www.startsiden.no Open in urlscan Pro
87.238.33.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://startsiden.no/
Effective URL:
https://www.startsiden.no/
Submission: On January 15 via api (January 15th 2020, 6:06:58 pm UTC) from US

Summary HTTP 109 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 26 IPs in 9 countries across 23 domains to perform 109 HTTP transactions. The main IP is 87.238.33.153, located in Oslo, Norway and belongs to REDPILL-LINPRO Redpill Linpro, NO. The main domain is www.startsiden.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 25th 2019. Valid for: 3 months.

This is the only time www.startsiden.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	87.238.33.153 87.238.33.153	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
2	2600:9000:20e... 2600:9000:20eb:d200:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	23.11.238.95 23.11.238.95	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	52.18.90.190 52.18.90.190	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	87.238.33.154 87.238.33.154	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY - Fastly)
13	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY - Fastly)
3 5	185.33.223.202 185.33.223.202	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	213.19.162.51 213.19.162.51	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
3 13	52.28.33.202 52.28.33.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.45.19.11 52.45.19.11	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
4 4	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
5	35.157.238.72 35.157.238.72	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 3	52.18.161.147 52.18.161.147	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 4	52.29.180.59 52.29.180.59	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.57.21.24 52.57.21.24	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.156.198.184 35.156.198.184	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
109	26

28 87.238.33.153 (Oslo, Norway) 1 redirects

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

startsiden.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.startsiden.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:d200:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.11.238.95 (United States) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-11-238-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.90.190 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-90-190.eu-west-1.compute.amazonaws.com

aic.essrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 87.238.33.154 (Oslo, Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

presizely.abcmedia.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.223.202 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.28.33.202 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.19.11 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-19-11.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.205.226 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.238.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.161.147 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-161-147.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.180.59 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-180-59.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.21.24 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-21-24.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.198.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-198-184.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	startsiden.no 1 redirects startsiden.no www.startsiden.no	344 KB
20	360yield.com 3 redirects ice.360yield.com ad.360yield.com match.360yield.com	15 KB
20	doubleclick.net 6 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	134 KB
11	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	413 KB
5	ampproject.org cdn.ampproject.org	198 KB
5	adnxs.com 3 redirects ib.adnxs.com	4 KB
5	abcmedia.no presizely.abcmedia.no	228 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
4	google.com 2 redirects www.google.com adservice.google.com	726 B
4	google-analytics.com www.google-analytics.com	18 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	rubiconproject.com fastlane.rubiconproject.com	5 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	23 KB
2	w55c.net 1 redirects pm.w55c.net	1 KB
2	googletagservices.com www.googletagservices.com	56 KB
2	chartbeat.net ping.chartbeat.net	336 B
2	adform.net adx.adform.net	905 B
2	google.co.uk adservice.google.co.uk	342 B
2	google.de www.google.de	218 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	essrtb.com aic.essrtb.com	85 B
1	googletagmanager.com www.googletagmanager.com	28 KB
109	23

	Domain	Requested by
27	www.startsiden.no	www.startsiden.no
13	ice.360yield.com	3 redirects www.startsiden.no
13	securepubads.g.doubleclick.net	www.startsiden.no securepubads.g.doubleclick.net ice.360yield.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.startsiden.no cdn.ampproject.org
5	ad.360yield.com	www.startsiden.no
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects www.startsiden.no
5	presizely.abcmedia.no	www.startsiden.no
4	x.bidswitch.net	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.startsiden.no
3	match.adsrvr.org	3 redirects
3	fastlane.rubiconproject.com	www.startsiden.no
3	stats.g.doubleclick.net	2 redirects www.startsiden.no
3	sb.scorecardresearch.com	1 redirects www.startsiden.no www.googletagmanager.com
2	match.360yield.com	www.startsiden.no
2	pm.w55c.net	1 redirects www.startsiden.no
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	ping.chartbeat.net
2	adx.adform.net	www.startsiden.no
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	www.google.de	www.startsiden.no
2	www.google.com	2 redirects
2	static.chartbeat.com	www.startsiden.no
1	cdn.jsdelivr.net	www.startsiden.no
1	mab.chartbeat.com	static.chartbeat.com
1	aic.essrtb.com	www.startsiden.no
1	www.googletagmanager.com	www.startsiden.no
1	startsiden.no	1 redirects
109	31

This site contains links to these domains. Also see Links.

Domain
www.abcnyheter.no
sedenne.no
kreativeideer.no
finansavisen.no
www.aperitif.no
rebrand.ly
www.adressa.no
www.aftenbladet.no
www.tv2.no
www.fvn.no
www.aftenposten.no
www.facebook.com
twitter.com
www.instagram.com
www.nored.no
presse.no
om.startsiden.no

Subject Issuer	Validity	Valid
startsiden.no Let's Encrypt Authority X3	`2019-11-25` - `2020-02-23`	3 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.essrtb.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-18` - `2021-07-02`	2 years	crt.sh
www.google.de GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
abcnyheter.no Let's Encrypt Authority X3	`2019-12-07` - `2020-03-06`	3 months	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-01-08` - `2020-08-07`	7 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.w55c.net Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.startsiden.no/
Frame ID: 3766E93C6AD1965867A8EA3ED430F789
Requests: 79 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstljgqH8MrvDU29SNrlgfxP8Jg1Pa0Yc270A80Q0-U4sUdFF-oUe4-ANXmBrcxk-oDsfS5L6Hy18Onq8xqOd_r-8YXUZfI3dkrhmfFedpF-1lzBr19ETnYDC9c78sd-D0BAkHl2fJ5qqTzfgptG38rbHKJtSuBfHV6eKv9u8WCm3tx1ImUwHuqnzUbaljoE7yYdoKqiTW6zIv-R-Tqj2fZq49zsty_aEeNMhZ0caCHXuIwqqqYdBec53WgTUU8Yrxo6QlVh-BAtNmskvdAKqk__nkDoVAimJIjk4fP_Q3ZXt8tkTeaTTb2KgFK0&sai=AMfl-YQRZbUjiRyCWF73KPCDpEuMwhBruqg7fXb4B5H_FtgFCLYu2VJ3bIwnwzcADMaTQilmTQ3JhH0jybiv_08WEkkLXY-xL4A_pxXQ9LCGRQ&sig=Cg0ArKJSzKo4-6jWd8nxEAE&urlfix=1&adurl=
Frame ID: 3936D31B11FE6BD631362D1B00146F83
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Frame ID: 9F7F7C1E851E9BB0572F79F3A66AF584
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Frame ID: C2BDD356DCFB06EB3C4E1EC8CFF1CDA8
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B00B610AB7E9F7E29055F32C7FDC0BD6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM3DbrLAB5UbLqCnmw6PU9X8RXDKHj2J3qtQKOHpwh9fUj-S5oeGIhIVgKXGOyLwYo2KWECatslQdFaoFM86rCRcQ2W6cHlUcD3aM5cXZ_VOv562iVxbReemCNYKqytaU7ogjYlp2tVNiN95Rogsu03GcsDy6pc_FxUddfpmzLAbDksX4JstDca_n63yIluO_WTK8Dz3YxYcZpqgbPn4K2lBfyNbVuWjpUvJzfqFOj6yX_K-OdPYWXDiRS59IC0ZUUyo4HxBrT6XhxX1hSZqQ8GaT94u_a2uXRPAY&sai=AMfl-YSN0vpGbahFo3W9OgbeXL0RMjlSLwX7tVEsppaKtDqRMCwUM17Km6HKs6chDhtjsei6uC9RE-Ax1ZgjuZkTcS9YRJ5---aNtlBtzhZXnA&sig=Cg0ArKJSzKilGKBO7oEWEAE&urlfix=1&adurl=
Frame ID: 44E802B56D9AA6BDFB850272892A5730
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1579111599073&output=html&iu=%2F36021320%2Fpassback%2Fstartsiden.no&sz=980x300&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1995403135142085&adk=1048742613&biw=1585&bih=1200&adx=302.5&ady=1094&oid=3&u_sd=1&ifi=1&vis=1&scp=passback%3Dimprove&nhd=1&url=https%3A%2F%2Fwww.startsiden.no%2F&top=https%3A%2F%2Fwww.startsiden.no%2F
Frame ID: 0C1F24AC23CC749F05E971F0946A316F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: CC09D099E928D598D04237EAF089C51F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://startsiden.no/ HTTP 302
https://www.startsiden.no/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

109
Requests

100 %
HTTPS

45 %
IPv6

23
Domains

31
Subdomains

26
IPs

9
Countries

1465 kB
Transfer

3415 kB
Size

10
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.abcnyheter.no/
Title: ABC Nyheter

Search URL Search Domain Scan URL

URL: https://sedenne.no/
Title: SeDenne

Search URL Search Domain Scan URL

URL: https://kreativeideer.no/
Title: Kreative Ideer

Search URL Search Domain Scan URL

URL: https://www.abcnyheter.no/nyheter
Title: SisteVis mer

Search URL Search Domain Scan URL

URL: https://www.abcnyheter.no/nyheter/verden/2020/01/15/195641759/russisk-skattedirektor-blir-ny-statsminister
Title: 18:57Russisk skattedirektør blir ny statsminister

Search URL Search Domain Scan URL

URL: https://www.abcnyheter.no/nyheter/norge/2020/01/15/195641758/ny-isbjorn-sett-ved-longyearbyen
Title: 18:56Ny isbjørn sett ved Longyearbyen

Search URL Search Domain Scan URL

URL: https://www.abcnyheter.no/stemmer/2020/01/15/195641747/frp-bruker-is-kvinnen-til-politisk-spill
Title: «Det føltes helt sikkert riktig å klippe de jentene i 1945 også»ABC Nyheter

Search URL Search Domain Scan URL

URL: https://www.abcnyheter.no/nyheter/verden/2020/01/15/195641649/harley-14-dode-da-han-satte-seg-fast-i-skorstein
Title: Tragedie i USA: 14-åring funnet død i pipe etter fire ukerABC Nyheter

