Submitted URL: http://vg.no/
Effective URL: https://www.vg.no/
Submission: On November 18 via manual from NO — Scanned from DE

Summary

This website contacted 33 IPs in 5 countries across 18 domains to perform 178 HTTP transactions. The main IP is 2001:67c:21e0::16, located in Norway and belongs to REDPILL-LINPRO Redpill Linpro, NO. The main domain is www.vg.no.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 5th 2021. Valid for: 3 months.
This is the only time www.vg.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 55 2001:67c:21e0... 39029 (REDPILL-L...)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 13.226.145.15 16509 (AMAZON-02)
2 2001:67c:21e0::c 39029 (REDPILL-L...)
5 2001:67c:21e0... 39029 (REDPILL-L...)
2 34.248.46.110 16509 (AMAZON-02)
1 13.226.145.90 16509 (AMAZON-02)
4 192.0.78.192 2635 (AUTOMATTIC)
1 5 13.53.178.57 16509 (AMAZON-02)
1 37.252.173.215 29990 (ASN-APPNEX)
2 13.226.156.164 16509 (AMAZON-02)
4 151.139.128.11 20446 (HIGHWINDS3)
1 13.226.145.17 16509 (AMAZON-02)
2 23.100.50.51 8075 (MICROSOFT...)
2 13.49.191.63 16509 (AMAZON-02)
2 3 37.252.172.37 29990 (ASN-APPNEX)
1 13.226.145.49 16509 (AMAZON-02)
2 13.53.106.136 16509 (AMAZON-02)
12 2.18.232.130 16625 (AKAMAI-AS)
12 37.252.172.123 29990 (ASN-APPNEX)
6 142.250.186.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2.18.233.67 16625 (AKAMAI-AS)
2 148.251.47.75 24940 (HETZNER-AS)
2 136.243.36.130 24940 (HETZNER-AS)
6 213.239.192.170 24940 (HETZNER-AS)
6 144.76.218.118 24940 (HETZNER-AS)
178 33
Domain Requested by
54 www.vg.no www.vg.no
12 fra1-ib.adnxs.com acdn.adnxs.com
cdn.adnxs.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 cmp.vg.no www.vg.no
cmp.vg.no
8 akamai.vgc.no www.vg.no
6 b14.s372.meetrics.net
6 b200.s372.meetrics.net
6 securepubads.g.doubleclick.net acdn.adnxs.com
securepubads.g.doubleclick.net
www.vg.no
6 acdn.adnxs.com www.vg.no
acdn.adnxs.com
5 cis.schibsted.com 1 redirects www.vg.no
5 redutv-api.vg.no www.vg.no
4 s372.mxcdn.net acdn.adnxs.com
s372.mxcdn.net
4 cdn.adnxs.com securepubads.g.doubleclick.net
acdn.adnxs.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 info.privacy.schibsted.com www.vg.no
3 secure.adnxs.com 2 redirects www.vg.no
3 log.medietall.no www.vg.no
log.medietall.no
2 s372.meetrics.net s372.mxcdn.net
2 stat.meetrics.net s372.mxcdn.net
2 crcdn01.adnxs-simple.com acdn.adnxs.com
2 www.google.com tpc.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 collector.schibsted.io www.vg.no
2 cis.vg.no www.vg.no
2 d3iwtia3ndepsv.cloudfront.net www.vg.no
2 imbo.vgc.no www.vg.no
1 f533b6ab3f758e64d3a5232da9a146bf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c60d7171657617802cc0f343061a7f21.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 user-permissions.privacy.schibsted.com www.vg.no
1 sch-map.norstatsurveys.com
1 cl.k5a.io log.medietall.no
1 session-service.payment.schibsted.no www.vg.no
1 cookie.norstatsurveys.com
1 cogwheel.inventory.schibsted.io www.vg.no
1 ib.adnxs.com www.vg.no
1 static.privacy.schibsted.com www.vg.no
1 id.vg.no www.vg.no
1 vg.no 1 redirects
0 www.googletagservices.com Failed securepubads.g.doubleclick.net
178 40
Subject Issuer Validity Valid
vg.no
ZeroSSL RSA Domain Secure Site CA
2021-10-05 -
2022-01-03
3 months crt.sh
akamai.vgc.no
R3
2021-10-11 -
2022-01-09
3 months crt.sh
cmp.aftenbladet.no
R3
2021-10-20 -
2022-01-18
3 months crt.sh
vgc.no
ZeroSSL RSA Domain Secure Site CA
2021-10-05 -
2022-01-03
3 months crt.sh
id.vg.no
R3
2021-11-12 -
2022-02-10
3 months crt.sh
privacy.schibsted.com
Amazon
2021-10-30 -
2022-11-27
a year crt.sh
tls.automattic.com
R3
2021-11-06 -
2022-02-04
3 months crt.sh
cis.schibsted.com
Amazon
2021-07-09 -
2022-08-07
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
log.medietall.no
R3
2021-11-13 -
2022-02-11
3 months crt.sh
*.inventory.schibsted.io
Amazon
2021-08-21 -
2022-09-19
a year crt.sh
*.norstat.no
DigiCert SHA2 Secure Server CA
2020-02-25 -
2022-04-26
2 years crt.sh
session-service.payment.schibsted.no
R3
2021-11-12 -
2022-02-10
3 months crt.sh
cis.vg.no
Amazon
2021-07-14 -
2022-08-12
a year crt.sh
cl.k5a.io
R3
2021-10-16 -
2022-01-14
3 months crt.sh
user-permissions.privacy.schibsted.com
Amazon
2021-11-10 -
2022-12-08
a year crt.sh
collector.schibsted.io
Amazon
2021-07-13 -
2022-08-11
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-03-11 -
2022-02-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.de
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.mxcdn.net
DigiCert SHA2 Secure Server CA
2021-10-16 -
2022-10-18
a year crt.sh
meetrics.net
R3
2021-09-22 -
2021-12-21
3 months crt.sh

