8b81ea6af60d38ba89725
ceb8c1a2c156c19a5a5e2816a921d1dda230f6c1e00a3c7df367c1ebabb22db0
cf3c7639799181061285f0c6f5b230e9b2ff1efda537d028d5e7e410ea6c0d08
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d032fe90ef5162d39743f10922091cbd3f54b0a7cbffaeabd7b2e45d0d4c4552
d22d97abbb6b09bfea3f01be8f17ead6086bc1347184317ce878f58a9cec8100
d3f124c922ea867a2605c8ac531f89258c8e8e2a3cbc09625cda9638f808aac6
d475da024a75700dc86802e397f24e57560738b5e69b6f97c9b25c1719fb5138
d591b79c58b1a14c6a8e9494ae9ac2eb34ee8e3fe1a3af1901f3df2a7567cc9f
d7fbe5c3a673b85a123e74aba674a84b0d1163bd7515a790d2fb1f3a900bef99
ddfd08b3e0fd831811e01aaf341f9f60394bf94e866533d7188f4afa564647ea
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02b1f4ce3146a5cb0182d5f53ee3151540e26e4d2ea52c287dbeea1f0c55afa
e032d096ed56ccaa6150606d4164e1db78d23a668fb00b84ad1fe3df62c175cf
e1b0b3d4f1f4a60ddcd90662df73c966ada9cfb9ccc49a0d9f3a0f5b751e7570
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e5c396b470872713c0f439625653842370ce54865f9c5eeb7b7e31f0343ad6
eaad50237f61c6b04e879844c50b73f71b4321bc61cffbfa2180acbb63eade42
ecd13ede845eadd068b316367136c2a1afa349c6ee2f0b661216e7acecbf1bca
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef99ec5df6bc33358d25701568d2709abe5e97e696811e116e61c33c3254b36b
f68a8c2040c7b3f0e00f7ff391eaeb9e0114793932acd28392a2d9cecc01de8d
f7394c70951b3f3103027dd5779ef6defefb611887be1dafde77750856523a2c
f8e660e904475f15703d5697c4c05f4c61a560067cef4ca9ced581a3dd7d0757
f92b8443b3d213a0718bc69be2598a5656e0799c75a25c0db31bee85e43283d3
f9b0c8229f048b8e38fba5cc792dd8a14c96b91cbd578e120963d7c8003fed5d
f9d947982f1c56732a8a4739500b63218e5135906cd88de6295fdf55b75edd0f
faf79cb9e29372a0c931d3c576f286c1ae40f22a5c24c089ab51e06685775660
fd40c2374d2b37fdf4ca6006a5e39490e3789ba817b3757c8561f5cdb2665dad
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
fecc666c75a8616502af584e4353bb2d15975cf0fb91544bbe03890ffd30d716

www.gd.no Open in urlscan Pro 87.238.38.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

212 Requests

90 %HTTPS

0 %IPv6

37 Domains

63 Subdomains

53 IPs

8 Countries

2301 kBTransfer

5830 kBSize

38 Cookies

24 Outgoing links

Page URL History

Redirected requests

212 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gd.no Open in urlscan Pro
87.238.38.2 Public Scan

Screenshot
Live screenshot

Full Image

212
Requests

90 %
HTTPS

0 %
IPv6

37
Domains

63
Subdomains

53
IPs

8
Countries

2301 kB
Transfer

5830 kB
Size

38
Cookies

212 HTTP transactions
2 data transactions