Search URL Search Domain Scan URL

URL: https://www.abcnyheter.no/helse-og-livsstil/helse/2020/01/15/195641641/undertoysmodeller-har-blitt-tynnere
Title: Folk blir tykkere, undertøysmodeller blir tynnereABC Nyheter

Search URL Search Domain Scan URL

URL: https://finansavisen.no/nyheter/bil/2020/01/13/7488234/kostbare-luksusbiler-setter-rekord-i-norge-og-i-hele-verden
Title: Stadig flere velger luksusbil - dette er favoritteneFinansavisen

Search URL Search Domain Scan URL

URL: https://www.aperitif.no/artikler/dagens-rett-slik-lager-du-enkelt-en-smaksrik-biffgryte-som-i-portugal/169124
Title: dagens rett:Portugisisk biffgryteAperitif

Search URL Search Domain Scan URL

URL: http://rebrand.ly/4pfre1184f
Title: beste vin til under og over 200 kroner:Anbefalinger fra vinkjennereKapital

Search URL Search Domain Scan URL

URL: https://www.aperitif.no/artikler/abonner-pa-nyhetsbrev-helt-gratis/169433
Title: slik får du rask tilgang på nyhetene:Abonner på våre nyhetsbrev helt gratisAperitif

Search URL Search Domain Scan URL

URL: https://www.aperitif.no/oppskrifter/dessert-og-kaker
Title: Desserter

Search URL Search Domain Scan URL

URL: https://www.aperitif.no/oppskrifter/brod-og-bakverk
Title: Brød og bakverk

Search URL Search Domain Scan URL

URL: https://www.aperitif.no/oppskrifter/fisk-og-skalldyr
Title: Fisk og skalldyr

Search URL Search Domain Scan URL

URL: https://www.aperitif.no/oppskrifter/barnas-oppskrifter
Title: Barnevennlig

Search URL Search Domain Scan URL

URL: https://www.adressa.no/nyheter/trondelag/2020/01/15/To-biler-kolliderte-i-Melhus-20838939.ece
Title: Adressa

Search URL Search Domain Scan URL

URL: https://www.aftenbladet.no/sport/i/RRBRGa/Bekreftet-Tripic-har-signert-for-tyrkisk-toppklubb#xtor=RSS-3
Title: Stavanger Aftenblad

Search URL Search Domain Scan URL

URL: http://www.tv2.no/nyheter/11138198/
Title: TV 2

Search URL Search Domain Scan URL

URL: https://www.fvn.no/sport/i/qLwLRe/Hvis-Brann-signerer-Valakari_-er-det-et-signal-om-at-Brann-er-pa-vei-mot-en-ny-stil#xtor=RSS-3
Title: Fædrelandsvennen

Search URL Search Domain Scan URL

URL: https://www.aftenposten.no/sport/i/naJaQQ/Handballguttas-EM-suksess-gir-handballjentene-billettboost#xtor=RSS-3
Title: Aftenposten

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Startsiden
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/startsiden
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/startsiden/
Title: instagram

Search URL Search Domain Scan URL

URL: http://www.nored.no/Redaktoeransvar/Redaktoerplakaten
Title: Redaktørplakaten

Search URL Search Domain Scan URL

URL: http://presse.no/pfu/etiske-regler/vaer-varsom-plakaten/
Title: Vær Varsom-plakatens

Search URL Search Domain Scan URL

URL: https://www.nored.no/Redaktoeransvar/Redaktoerplakaten

Search URL Search Domain Scan URL

URL: http://om.startsiden.no/2018-annonseinfo/
Title: Annonseweb

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Startsiden
Title: Gi oss tilbakemelding

Search URL Search Domain Scan URL

URL: http://om.startsiden.no/kontakt/
Title: Kontakt

Search URL Search Domain Scan URL

URL: http://om.startsiden.no/
Title: ABC Startsiden AS

Search URL Search Domain Scan URL

URL: http://om.startsiden.no/retningslinjer-for-personvern/
Title: Personvernpolicy

Search URL Search Domain Scan URL

URL: http://om.startsiden.no/startsiden/
Title: Våre produkter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://startsiden.no/ HTTP 302
https://www.startsiden.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://sb.scorecardresearch.com/b?c1=2&c2=24447451&ns__t=1579111597875&ns_c=UTF-8&c8=Startsiden.no&c7=https%3A%2F%2Fwww.startsiden.no%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24447451&ns__t=1579111597875&ns_c=UTF-8&c8=Startsiden.no&c7=https%3A%2F%2Fwww.startsiden.no%2F&c9=&cs_ak_ss=1

Request Chain 15

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&gjid=95299426&_gid=1208558469.1579111598&_u=YGBAgEAB~&z=1594749707 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&_v=j79&z=1594749707 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&_v=j79&z=1594749707&slf_rd=1&random=1431201664

Request Chain 17

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&gjid=1906319091&_gid=1208558469.1579111598&_u=YGDAgEAB~&z=502309490 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&_v=j79&z=502309490 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&_v=j79&z=502309490&slf_rd=1&random=3443167689

Request Chain 52

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2211354539718d8a6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069082%2C%22tid%22%3A%22bbfcc8b7-6b7d-475b-9493-0e73290df412%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2211354539718d8a6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069082%2C%22tid%22%3A%22bbfcc8b7-6b7d-475b-9493-0e73290df412%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D

Request Chain 53

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212186708ae798d6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069081%2C%22tid%22%3A%22bcb6e660-76dd-43d2-86db-8053baa0151e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212186708ae798d6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069081%2C%22tid%22%3A%22bcb6e660-76dd-43d2-86db-8053baa0151e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D

Request Chain 58

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219a05e0cc9cad12%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069084%2C%22tid%22%3A%2211fd2c5e-9b72-4a48-80d3-3c6125fbbe2d%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219a05e0cc9cad12%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069084%2C%22tid%22%3A%2211fd2c5e-9b72-4a48-80d3-3c6125fbbe2d%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEFWtXdFBQS2DKO2bw8jWTYU&google_cver=1

Request Chain 92

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5

Request Chain 93

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dimprove%26bsw_param%3D5d96080e-0a19-483a-a14c-b24d6f186c68

Request Chain 94

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA HTTP 302
https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7jny6HyjSK-zkUduUftv3Q&google_cm&publisher_dsp_id=340 HTTP 302
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEvIf8QDyzzYplR4XpASVzc&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA HTTP 302
https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEPokuTE_xLKHwYBOxCu_Leg&google_cver=1

Request Chain 107

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=cf1f31a2-ea84-4ebd-b585-b457b0f5918b&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zx8xouqETr21hbRXsPWRiw&google_cm&publisher_dsp_id=340 HTTP 302
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESECrR5WWwMBa2D-ivJnMoe-U&google_cver=1

Request Chain 109

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=cf1f31a2-ea84-4ebd-b585-b457b0f5918b&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dimprove%26bsw_param%3D5d96080e-0a19-483a-a14c-b24d6f186c68 HTTP 302
https://x.bidswitch.net/sync?dsp_id=79&user_id=26eGZ5l71IRN3V5&expires=30&ssp=improve&bsw_param=5d96080e-0a19-483a-a14c-b24d6f186c68 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5d96080e-0a19-483a-a14c-b24d6f186c68

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.startsiden.no/
Redirect Chain

http://startsiden.no/
https://www.startsiden.no/

153 KB
35 KB

336ms
190ms

Document
text/html

87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: a626735f90a40bf77629f9a607fd44045eff95124f50ec19052ed381303db673

Request headers

:method: GET
:authority: www.startsiden.no
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
server: nginx
date: Wed, 15 Jan 2020 18:06:37 GMT
content-type: text/html; charset=utf-8
content-length: 35448
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
cache-control: public, max-age=30
expires: Wed, 15 Jan 2020 18:06:48 GMT
varnish-grace: 28800s
access-control-allow-origin: *
etag: W/"265a5-vq5CAIgCKkkOoja3cEzQX/d/+Cc"
content-encoding: gzip
vary: User-Agent, Accept-Encoding
x-ab-selection: random=1
set-cookie: Abgroup=1;Expires=Wed, 29 Jan 2020 18:06:37 GMT;path=/;domain=.startsiden.no;
accept-ranges: bytes

Redirect headers

Date: Wed, 15 Jan 2020 18:06:37 GMT
Server: Varnish
X-Varnish: 485587965
Location: https://www.startsiden.no/
Content-Length: 0
Connection: close

GET
H2 200 foundation.c175af8de7cead77c062.css
www.startsiden.no/f-static/ 89 KB
8 KB 58ms
58ms Stylesheet
text/css 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/foundation.c175af8de7cead77c062.css
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: c0f7139f548b3fbc8b657816d0a400df25969e3665aac41257c21f86c0387397

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"164b5-16f8042cc78"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 7391

GET
H2 200 commons.6eb9f2aa5d615b663331.css
www.startsiden.no/f-static/ 122 KB
17 KB 92ms
91ms Stylesheet
text/css 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/commons.6eb9f2aa5d615b663331.css
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: cbc9194ab4380360aed1dc3b2d2f8a26a7396428a54bc84a3e956f54a8f05807

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Mon, 13 Jan 2020 13:25:14 GMT
server: nginx
access-control-allow-origin: *
etag: W/"1e786-16f9f146e90"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 16714

GET
H2 200 globalStyles.5d3cd343891994f4c1ff.css
www.startsiden.no/f-static/ 3 KB
1 KB 117ms
116ms Stylesheet
text/css 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/globalStyles.5d3cd343891994f4c1ff.css
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 7a97dfc3b7129d28f5ab5ee7a46fd436c9b5c719e5003c83e9ed8a26d3609280

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"d26-16f8042cc78"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1120

GET
H2 200 mainPage.27d8c7c5c2f64f61b4b2.css
www.startsiden.no/f-static/ 76 KB
12 KB 120ms
120ms Stylesheet
text/css 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: f34e8b6e3881a19e69c675928a536fcb0f924e70d5d84214e9ef585a1c6203f2