This page contains 16 frames:

Primary Page: https://www.vg.no/
Frame ID: 8D907C09D315592CB75487B396FA92FB
Requests: 89 HTTP requests in this frame

Frame: https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
Frame ID: 44984FEB345F690B962B353AB4B747C1
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Frame ID: 53E239BAA248B950CBF96277C460140D
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Frame ID: 68D764388EFD0664F50B4AEF6CD51532
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 66CE0759C407433555C8414DDADA7BCE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 58F4E24EE289911523586368408B4A39
Requests: 8 HTTP requests in this frame

Frame: https://c60d7171657617802cc0f343061a7f21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 0FFCC4929EBE66A34051D085C9E36678
Requests: 1 HTTP requests in this frame

Frame: https://f533b6ab3f758e64d3a5232da9a146bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 8B6F463CD8F666BABD562B37CDFE01A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BBF4D1D7FC00EF975DE38A645CC872F7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F9944CCA088562F5BE8ECC5AC6D2AF5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 270C988CB1D3EF8C2FE36B7119A9FDEE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C058AF5342640D1AEDF990FA1C7AC6E8
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCD1yy3ARK7q6acPKH_cBgEGeE0gPLmeK1fsGU_mTjKHc5gPk37QpQDSejLQiTi9lxf8piywIPV0Pxo4WCFXCA3lr4bTcx8JdhcWGfNjUeoSKwMzXCFNnqZ_iunCvORKBEblXoEBAdk6s6j55w7wXOh57MMze-eWhajxhPPtyA__pCNtZsB4rUUQHHhnPkA7abj-2vrT0bx1fQQLLrupfzNZYUcjgHyqDDUp8prsdaDGzppOd-1lbx1ehlvtvtIzJrFWeAuA4080sBwobzk8Ya4rF_XqOardk9Vq53ZzQ15e-DcM_-56iO6BDgHg7CxdeEKnpWv7O80CmB3TxQLiJ80rc63Q&sig=Cg0ArKJSzFPxVHLBbB3oEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 19AF051DA937D7DB70304ACA05B84A9A
Requests: 3 HTTP requests in this frame

Frame: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Frame ID: A07E80ACFE368A934B26690280F7EC6E
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE-2TAiV5kf01IPr-Q_7ZLxHqQbJdul9ALC_lZjh2kphac1-wMgmhZY4yAEW_-gIsN294lxxVZi-x1PjDR71mNJ3xP7oqJM1EUrubo3SQl38sZYSiApXilxKYRsQTG31sNXGu7BAnoqqNPnUgyMRbpkHlG1FDT910t_Q30uZ5hNynocV_Aqzi3WxmruiKiD-1taVTHivgYGHPyMLcMDBjWWBF9GbYgwBdpPmhSYR9eeiT-L4IPOmXV_D5oY7opbqPCIZUSFeM_HvxzL8Som7OTb72fh23JlyMycX6cB5YT28zrs5nqqPVTXsbMiUyAy5-qz_5VgrL5GfGKvGsTeKqduw&sig=Cg0ArKJSzC-wN_o9StPwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FCE2F6B117374AE650992E7B62ADD69E
Requests: 3 HTTP requests in this frame

Frame: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Frame ID: D2CE85585A7575A12DDD18AEC4BDEA0A
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Nyheter fra Norges mest leste nettavis – VGSchibstedSchibsted

Page URL History Show full URLs

  1. http://vg.no/ HTTP 301
    https://www.vg.no/ Page URL

Page Statistics

178
Requests

97 %
HTTPS

31 %
IPv6

18
Domains

40
Subdomains

33
IPs

5
Countries

2165 kB
Transfer

4866 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vg.no/ HTTP 301
    https://www.vg.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://secure.adnxs.com/getuid?https://cis.schibsted.com/api/v1/sync?ANID=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcis.schibsted.com%2Fapi%2Fv1%2Fsync%3FANID%3D%24UID HTTP 302
  • https://cis.schibsted.com/api/v1/sync?ANID=3532505006766251240 HTTP 302
  • https://sch-map.norstatsurveys.com/api/nids/schibsted/map/3532505006766251240?alias=3db8ce1e-3844-43da-b152-524e5cea0ef8