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 08:20:29 GMT
server: nginx
access-control-allow-origin: *
etag: W/"131f2-16fa323c8c8"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 11880

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 23ms
7ms Script
application/x-javascript 2600:9000:20eb:d200:18:1fcd:349:ca21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:d200:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 17:08:31 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 3486
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-edge-o15-rid: 013k8dNDoOOppzTZRWiSyk0J7BC2aciXRrkulP2O7Du9m699cuOMQQ==
x-amz-cf-id: mruMbDKDKcqJATYE4y5s7gDhMcrvWKNt8fvYSzw3Qs-as5DSDrexsA==
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
expires: Wed, 15 Jan 2020 19:08:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
28 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5P58T4

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db0d80cb7be5102e2a824e83c243808c072c965a3ab6705095c4c11dc2e9aac7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28436
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:37 GMT

GET
H2 200 polyfills.afb5aa7aaa137ff74bec.bundle.js Show response
www.startsiden.no/f-static/ 9 KB
4 KB 217ms
216ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/polyfills.afb5aa7aaa137ff74bec.bundle.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 86b75c3a858dbefe8b533e0c3adbd539343415745e9f2183605a9aa76bc590f2

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"2542-16f8042cc78"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 3398

GET
H2 200 commons.ec8e1d406806a3ddaf20.bundle.js Show response
www.startsiden.no/f-static/ 495 KB
147 KB 122ms
121ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/commons.ec8e1d406806a3ddaf20.bundle.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: b366170ccf61a179ffbee96071361400aa20dba9999f599967a0c3c4385779e5

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Mon, 13 Jan 2020 13:25:14 GMT
server: nginx
access-control-allow-origin: *
etag: W/"7bd07-16f9f146e90"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 150185

GET
H2 200 mainPage.abb304915885a83f5346.bundle.js Show response
www.startsiden.no/f-static/ 120 KB
34 KB 213ms
213ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/mainPage.abb304915885a83f5346.bundle.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 63a15860f730ff2376bd331a420fbf500cb403ab38a553719e98ce5736a753b2

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 08:20:29 GMT
server: nginx
access-control-allow-origin: *
etag: W/"1e1c3-16fa323c8c8"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 34203

GET
H2 200 prebidBundle.d983e6658c373494147f.bundle.js Show response
www.startsiden.no/f-static/ 172 KB
56 KB 243ms
243ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 291113fcb8c57dfa367751660ca821ad55d536ace1d4c79ea47c56f0d56b6eb4

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"2af62-16f8042cc78"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 56885

GET
H2 200 abc-adloader.1836a0484750653bebe7.bundle.js Show response
www.startsiden.no/f-static/ 36 KB
12 KB 218ms
218ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/f-static/abc-adloader.1836a0484750653bebe7.bundle.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: b300d0276c7868927f2bef1667b65282738af63b1371237f437906ed700e8ac3

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:37 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"8e71-16f8042cc78"
x-ab-selection: disabled
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 11961

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P58T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1703
date: Wed, 15 Jan 2020 17:38:14 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 15 Jan 2020 19:38:14 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24447451&ns__t=1579111597875&ns_c=UTF-8&c8=Startsiden.no&c7=https%3A%2F%2Fwww.startsiden.no%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=24447451&ns__t=1579111597875&ns_c=UTF-8&c8=Startsiden.no&c7=https%3A%2F%2Fwww.startsiden.no%2F&c9=&cs_ak_ss=1

0
514 B

36ms
35ms

Image
text/plain

23.11.238.95
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24447451&ns__t=1579111597875&ns_c=UTF-8&c8=Startsiden.no&c7=https%3A%2F%2Fwww.startsiden.no%2F&c9=&cs_ak_ss=1
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=24447451&ns__t=1579111597875&ns_c=UTF-8&c8=Startsiden.no&c7=https%3A%2F%2Fwww.startsiden.no%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 articleimp
aic.essrtb.com/ 0
85 B 112ms
35ms Image
text/plain 52.18.90.190
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aic.essrtb.com/articleimp?gtmcb=1743553772
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.90.190 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-90-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:37 GMT
cache-control: no-transform
content-length: 0
vary: Accept-Encoding

GET
H2 200 collect
www.google-analytics.com/ 35 B
106 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=1747339665&t=pageview&_s=1&dl=https%3A%2F%2Fwww.startsiden.no%2F&ul=en-us&de=UTF-8&dt=Startsiden.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1554516472&gjid=95299426&cid=1761347290.1579111598&tid=UA-27825163-16&_gid=1208558469.1579111598&gtm=2wg1815P58T4&cd7=&z=2082848780

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 01:21:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4985106
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&gjid=95299426&_gid=1208558469.1579111598&_u=YGBAgEAB~&z=1594749707
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&_v=j79&z=1594749707
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&_v=j79&z=1594749707&slf_rd=1&random=1431201664

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&_v=j79&z=1594749707&slf_rd=1&random=1431201664

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-16&cid=1761347290.1579111598&jid=1554516472&_v=j79&z=1594749707&slf_rd=1&random=1431201664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 5ms
5ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=1747339665&t=pageview&_s=1&dl=https%3A%2F%2Fwww.startsiden.no%2F&ul=en-us&de=UTF-8&dt=Startsiden.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEAB~&jid=1420206363&gjid=1906319091&cid=1761347290.1579111598&tid=UA-27825163-3&_gid=1208558469.1579111598&gtm=2wg1815P58T4&z=869305774

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 01:21:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4985106
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&gjid=1906319091&_gid=1208558469.1579111598&_u=YGDAgEAB~&z=502309490
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&_v=j79&z=502309490
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&_v=j79&z=502309490&slf_rd=1&random=3443167689

42 B
109 B

21ms
21ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&_v=j79&z=502309490&slf_rd=1&random=3443167689

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27825163-3&cid=1761347290.1579111598&jid=1420206363&_v=j79&z=502309490&slf_rd=1&random=3443167689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=1747339665&t=pageview&_s=1&dl=https%3A%2F%2Fwww.startsiden.no%2F&ul=en-us&de=UTF-8&dt=Startsiden.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEAB~&jid=1467093622&gjid=1321022472&cid=1761347290.1579111598&tid=UA-27825163-20&_gid=1208558469.1579111598&gtm=2wg1815P58T4&z=1747818722

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 01:21:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4985106
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c00::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-27825163-20&cid=1761347290.1579111598&jid=1467093622&gjid=1321022472&_gid=1208558469.1579111598&_u=YGDAgEAB~&z=530896653

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 15 Jan 2020 18:06:37 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Startsiden.92e50501.svg
www.startsiden.no/f-static/ 2 KB
1 KB 122ms
122ms Image
image/svg+xml 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/Startsiden.92e50501.svg
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 8202a9c729ccd151819ae29c9daea5014a743e77b5e177bb1f5a75fb1551bda4

Request headers

Referer: https://www.startsiden.no/f-static/commons.6eb9f2aa5d615b663331.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"7c7-16f8042cc78"
x-ab-selection: disabled
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 891

GET
H2 200 WeatherSun.9aaf7cde.svg
www.startsiden.no/f-static/ 1 KB
926 B 123ms
122ms Image
image/svg+xml 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/WeatherSun.9aaf7cde.svg
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: c2619dce5821fc75e82e5e3852540f1a1157dd1bb65834db8f493da21e5d2c19

Request headers

Referer: https://www.startsiden.no/f-static/commons.6eb9f2aa5d615b663331.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
last-modified: Thu, 02 Jan 2020 08:37:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"4e0-16f6566edd0"
x-ab-selection: disabled
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 563

GET
H2 200 14670810.jpg
presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/ 44 KB
44 KB 244ms
87ms Image
image/jpeg 87.238.33.154
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/14670810.jpg?accessToken=c2ff1eb0453563b5af7807617787a4208714ba433b7fd2ceebbff6e2680cfe33
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.154 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 0d5ab037d9dc1e3eb1c24199d1a0f54765f4125aea3cb8c60f671817d9d750e5

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
etag: 8319d00dec601792bbd5717d91b12559
x-ab-selection: disabled
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
content-length: 45086

GET
H2 200 14665154.jpg
presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/ 30 KB
30 KB 335ms
178ms Image
image/jpeg 87.238.33.154
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/14665154.jpg?accessToken=6ef7cb717b349a83c6f2ae6cf4d841531364157876f36ea66c12ce90b5afee90
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.154 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: b018ed2e60a3b82cbd7ee9ebeab3b679ca98783774ebc89789d3d1b66532f863

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
etag: 317f8e0b644d35af0f3bcbbc001d0fa3
x-ab-selection: disabled
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
content-length: 30699

GET
H2 200 14649901.jpg
presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/ 46 KB
46 KB 280ms
123ms Image
image/jpeg 87.238.33.154
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/14649901.jpg?accessToken=f10f1cc1846f49beab4d716f0a67cbb6b68620f5100f242aa6a5df15a002094b
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.154 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 89a33b049d86409c48d7bf480a19053ae6edbeb4d0d8dd7f8e20a65ee7422415

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
etag: 3bd951c87b5b719effff04e5293dba55
x-ab-selection: disabled
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
content-length: 46991

GET
H2 200 14642526.jpg
presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/ 56 KB
56 KB 306ms
150ms Image
image/jpeg 87.238.33.154
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/14642526.jpg?t%5Bcrop%5D%5Bx%5D=133&t%5Bcrop%5D%5By%5D=9&t%5Bcrop%5D%5Bheight%5D=391&t%5Bcrop%5D%5Bwidth%5D=588&accessToken=9c8e61ccf4bcfe1467447cb62d1ca6d969fd99042251ade2ae38c9b703a84731
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.154 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 19ca0824899dadaa309023ef7b4a0f316328b64f3865f1cf317184b0b470acd8

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
etag: 05af730e05916caef5b3ca9bbe0f539e
x-ab-selection: disabled
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
content-length: 57508

GET
H2 200 14668021.jpg
presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/ 54 KB
51 KB 338ms
182ms Image
image/jpeg 87.238.33.154
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presizely.abcmedia.no/500x,prog,q90/https://smooth-storage.aptoma.no/users/drp-abcnyheter/images/14668021.jpg?t%5Bcrop%5D%5Bx%5D=1&t%5Bcrop%5D%5By%5D=0&t%5Bcrop%5D%5Bheight%5D=514&t%5Bcrop%5D%5Bwidth%5D=771&accessToken=0e9e028fa49e62800a554391f5a16fa84d60a6427d5d5562a670f00d74c1ecb8
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.154 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: d9a42b1be7c7347edc3bf0010f98fc85fe457812bbecd43f0517187fe5a65643

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
etag: ad2ceacfb24c2e2e7fbaf1ef0c5850d3
x-ab-selection: disabled
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2628000
accept-ranges: bytes
content-length: 51687

GET
H2 200 YouTube.15607bf1.svg
www.startsiden.no/f-static/ 2 KB
1 KB 117ms
117ms Image
image/svg+xml 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/YouTube.15607bf1.svg
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: cc114d9b5c4c6356901c6e21caaa847a30fd3144081bdcdca61b3d4fe471c8bd

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"9be-16f8042cc78"
x-ab-selection: disabled
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1066

GET
H2 200 wikipedia.02640493.png
www.startsiden.no/f-static/ 875 B
1 KB 118ms
118ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/wikipedia.02640493.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 6c285c19ef4b5cab8394f472c2b1165a7d2a91f6df694d948e52d0b175de2ed9

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"36b-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 875

GET
H2 200 storeNorske.8d03638b.png
www.startsiden.no/f-static/ 1 KB
2 KB 116ms
116ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/storeNorske.8d03638b.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 437e39bc20703ecbc8ea2bc2032c4f1aa8a8bad9a5d6ac7aa7532f0e495b2f94

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"4f4-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1268

GET
H2 200 ordbok.c61fc41d.png
www.startsiden.no/f-static/ 1 KB
1 KB 117ms
115ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/ordbok.c61fc41d.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 64717f7fd498b7e8c152871185351a98fe79662d92e337cec7eadf6026786465

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"401-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1025

GET
H2 200 imdb.d697ef0f.png
www.startsiden.no/f-static/ 1 KB
2 KB 119ms
117ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/imdb.d697ef0f.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: e192e352eb76585e59398a60563cab83bc7a4a36e80d345ab7d7418df4ee9b85

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"543-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1347

GET
H2 200 googleTranslate.1d1b7357.png
www.startsiden.no/f-static/ 1 KB
1 KB 118ms
116ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/googleTranslate.1d1b7357.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: abe70fdcb54788e98af3b51f414ce62f8fe683943dc341a5b5f0abc0330b0522

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"432-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1074

GET
H2 200 allkunne.0a8fd961.png
www.startsiden.no/f-static/ 622 B
937 B 117ms
116ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/allkunne.0a8fd961.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: baa2b39edf18c7217fba5a5108d74bdbb92f40006223a5e6116abb77640a655b

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"26e-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 622

GET
H2 200 vimeo.e5f4f502.png
www.startsiden.no/f-static/ 570 B
885 B 118ms
117ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/vimeo.e5f4f502.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 25d78e5a6d0b6eabedb79a84a0004089e75b8f8113f44c6e05659118b60fab56

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"23a-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 570

GET
H2 200 hvordan.debc6acf.png
www.startsiden.no/f-static/ 474 B
789 B 117ms
116ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/hvordan.debc6acf.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 847dd4fd0a3fb792dd09c236b5d7ebb08db928a35a9f248ced4bb31d033880d3

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"1da-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 474

GET
H2 200 brreg.564c2b09.png
www.startsiden.no/f-static/ 258 B
573 B 118ms
117ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/brreg.564c2b09.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 5ba3c8170a52111f943f474e6a77caafdab6f36f1c42a928e0eb07b1231caa54

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"102-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 258

GET
H2 200 proff.3341d5eb.png
www.startsiden.no/f-static/ 1 KB
2 KB 117ms
116ms Image
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/proff.3341d5eb.png
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 8c1ac452505cb5a22ce8ba1dacf186cea7bf5977144dfa18f78af180e63c8257

Request headers

Referer: https://www.startsiden.no/f-static/mainPage.27d8c7c5c2f64f61b4b2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"544-16f8042cc78"
x-ab-selection: disabled
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1348

GET
H2 200 Facebook.23b9fa03.svg
www.startsiden.no/f-static/ 268 B
591 B 115ms
115ms Image
image/svg+xml 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/Facebook.23b9fa03.svg
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: b89857075f17e52969b044562c648d7010f3edb1e99f61fa358c0ef5d9776a34

Request headers

Referer: https://www.startsiden.no/f-static/commons.6eb9f2aa5d615b663331.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"10c-16f8042cc78"
x-ab-selection: disabled
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 228

GET
H2 200 Twitter.4e3c9fa5.svg
www.startsiden.no/f-static/ 924 B
916 B 115ms
115ms Image
image/svg+xml 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/Twitter.4e3c9fa5.svg
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 5da24affead2f791d5d3e878907007f053f8e2eb657cccd3ce1df5bb5cf55f27

Request headers

Referer: https://www.startsiden.no/f-static/commons.6eb9f2aa5d615b663331.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"39c-16f8042cc78"
x-ab-selection: disabled
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 553

GET
H2 200 Instagram.e5b68d5f.svg
www.startsiden.no/f-static/ 2 KB
1 KB 115ms
115ms Image
image/svg+xml 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.startsiden.no/f-static/Instagram.e5b68d5f.svg
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 67c46d10f11494a5524d685d2434f9e22758e70bc2b21018dd0636a0ba9e1911

Request headers

Referer: https://www.startsiden.no/f-static/commons.6eb9f2aa5d615b663331.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 13:47:39 GMT
server: nginx
access-control-allow-origin: *
etag: W/"625-16f8042cc78"
x-ab-selection: disabled
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 733

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 157 B
447 B 22ms
6ms XHR
application/json 2a04:4e42:3::714
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=startsiden.no&domain=startsiden.no&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 81b68a58a4201ad3a7fe7ea0475c0b704182b9a7369d9246360c97a3ae8b77f0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
age: 1113
x-cache: HIT
status: 200
x-cache-hits: 2
content-length: 126
x-served-by: cache-fra19164-FRA
access-control-allow-origin: *
x-timer: S1579111598.039889,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 13 Jan 2020 17:48:04 GMT

GET
H2 200 ads.js Show response
www.startsiden.no/js/ 21 B
432 B 86ms
86ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/js/ads.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
status: 200
content-length: 41
server: nginx
cache-control: public, max-age=3600
etag: W/"15-lIFZOz7YiaSNf6vhdfQZVHc18BA"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
varnish-grace: 28800s
x-ab-selection: disabled
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
expires: Wed, 15 Jan 2020 18:42:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
16 KB 111ms
42ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/abc-adloader.1836a0484750653bebe7.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

5d3061a37f7bb906f1c2ed329994e93afdd667096a9254f7bd21f04243abb6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "398 / 384 of 1000 / last-modified: 1578960786"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16042
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.startsiden.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.startsiden.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_modern_2020010901.js Show response
securepubads.g.doubleclick.net/gpt/ 148 KB
56 KB 43ms
43ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

c5a3709fcb8d0ef77f5f1828b0aa005cfa2c9497e1d5b80ddf3a7330a979f9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jan 2020 14:07:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 57329
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 20ms
6ms XHR
application/json 2a04:4e42:3::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200115

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

829cfef761f99bcdcde2b2f65214828467fba77e865043df39e86ba2fff3e163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 749
etag: W/"53c-ziuJfNVeCPxukBJsQxF4SE17v70"
x-served-by: cache-fra19143-FRA
date: Wed, 15 Jan 2020 18:06:38 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 B
714 B 85ms
28ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:40 GMT
X-Proxy-Origin: 185.44.76.106; 185.44.76.106; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.76:80
AN-X-Request-Uuid: 7940550b-6b2f-49b8-8ee5-ec6639c6dc77
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.startsiden.no
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 264 B
2 KB 251ms
145ms XHR
application/json 213.19.162.51
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19992&site_id=245752&zone_id=1215070&size_id=31&alt_size_ids=57%2C79%2C113%2C145&rf=https%3A%2F%2Fwww.startsiden.no%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=bbfcc8b7-6b7d-475b-9493-0e73290df412&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8721327718343492
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 942c5788119ab01edf42657c450b07237d87c38cd28fe7689a3167e37d973689

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:38 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.startsiden.no
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=234
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 265 B
2 KB 313ms
205ms XHR
application/json 213.19.162.51
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19992&site_id=245752&zone_id=1215074&size_id=15&alt_size_ids=9%2C8%2C10%2C33&rf=https%3A%2F%2Fwww.startsiden.no%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=bcb6e660-76dd-43d2-86db-8053baa0151e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3565780652785393
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: ed55b221ca778e48d7ab1f31e741195b700a10dd191e361c64b8973b5c0f010a

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:38 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.startsiden.no
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=232
Content-Length: 265
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
456 B 164ms
74ms XHR
application/json 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTY1OTAxNCZwcmljZVR5cGU9bmV0JnRyYW5zYWN0aW9uSWQ9YmJmY2M4YjctNmI3ZC00NzViLTk0OTMtMGU3MzI5MGRmNDEyJnJjdXI9Tk9L&bWlkPTY1OTAxMSZwcmljZVR5cGU9bmV0JnRyYW5zYWN0aW9uSWQ9YmNiNmU2NjAtNzZkZC00M2QyLTg2ZGItODA1M2JhYTAxNTFlJnJjdXI9Tk9L&pt=net&stid=e870daef-6a2b-4fd1-94f7-be23c57b0801&fd=1

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.starts...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww....

0
-1 B

111ms
37ms

XHR
text/plain

52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2211354539718d8a6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069082%2C%22tid%22%3A%22bbfcc8b7-6b7d-475b-9493-0e73290df412%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
access-control-allow-origin: https://www.startsiden.no
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2211354539718d8a6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069082%2C%22tid%22%3A%22bbfcc8b7-6b7d-475b-9493-0e73290df412%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Wed, 15 Jan 2020 18:06:38 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2211354539718d8a6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069082%2C%22tid%22%3A%22bbfcc8b7-6b7d-475b-9493-0e73290df412%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.startsiden.no
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.starts...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww....

0
-1 B

110ms
37ms

XHR
text/plain

52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212186708ae798d6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069081%2C%22tid%22%3A%22bcb6e660-76dd-43d2-86db-8053baa0151e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
access-control-allow-origin: https://www.startsiden.no
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212186708ae798d6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069081%2C%22tid%22%3A%22bcb6e660-76dd-43d2-86db-8053baa0151e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Wed, 15 Jan 2020 18:06:38 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212186708ae798d6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069081%2C%22tid%22%3A%22bcb6e660-76dd-43d2-86db-8053baa0151e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.startsiden.no
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 480ms
480ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1567264255241988&correlator=2545121614592688&output=ldjh&impl=fifs&adsid=NT&eid=21065316%2C21065367%2C21062452%2C21064366%2C21065318&vrg=2020010901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200115&iu_parts=36021320%2Cstartsiden.no%2Cflyingcarpet%2Cfront%2Cmiddlebanner&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F3&prev_iu_szs=320x50%7C1x1%2C980x600%7C980x300%7C980x200%7C980x150%7C980x120%7C970x250%7C1x1&fluid=height%2C0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1579111598&dt=1579111598356&dlt=1579111597830&idt=494&frm=20&biw=1585&bih=1200&oid=3&adxs=-7%2C303&adys=1691%2C1051&adks=1255261588%2C4252381767&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.startsiden.no%2F&dssz=22&icsg=700415&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1%7C980x600&msz=1600x1%7C980x600&ga_vid=1761347290.1579111598&ga_sid=1579111598&ga_hid=1747339665&fws=4%2C4&ohw=1585%2C980

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

b8a3051487f11e724b6101686eab00579e022ef65bf1346e7297e2d743c1de8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4058
x-xss-protection: 0
google-lineitem-id: 5264583308,4853961834
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138300052103,138230246384
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_modern_rendering_2020010901.js Show response
securepubads.g.doubleclick.net/gpt/ 61 KB
24 KB 42ms
41ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

2d901f1ef5c8ca6529c2901b44fe5f338c901c860551b30c80966cbdfa3c8a1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Jan 2020 14:07:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24233
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 18ms
6ms Other
text/html 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
449 B 159ms
93ms XHR
application/json 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTY1OTAwNSZwcmljZVR5cGU9bmV0JnRyYW5zYWN0aW9uSWQ9MTFmZDJjNWUtOWI3Mi00YTQ4LTgwZDMtM2M2MTI1ZmJiZTJkJnJjdXI9Tk9L&pt=net&stid=20a55d28-bd24-49ff-b032-404db79ddaa6&fd=1

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.starts...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww....

0
-1 B

86ms
36ms

XHR
text/plain

52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219a05e0cc9cad12%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069084%2C%22tid%22%3A%2211fd2c5e-9b72-4a48-80d3-3c6125fbbe2d%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
access-control-allow-origin: https://www.startsiden.no
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219a05e0cc9cad12%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069084%2C%22tid%22%3A%2211fd2c5e-9b72-4a48-80d3-3c6125fbbe2d%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Wed, 15 Jan 2020 18:06:38 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219a05e0cc9cad12%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069084%2C%22tid%22%3A%2211fd2c5e-9b72-4a48-80d3-3c6125fbbe2d%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.startsiden.no
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
2 KB 409ms
184ms XHR
application/json 213.19.162.51
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19992&site_id=245752&zone_id=1215076&size_id=15&alt_size_ids=159&rf=https%3A%2F%2Fwww.startsiden.no%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=11fd2c5e-9b72-4a48-80d3-3c6125fbbe2d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6506825720452736
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 8f56725a9d5096bdc83b67fbaf2b5219f37467307e978f6c9f79fad0bd68bfa3

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:38 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.startsiden.no
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=467
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 B
715 B 82ms
27ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/f-static/prebidBundle.d983e6658c373494147f.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:40 GMT
X-Proxy-Origin: 185.44.76.106; 185.44.76.106; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.141:80
AN-X-Request-Uuid: 33159f75-8266-49be-8d66-9e7312b80892
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.startsiden.no
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/24447451/ 0
400 B 294ms
294ms Script
application/x-javascript 23.11.238.95
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/24447451/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P58T4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.11.238.95 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-11-238-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 15 Jan 2020 18:06:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Sat, 18 Jan 2020 18:06:38 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 8ms
7ms Script
application/x-javascript 2600:9000:20eb:d200:18:1fcd:349:ca21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:d200:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 16:33:41 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 5577
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: fR_6OaApnR2p3JMqRZ3nD5K_vojTciCVhcZsen1TBGxPkm7Lkkv_1A==
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
expires: Wed, 15 Jan 2020 18:33:41 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 301ms
102ms Image
image/gif 52.45.19.11
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=startsiden.no&p=%2F&u=26yb4BuO-4gBGwy7p&d=startsiden.no&g=19674&g0=Frontpage&g1=Startsiden&n=1&f=00001&c=0&x=0&m=0&y=4338&o=1775&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1068&t=DJYFbeDWjZt5DgKEGGDmWIzRCD8h0v&V=118&i=Startsiden.no&tz=-60&sn=1&sv=tldLLCNZRmwYfLjnByNrr5BEPK4j&sd=1&im=06532c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.19.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-45-19-11.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 3 KB
2 KB 170ms
169ms XHR
application/json 52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2224cbd01a909f551%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2219a05e0cc9cad12%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069084%2C%22tid%22%3A%2211fd2c5e-9b72-4a48-80d3-3c6125fbbe2d%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f78c6464e123a532ffd370df26233b2fdea5c0ff6dfe8fdeec58da5856f3db45

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.startsiden.no
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1751

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 3 KB
2 KB 172ms
172ms XHR
application/json 52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213fa95fcfd32346%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2211354539718d8a6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069082%2C%22tid%22%3A%22bbfcc8b7-6b7d-475b-9493-0e73290df412%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 963fcb988b20aab620c07ed4f0d88bd648d860012589e213b87549e289ebc15b

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.startsiden.no
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1759

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 3 KB
2 KB 139ms
139ms XHR
application/json 52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214afc0b01c3b5e1%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.startsiden.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212186708ae798d6%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A12069081%2C%22tid%22%3A%22bcb6e660-76dd-43d2-86db-8053baa0151e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d99b171c7066835bb298e28472abcc72f8b888db4fb0636279e38c7cf475f1af

Request headers

Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.startsiden.no
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1827

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
8 KB 106ms
106ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1567264255241988&correlator=2879594948374677&output=ldjh&impl=fifs&adsid=NT&eid=21065316%2C21065367%2C21062452%2C21064366%2C21065318&vrg=2020010901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200115&iu_parts=36021320%2Cstartsiden.no%2Cwallpaper%2Cfront%2Ctopbanner%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F3%2C%2F0%2F1%2F5%2F3&prev_iu_szs=1920x800%7C1920x850%7C1920x1000%7C1920x1200%2C1000x300%7C980x300%7C980x200%7C980x150%7C980x120%7C970x250%2C180x500%7C180x600%7C160x600%7C120x600%7C300x250%7C300x600%7C1x1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1579111598&dt=1579111598663&dlt=1579111597830&idt=494&frm=20&biw=1585&bih=1200&oid=3&adxs=-167%2C0%2C1595&adys=0%2C0%2C300&adks=1799844815%2C3694334802%2C1160372146&ucis=3%7C4%7C5&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.startsiden.no%2F&dssz=25&icsg=539672572&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0%7C1585x300%7C1585x0&msz=1920x1920%7C1585x300%7C190x500&ga_vid=1761347290.1579111598&ga_sid=1579111598&ga_hid=1747339665&fws=4%2C4%2C4&ohw=1585%2C1585%2C1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

c1a8fae5a37decfdfdf9d95363df7925c658ce987c3800989b4aefef1092220b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7428
x-xss-protection: 0
google-lineitem-id: 5265099055,5265099055,5265099055
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138299822976,138300195607,131924814640
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.startsiden.no
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
667 B 28ms
15ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1567264255241988&r=1000x300%7C980x300%7C980x200%7C980x150%7C980x120%7C970x250&w=1000&h=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3936 0
0 44ms
43ms Fetch
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstljgqH8MrvDU29SNrlgfxP8Jg1Pa0Yc270A80Q0-U4sUdFF-oUe4-ANXmBrcxk-oDsfS5L6Hy18Onq8xqOd_r-8YXUZfI3dkrhmfFedpF-1lzBr19ETnYDC9c78sd-D0BAkHl2fJ5qqTzfgptG38rbHKJtSuBfHV6eKv9u8WCm3tx1ImUwHuqnzUbaljoE7yYdoKqiTW6zIv-R-Tqj2fZq49zsty_aEeNMhZ0caCHXuIwqqqYdBec53WgTUU8Yrxo6QlVh-BAtNmskvdAKqk__nkDoVAimJIjk4fP_Q3ZXt8tkTeaTTb2KgFK0&sai=AMfl-YQRZbUjiRyCWF73KPCDpEuMwhBruqg7fXb4B5H_FtgFCLYu2VJ3bIwnwzcADMaTQilmTQ3JhH0jybiv_08WEkkLXY-xL4A_pxXQ9LCGRQ&sig=Cg0ArKJSzKo4-6jWd8nxEAE&urlfix=1&adurl=

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3936 74 KB
28 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1cc73be67c45f1d36abb78716c77a65fda71878207fc1bb6e7431498f6d270c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1578932829520665"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28350
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ab856b5203ff7aae954d0d3f1a80b52429a622f64462321b99bcde9025aea23f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1578932829520665"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28669
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011912050130240/ 20 KB
8 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4450
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7140
x-xss-protection: 0
server: sffe
date: Wed, 15 Jan 2020 16:52:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d61e8113ad0598ef"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Jan 2021 16:52:28 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011912050130240/ Frame 9F7F 200 KB
54 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4502
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55703
x-xss-protection: 0
server: sffe
date: Wed, 15 Jan 2020 16:51:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d665c0313f255e6"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Jan 2021 16:51:36 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011912050130240/v0/ Frame 9F7F 152 KB
41 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4492
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41415
x-xss-protection: 0
server: sffe
date: Wed, 15 Jan 2020 16:51:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "66b88e0b1300c1e3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Jan 2021 16:51:46 GMT

GET
DATA 200
OK truncated
/ Frame 9F7F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be76760d2bfb3e77494da10bf0a5353b09ddf546af0e07109358c8da3cda9899

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011912050130240/ Frame C2BD 200 KB
55 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4502
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55703
x-xss-protection: 0
server: sffe
date: Wed, 15 Jan 2020 16:51:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d665c0313f255e6"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Jan 2021 16:51:36 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011912050130240/v0/ Frame C2BD 152 KB
41 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011912050130240/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4492
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41415
x-xss-protection: 0
server: sffe
date: Wed, 15 Jan 2020 16:51:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "66b88e0b1300c1e3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Jan 2021 16:51:46 GMT

GET
DATA 200
OK truncated
/ Frame C2BD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0329be564adb4ed14f7025fddd1296301ca4cea013515253dcaf6cf919ae2d8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16973159337687763644
tpc.googlesyndication.com/simgad/ Frame 9F7F 96 KB
96 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16973159337687763644

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

40f6872ad52d2393c2536bd5cd436fae04f629418c2ea3d78bf57f7ff391294a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 11 Jan 2020 23:09:33 GMT
x-content-type-options: nosniff
age: 327425
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 98489
x-xss-protection: 0
last-modified: Wed, 08 Jan 2020 13:12:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Jan 2021 23:09:33 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F7F 0
278 B 44ms
44ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ-XgGG6JZBSVV_hbg1WsO7ZXSKLl5xBHwpfZThE9LXhimjWAzmnQmdpBWBg1JKwZXCIkMPByBnrzUZw04DDmPTCvNch3GRNW-bU4NrdS_gzCzzyvJ4rI32yIYjFxDqUnGo_TMn557zx_vybQeFMnMv_EyYu8Rx07WsEcJaeJGLXvdfFNYm6x4DyXDqZwzbLvT_2aKudLALRPlbu44-qPOO1O1WrkUeRyEofGG4khvNcBJ1V1nKJawYvDjCSOLA61OJzdBB0GW9-4RFHgjbVUAXc8mG8Ey4EXhDGeXYkReALlf8hKhztRUCwk&sai=AMfl-YQhThfo6f35j73HC5bA46D6OolBMNg_QVCorF-QV2jR93bX0uNpbg5owwVnc0BB4u4o9cIph7FquRMXS_Io8xL-OnO8NgmHNcm5P0uDEQ&sig=Cg0ArKJSzHOGlzOJaJtdEAE&adurl=

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 10915080810621675096
tpc.googlesyndication.com/simgad/ Frame C2BD 95 KB
96 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10915080810621675096

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

077cc1d2e333a501e19fb29c4884dbf73bc80baf379841159276ef836a2e4eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 11 Jan 2020 23:09:33 GMT
x-content-type-options: nosniff
age: 327425
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 97682
x-xss-protection: 0
last-modified: Wed, 08 Jan 2020 13:12:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Jan 2021 23:09:33 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C2BD 0
278 B 43ms
43ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPhUhYyIoH74WxGsVPKJ6Xed-eR9NiyEs5GLanz93GVjGxGyE_acbCeaTH9jjQSNolv15ucD1qSEAtCkbu-2Dj8ZeWXIb2s42_nA5HYSPwE_iL4HdVojAfw5vdRQ2NmaBmBKxHg015UtQ3E_KgzXmZLCulbbtbWMHel-uNsiSKHDpjyMYUpNrlB1rRdOwE9v0-_50HyvmLrgiu4ir4mV9mEIkj79wYYFS2njmqQrP-WxZkCL_WwzZru6ewA4fHFYO3Yn2Y2JbCvCBvIYmUkEx_FqhunqF2nsR-5ae44xwYIgGQWNJCAkRbWbw&sai=AMfl-YTEzcf0wqV8tM_T94XW1U0MUIhKlqRDXENlGrhTJWjKrmxArMHC3xd4KYR_ye9M5TfcFONglTAMniV0E_PXQmmL4oahtfgQT4AG8_mnyg&sig=Cg0ArKJSzMZaZPSOO6RaEAE&adurl=

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 406ms
406ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1567264255241988&correlator=479162344766540&output=ldjh&impl=fifs&adsid=NT&eid=21065316%2C21065367%2C21062452%2C21064366%2C21065318&vrg=2020010901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200115&iu_parts=36021320%2Cstartsiden.no%2Crectangle%2Cfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x250%7C300x250&fluid=height&eri=1&cookie=ID%3Deda8a98acb8e6536%3AT%3D1579111598%3AS%3DALNI_MbaJ1Zz0X1qqqNnIcq1Zv01hves-w&cookie_enabled=1&bc=31&abxe=1&lmt=1579111598&dt=1579111598799&dlt=1579111597830&idt=494&frm=20&biw=1585&bih=1200&oid=3&adxs=969&adys=784&adks=1869617187&ucis=6&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.startsiden.no%2F&dssz=27&icsg=9129607164&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=313x250&msz=313x250&psts=AA2WTGPqukd5yBbigZbij64cgdakqRgeGUB_0LFewbVWVlBWpRRbtFBSILhqoXCkLm3nk4iAcSPOss5uH629koZ7m4vbq1ZYGoID2PwIqfSpPznI%2CAA2WTGNMSX2fdxV4re4LoxlWnlb7jCZPgVYM5M6eepPwTfCxb0bX6smvShx2WXRgd1Jwehjixa7-jleThNjZcA449cV6ZQ45ampEZQB9IfBwlKrN%2CAA2WTGMWMh-R9QBPhjW7vxAAu8ok47b5m814NPawt7TYafneollch8Dj98glCbFYpHKUfTJmy_q8-oi9z-_UzW2Bsgu17QnIQz4nOn0f9v-Gz9RN&ga_vid=1761347290.1579111598&ga_sid=1579111598&ga_hid=1747339665&fws=4&ohw=313

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

39dbcc05da037cbda19c5d28c7478284a06de4e15ff13bd330e4237775c0187a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no

Response headers

date: Wed, 15 Jan 2020 18:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8835
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3936 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77cf4280f3cd1acafbb00b5657dfb5fb35270a0f387ed8b5148be3418b5043a8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B00B 0
0 7ms
6ms Document
text/html 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.startsiden.no/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.startsiden.no/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 15 Jan 2020 17:35:12 GMT
expires: Thu, 14 Jan 2021 17:35:12 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1886
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44E8 0
0 47ms
47ms Fetch
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM3DbrLAB5UbLqCnmw6PU9X8RXDKHj2J3qtQKOHpwh9fUj-S5oeGIhIVgKXGOyLwYo2KWECatslQdFaoFM86rCRcQ2W6cHlUcD3aM5cXZ_VOv562iVxbReemCNYKqytaU7ogjYlp2tVNiN95Rogsu03GcsDy6pc_FxUddfpmzLAbDksX4JstDca_n63yIluO_WTK8Dz3YxYcZpqgbPn4K2lBfyNbVuWjpUvJzfqFOj6yX_K-OdPYWXDiRS59IC0ZUUyo4HxBrT6XhxX1hSZqQ8GaT94u_a2uXRPAY&sai=AMfl-YSN0vpGbahFo3W9OgbeXL0RMjlSLwX7tVEsppaKtDqRMCwUM17Km6HKs6chDhtjsei6uC9RE-Ax1ZgjuZkTcS9YRJ5---aNtlBtzhZXnA&sig=Cg0ArKJSzKilGKBO7oEWEAE&urlfix=1&adurl=

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jan 2020 18:06:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:38 GMT

GET
H2 200 adj Show response
ice.360yield.com/ Frame 44E8 3 KB
2 KB 128ms
128ms Script
text/javascript 52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/adj?p=690659&w=980&h=300&&tz=-60
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 664882231c8f50ff7f98997fe71165e977139e1f3724f2ac623cf2bbaef440b0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:38 GMT
content-encoding: gzip
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 1662
content-type: text/javascript; charset=UTF-8

GET
H2 200 10915080810621675096
tpc.googlesyndication.com/simgad/ Frame C2BD 95 KB
95 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10915080810621675096

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

077cc1d2e333a501e19fb29c4884dbf73bc80baf379841159276ef836a2e4eff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 11 Jan 2020 23:09:33 GMT
x-content-type-options: nosniff
age: 327425
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 97682
x-xss-protection: 0
last-modified: Wed, 08 Jan 2020 13:12:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Jan 2021 23:09:33 GMT

GET
H2 200 16973159337687763644
tpc.googlesyndication.com/simgad/ Frame 9F7F 96 KB
96 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16973159337687763644

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

40f6872ad52d2393c2536bd5cd436fae04f629418c2ea3d78bf57f7ff391294a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 11 Jan 2020 23:09:33 GMT
x-content-type-options: nosniff
age: 327426
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 98489
x-xss-protection: 0
last-modified: Wed, 08 Jan 2020 13:12:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Jan 2021 23:09:33 GMT

GET
H2 200 glade.js Show response
securepubads.g.doubleclick.net/static/ Frame 44E8 31 KB
12 KB 46ms
45ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade.js

Requested by

Host: ice.360yield.com
URL: https://ice.360yield.com/adj?p=690659&w=980&h=300&&tz=-60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

8f7e82cf58cc0478f966b19539fdd4db04d2aee8cc867ad8a48a18e2b9ab619d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1533569005437780"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=1800, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12447
x-xss-protection: 0
expires: Wed, 15 Jan 2020 18:06:39 GMT

GET
H2

200

match
ad.360yield.com/ Frame 44E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEFWtXdFBQS2DKO2bw8jWTYU&google_cver=1

43 B
434 B

117ms
38ms

Image
image/gif

35.157.238.72
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEFWtXdFBQS2DKO2bw8jWTYU&google_cver=1
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:39 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:39 GMT
server: HTTP server (unknown)
location: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEFWtXdFBQS2DKO2bw8jWTYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/ Frame 44E8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5

43 B
508 B

39ms
39ms

Image
image/gif

35.157.238.72
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:39 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:39 GMT
x-aspnet-version: 4.0.30319
location: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204

ping_match.gif
pm.w55c.net/ Frame 44E8
Redirect Chain

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAA...
https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=ee39f2e8-7ca3-48af-b391-476e51fb6fdd&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AA...
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dimprove%26bsw_param%3D5d96080e-0a19-483a-a14c-b24d6f1...

0
548 B

147ms
35ms

Image
text/plain

52.57.21.24
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dimprove%26bsw_param%3D5d96080e-0a19-483a-a14c-b24d6f186c68
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.21.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-21-24.eu-central-1.compute.amazonaws.com
Software: PingMatch/v2.0.30-407-gd717b3a#rel-ec2-master i-0a69b4b7f75a7a18c@eu-central-1a@dxedge-app_eu-central-1_prod_asg /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:39 GMT
Cache-Control: no-cache, must-revalidate
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: PingMatch/v2.0.30-407-gd717b3a#rel-ec2-master i-0a69b4b7f75a7a18c@eu-central-1a@dxedge-app_eu-central-1_prod_asg
Connection: keep-alive
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"

Redirect headers

status: 302
date: Wed, 15 Jan 2020 18:06:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dimprove%26bsw_param%3D5d96080e-0a19-483a-a14c-b24d6f186c68
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
ice.360yield.com/ Frame 44E8
Redirect Chain

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA

43 B
628 B

44ms
43ms

Image
image/gif

52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:39 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:41 GMT
AN-X-Request-Uuid: 1bff09fd-63b3-4504-9e50-df709879c302
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.44.76.106; 185.44.76.106; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
match.360yield.com/ Frame 44E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7jny6HyjSK-zkUduUftv3Q&google_cm&publisher_dsp_id=340
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEvIf8QDyzzYplR4XpASVzc&google_cver=1

43 B
436 B

118ms
40ms

Image
image/gif

35.156.198.184
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEvIf8QDyzzYplR4XpASVzc&google_cver=1
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.198.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-198-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:39 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:39 GMT
server: HTTP server (unknown)
location: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEEvIf8QDyzzYplR4XpASVzc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp_pixel
ice.360yield.com/ Frame 44E8 43 B
403 B 42ms
41ms Image
image/gif 52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/imp_pixel?ic=4WPFe7dJTZiZEO9t6q7qfWozJaOgdDLRPl8Jf7nuuEDG.TzmvGj6VUVqQK..JEGbaBzvyUnuuGnhz3SM2obNixts2Vm46OYNA-O0EPzOED1PGsw.L.5ZPXpmg24L2tgtXm3vhe75Nit0c0w.XMoEp.Gp3e9LlWWrrpi7PWMERdDuwbrH4VVVIeFP7jZnlt2NmHF6KRjT8Y30Av38LnfTeUZvbTAFAyj2AWLX1R6pKO75HJUHdIrYHSKEQVsmauKcbgQsOROU4QNJ4N9GlHdrJ6DpiaBOmbwKW3z8Y1h9L7487bgmSQhdEt9yZCy2sMbhR.P.V5StXGLcDEKXWp3KTMm9rs8bZkWfeo.ycivPLrzGklJ9AycLCkeiLofEsiaZlIgTgepqytuGX3Um7R7wO2HiHn5Rgjq1K1Rn2iwvN2MMTUEO3OzKX82w9ErvUFdA69lnoHUyHqBqqzZ1ugeRd1AYZKnJVJwDe2QrHK.9jqs94vDe7zAb66Xb32671lR-jeV.xpTc5s2lTccco29aQpo0fQO9NLU3J3mHIA0h
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:39 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 44E8 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.startsiden.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 44E8 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.startsiden.no

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 18:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 0C1F 0
0 284ms
284ms Document
text/html 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1579111599073&output=html&iu=%2F36021320%2Fpassback%2Fstartsiden.no&sz=980x300&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1995403135142085&adk=1048742613&biw=1585&bih=1200&adx=302.5&ady=1094&oid=3&u_sd=1&ifi=1&vis=1&scp=passback%3Dimprove&nhd=1&url=https%3A%2F%2Fwww.startsiden.no%2F&top=https%3A%2F%2Fwww.startsiden.no%2F

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: securepubads.g.doubleclick.net
:scheme: https
:path: /gampad/ads?gdfp_req=1&glade_req=1&glv=36&dt=1579111599073&output=html&iu=%2F36021320%2Fpassback%2Fstartsiden.no&sz=980x300&guci=1.2.0.0.2.2.0&sfv=1-0-29&correlator=1995403135142085&adk=1048742613&biw=1585&bih=1200&adx=302.5&ady=1094&oid=3&u_sd=1&ifi=1&vis=1&scp=passback%3Dimprove&nhd=1&url=https%3A%2F%2Fwww.startsiden.no%2F&top=https%3A%2F%2Fwww.startsiden.no%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.startsiden.no/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlnNyRZQftfx2X1_piwcNVgmcX43RbwxHxRrAbZn7GEibOovemm5OI8IvZG
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.startsiden.no/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
google-lineitem-id: -1
google-creative-id: -1
date: Wed, 15 Jan 2020 18:06:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 8280
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 extra_36.js Show response
securepubads.g.doubleclick.net/static/glade/ Frame 44E8 7 KB
3 KB 37ms
37ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade/extra_36.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

109367238429c8fc53a824c10ea641b995d4d126422b626019ded05a3fc5a854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 15:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4760596
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3044
x-xss-protection: 0
last-modified: Mon, 06 Aug 2018 15:21:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 15:43:23 GMT

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 44E8 76 KB
28 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8d9fc936ceb932b83a9dc6c5a281870f931d687852ea14308fbabc4db9b644d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 15 Jan 2020 17:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28533
x-xss-protection: 0
server: cafe
etag: 6858335016135463762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Jan 2020 18:53:19 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame CC09 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2020010901.js?21065367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.startsiden.no/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.startsiden.no/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 15 Jan 2020 17:35:12 GMT
expires: Thu, 14 Jan 2021 17:35:12 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1887
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C2BD 42 B
112 B 15ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss03b-axIlFCGnRX9381dDGaMzrJdGAi0z9wV_PwVAa4-k3t8G8iY8tD_yt6-YwHIjBN7v4LfGusPd_XU9PcRA7nZPtF6tltaSw_dJE_oA&sig=Cg0ArKJSzOqjiX1FDDQnEAE&id=ampim&o=0,0&d=1000,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=99&tls=1099&g=100&h=100&tt=1099&r=v&adk=3694334802&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9F7F 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjDL2fW7aMCHiTDBz_Eod98IB0f8SyzIcsqGZHyLB94cL-cBE2Csx4Hi-vz2E1BFekxdcIWTW2SVF6d_-q5h96eb_s-L2BKaB7JZ4x68g&sig=Cg0ArKJSzLK0sKfOc7xtEAE&id=ampim&o=-167,0&d=1920,850&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=91&tls=1091&g=82.55208134651184&h=82.55208134651184&tt=1092&r=v&adk=1799844815&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ice.360yield.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA

43 B
712 B

39ms
39ms

Image
image/gif

52.28.33.202
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:41 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 15 Jan 2020 18:06:43 GMT
AN-X-Request-Uuid: 296f7f51-6297-4430-86ee-fa487cf500bf
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://ice.360yield.com/match?external_user_id=3840264809390402226&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.44.76.106; 185.44.76.106; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEPokuTE_xLKHwYBOxCu_Leg&google_cver=1

43 B
577 B

39ms
39ms

Image
image/gif

35.157.238.72
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEPokuTE_xLKHwYBOxCu_Leg&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:41 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:41 GMT
server: HTTP server (unknown)
location: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAAA&external_user_id=CAESEPokuTE_xLKHwYBOxCu_Leg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=cf1f31a2-ea84-4ebd-b585-b457b0f5918b&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5

43 B
505 B

39ms
39ms

Image
image/gif

35.157.238.72
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:41 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:41 GMT
x-aspnet-version: 4.0.30319
location: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=d57f2191-7a76-48c0-829a-bf126ba20ec5
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

match
match.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zx8xouqETr21hbRXsPWRiw&google_cm&publisher_dsp_id=340
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESECrR5WWwMBa2D-ivJnMoe-U&google_cver=1

43 B
580 B

39ms
39ms

Image
image/gif

35.156.198.184
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESECrR5WWwMBa2D-ivJnMoe-U&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.198.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-198-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:41 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Jan 2020 18:06:41 GMT
server: HTTP server (unknown)
location: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESECrR5WWwMBa2D-ivJnMoe-U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=cf1f31a2-ea84-4ebd-b585-b457b0f5918b&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOc_BjWOtMZDPCLAAAENC3-AAAAtTAA...
https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dimprove%26bsw_param%3D5d96080e-0a19-483a-a14c-b24d6f1...
https://x.bidswitch.net/sync?dsp_id=79&user_id=26eGZ5l71IRN3V5&expires=30&ssp=improve&bsw_param=5d96080e-0a19-483a-a14c-b24d6f186c68
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5d96080e-0a19-483a-a14c-b24d6f186c68

43 B
665 B

38ms
38ms

Image
image/gif

35.157.238.72
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5d96080e-0a19-483a-a14c-b24d6f186c68
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jan 2020 18:06:41 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Wed, 15 Jan 2020 18:06:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //ad.360yield.com/match?publisher_dsp_id=191&external_user_id=5d96080e-0a19-483a-a14c-b24d6f186c68
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 105ms
104ms Image
image/gif 52.45.19.11
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=startsiden.no&p=%2F&u=26yb4BuO-4gBGwy7p&d=startsiden.no&g=19674&g0=Frontpage&g1=Startsiden&n=1&f=00001&c=0.25&x=0&m=0&y=4061&o=1596&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1068&t=DJYFbeDWjZt5DgKEGGDmWIzRCD8h0v&V=118&tz=-60&sn=2&sv=tldLLCNZRmwYfLjnByNrr5BEPK4j&sd=1&im=06532c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.19.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-45-19-11.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.startsiden.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 15 Jan 2020 18:06:53 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.startsiden.no/	1970-01-19 16:07:19	Name: _chartbeat2 Value: .1579111598430.1579111598430.1.tldLLCNZRmwYfLjnByNrr5BEPK4j.1
.startsiden.no/	1970-01-19 06:38:31	Name: _dc_gtm_UA-27825163-20 Value: 1
www.startsiden.no/	1970-01-19 06:38:33	Name: _cb_svref Value: null
.startsiden.no/	1970-01-20 00:09:43	Name: _ga Value: GA1.2.1761347290.1579111598
.startsiden.no/	1970-01-19 06:38:31	Name: _dc_gtm_UA-27825163-3 Value: 1
www.startsiden.no/	1970-01-19 16:07:19	Name: _cb Value: 26yb4BuO-4gBGwy7p
.startsiden.no/	1970-01-19 06:38:31	Name: _dc_gtm_UA-27825163-16 Value: 1
.startsiden.no/	1970-01-19 06:39:57	Name: _gid Value: GA1.2.1208558469.1579111598
www.startsiden.no/	1970-01-19 16:07:19	Name: _cb_ls Value: 1
.startsiden.no/	1970-01-19 06:58:41	Name: Abgroup Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	(Line 2) Message: [GTM Disclaimer popup]: issue reading stored data
console-api	error	(Line 2) Message: [GTM Disclaimer popup]: issue reading stored data
console-api	info	URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 412) Message: Powered by AMP ⚡ HTML – Version 1912050130240 https://www.startsiden.no/
console-api	info	URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 412) Message: Powered by AMP ⚡ HTML – Version 1912050130240 https://www.startsiden.no/
console-api	log	(Line 1) Message: [ad perf] Ad ad-topbanner is viewable after 2651.2850001454353ms
console-api	log	(Line 1) Message: [ad perf] Ad ad-wallpaper is viewable after 2665.2049981057644ms
console-api	log	(Line 1) Message: [ad perf] Ad ad-rectangle is viewable after 2974.61000084877ms
console-api	log	(Line 1) Message: [ad perf] Ad ad-middlebanner-frontpage is viewable after 3585.274998098612ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
aic.essrtb.com
cdn.ampproject.org
cdn.jsdelivr.net
cm.g.doubleclick.net
fastlane.rubiconproject.com
ib.adnxs.com
ice.360yield.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
pagead2.googlesyndication.com
ping.chartbeat.net
pm.w55c.net
presizely.abcmedia.no
sb.scorecardresearch.com
securepubads.g.doubleclick.net
startsiden.no
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.startsiden.no
x.bidswitch.net
172.217.23.98
185.33.223.202
213.19.162.51
216.58.205.226
23.11.238.95
2600:9000:20eb:d200:18:1fcd:349:ca21
2a00:1450:4001:814::2001
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a04:4e42:3::621
2a04:4e42:3::714
35.156.198.184
35.157.238.72
37.157.2.239
52.18.161.147
52.18.90.190
52.28.33.202
52.29.180.59
52.45.19.11
52.57.21.24
87.238.33.153
87.238.33.154
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
077cc1d2e333a501e19fb29c4884dbf73bc80baf379841159276ef836a2e4eff
0d5ab037d9dc1e3eb1c24199d1a0f54765f4125aea3cb8c60f671817d9d750e5
109367238429c8fc53a824c10ea641b995d4d126422b626019ded05a3fc5a854
19ca0824899dadaa309023ef7b4a0f316328b64f3865f1cf317184b0b470acd8
1cc73be67c45f1d36abb78716c77a65fda71878207fc1bb6e7431498f6d270c1
25d78e5a6d0b6eabedb79a84a0004089e75b8f8113f44c6e05659118b60fab56
291113fcb8c57dfa367751660ca821ad55d536ace1d4c79ea47c56f0d56b6eb4
2d901f1ef5c8ca6529c2901b44fe5f338c901c860551b30c80966cbdfa3c8a1c
39dbcc05da037cbda19c5d28c7478284a06de4e15ff13bd330e4237775c0187a
40f6872ad52d2393c2536bd5cd436fae04f629418c2ea3d78bf57f7ff391294a
437e39bc20703ecbc8ea2bc2032c4f1aa8a8bad9a5d6ac7aa7532f0e495b2f94
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5ba3c8170a52111f943f474e6a77caafdab6f36f1c42a928e0eb07b1231caa54
5d3061a37f7bb906f1c2ed329994e93afdd667096a9254f7bd21f04243abb6fb
5da24affead2f791d5d3e878907007f053f8e2eb657cccd3ce1df5bb5cf55f27
63a15860f730ff2376bd331a420fbf500cb403ab38a553719e98ce5736a753b2
64717f7fd498b7e8c152871185351a98fe79662d92e337cec7eadf6026786465
664882231c8f50ff7f98997fe71165e977139e1f3724f2ac623cf2bbaef440b0
67c46d10f11494a5524d685d2434f9e22758e70bc2b21018dd0636a0ba9e1911
6c285c19ef4b5cab8394f472c2b1165a7d2a91f6df694d948e52d0b175de2ed9
77cf4280f3cd1acafbb00b5657dfb5fb35270a0f387ed8b5148be3418b5043a8
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7a97dfc3b7129d28f5ab5ee7a46fd436c9b5c719e5003c83e9ed8a26d3609280
81b68a58a4201ad3a7fe7ea0475c0b704182b9a7369d9246360c97a3ae8b77f0
8202a9c729ccd151819ae29c9daea5014a743e77b5e177bb1f5a75fb1551bda4
829cfef761f99bcdcde2b2f65214828467fba77e865043df39e86ba2fff3e163
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847dd4fd0a3fb792dd09c236b5d7ebb08db928a35a9f248ced4bb31d033880d3
86b75c3a858dbefe8b533e0c3adbd539343415745e9f2183605a9aa76bc590f2
89a33b049d86409c48d7bf480a19053ae6edbeb4d0d8dd7f8e20a65ee7422415
8c1ac452505cb5a22ce8ba1dacf186cea7bf5977144dfa18f78af180e63c8257
8d9fc936ceb932b83a9dc6c5a281870f931d687852ea14308fbabc4db9b644d9
8f56725a9d5096bdc83b67fbaf2b5219f37467307e978f6c9f79fad0bd68bfa3
8f7e82cf58cc0478f966b19539fdd4db04d2aee8cc867ad8a48a18e2b9ab619d
942c5788119ab01edf42657c450b07237d87c38cd28fe7689a3167e37d973689
963fcb988b20aab620c07ed4f0d88bd648d860012589e213b87549e289ebc15b
a626735f90a40bf77629f9a607fd44045eff95124f50ec19052ed381303db673
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
ab856b5203ff7aae954d0d3f1a80b52429a622f64462321b99bcde9025aea23f
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
abe70fdcb54788e98af3b51f414ce62f8fe683943dc341a5b5f0abc0330b0522
b018ed2e60a3b82cbd7ee9ebeab3b679ca98783774ebc89789d3d1b66532f863
b0329be564adb4ed14f7025fddd1296301ca4cea013515253dcaf6cf919ae2d8
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
b300d0276c7868927f2bef1667b65282738af63b1371237f437906ed700e8ac3
b366170ccf61a179ffbee96071361400aa20dba9999f599967a0c3c4385779e5
b89857075f17e52969b044562c648d7010f3edb1e99f61fa358c0ef5d9776a34
b8a3051487f11e724b6101686eab00579e022ef65bf1346e7297e2d743c1de8c
baa2b39edf18c7217fba5a5108d74bdbb92f40006223a5e6116abb77640a655b
be76760d2bfb3e77494da10bf0a5353b09ddf546af0e07109358c8da3cda9899
c0f7139f548b3fbc8b657816d0a400df25969e3665aac41257c21f86c0387397
c1a8fae5a37decfdfdf9d95363df7925c658ce987c3800989b4aefef1092220b
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c2619dce5821fc75e82e5e3852540f1a1157dd1bb65834db8f493da21e5d2c19
c5a3709fcb8d0ef77f5f1828b0aa005cfa2c9497e1d5b80ddf3a7330a979f9fc
cbc9194ab4380360aed1dc3b2d2f8a26a7396428a54bc84a3e956f54a8f05807
cc114d9b5c4c6356901c6e21caaa847a30fd3144081bdcdca61b3d4fe471c8bd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d99b171c7066835bb298e28472abcc72f8b888db4fb0636279e38c7cf475f1af
d9a42b1be7c7347edc3bf0010f98fc85fe457812bbecd43f0517187fe5a65643
db0d80cb7be5102e2a824e83c243808c072c965a3ab6705095c4c11dc2e9aac7
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e192e352eb76585e59398a60563cab83bc7a4a36e80d345ab7d7418df4ee9b85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed55b221ca778e48d7ab1f31e741195b700a10dd191e361c64b8973b5c0f010a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34e8b6e3881a19e69c675928a536fcb0f924e70d5d84214e9ef585a1c6203f2
f78c6464e123a532ffd370df26233b2fdea5c0ff6dfe8fdeec58da5856f3db45
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

www.startsiden.no Open in urlscan Pro 87.238.33.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

45 %IPv6

23 Domains

31 Subdomains

26 IPs

9 Countries

1465 kBTransfer

3415 kBSize

10 Cookies

34 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.startsiden.no Open in urlscan Pro
87.238.33.153 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

45 %
IPv6

23
Domains

31
Subdomains

26
IPs

9
Countries

1465 kB
Transfer

3415 kB
Size

10
Cookies

109 HTTP transactions
3 data transactions