178 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.vg.no/
Redirect Chain
  • http://vg.no/
  • https://www.vg.no/
629 KB
54 KB
Document
General
Full URL
https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
977282790cf5afdf33dede4feed4bab854498e61c6226f9d036059070b64e0e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://admarket.no https://admarket.schibsted.se
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-type
text/html; charset=UTF-8
content-length
53540
cache-control
max-age=0, must-revalidate, public
link
<https://www.vg.no/vgc/font-spesial/AustinNewsDeck/AustinNewsDeck-Bold-Web.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://www.vg.no/vgc/font-spesial/AustinNewsDeck/AustinNewsDeck-BoldItalic-Web.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://www.vg.no/vgc/font-spesial/frimand-fonts/druk201013/DrukText-Bold-Web.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://akamai.vgc.no>; rel=preconnect, <https://imbo.vgc.no>; rel=preconnect; crossorigin=anonymous, <https://smp.vgc.no>; rel=preconnect; crossorigin=anonymous, <https://id.vg.no>; rel=preconnect, <https://direkte.vg.no>; rel=preconnect; crossorigin=anonymous, <https://api.vg.no>; rel=preconnect, <https://api.vg.no>; rel=preconnect; crossorigin=use-credentials, <https://cdn.svp.schibsted.io>; rel=preconnect, <https://collector.schibsted.io>; rel=preconnect, <https://id.vg.no>; rel=preconnect; crossorigin=use-credentials, <https://akamai.vgc.no/drfront/images/2021/11/18/c=82,827,5355,2047;w=1080;h=413;646553.jpg>; rel=preload; as=image;, <https://akamai.vgc.no/drfront/images/2021/11/18/c=364,0,4864,3242;w=1080;h=720;646575.jpg>; rel=preload; as=image;, <https://akamai.vgc.no/drfront/images/2021/11/01/c=1237,924,3981,2133;w=462;h=248;642732.jpg>; rel=preload; as=image;, <https://www.vg.no/vgc/cdn/vg-nav/main.1.3.73.css>; rel=preload; as=style, <https://www.vg.no/vgc/frimand/css/app.3633fe85.css>; rel=preload; as=style, <https://www.vg.no/vgc/frimand/css/front.10ff5288.css>; rel=preload; as=style
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1
content-security-policy
frame-ancestors https://admarket.no https://admarket.schibsted.se
etag
"0bfe297f9f4a4c1901b302acc0a30d7d-br"
bfcache-opt-in
unload
content-encoding
br
x-varnish-director
vg_frimand_director_goto
vary
Accept-Encoding,User-Agent
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
strict-transport-security
max-age=15552000
x-vg-webcache
oa68-varnish-04
x-cache
HIT:408
x-age
14
age
0
accept-ranges
bytes
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no

Redirect headers

Date
Thu, 18 Nov 2021 18:56:53 GMT
Server
Varnish
X-Varnish
164725929
location
https://www.vg.no/
Content-Length
0
Connection
keep-alive
AustinNewsDeck-Bold-Web.woff2
www.vg.no/vgc/font-spesial/AustinNewsDeck/
36 KB
36 KB
Font
General
Full URL
https://www.vg.no/vgc/font-spesial/AustinNewsDeck/AustinNewsDeck-Bold-Web.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8d7a8b7f69f05b37dfa175b4c42750f4df6d49a34f3aea9f28f1d835247616cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
vary
User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:13969715
x-vg-webcache
u89-varnish-04
x-age
3229214
content-length
36740
x-varnish-director
static_web
last-modified
Tue, 02 Jan 2018 10:26:45 GMT
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:56:38 GMT
AustinNewsDeck-BoldItalic-Web.woff2
www.vg.no/vgc/font-spesial/AustinNewsDeck/
43 KB
43 KB
Font
General
Full URL
https://www.vg.no/vgc/font-spesial/AustinNewsDeck/AustinNewsDeck-BoldItalic-Web.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
477237f0d6e9a3c22af6f156fbd454f8e5402da834b9894d5e603224dcd15c0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
vary
User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:7869289
x-vg-webcache
oa68-varnish-04
x-age
3232050
content-length
44048
x-varnish-director
static_web
last-modified
Tue, 02 Jan 2018 10:26:45 GMT
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:09:22 GMT
DrukText-Bold-Web.woff2
www.vg.no/vgc/font-spesial/frimand-fonts/druk201013/
38 KB
38 KB
Font
General
Full URL
https://www.vg.no/vgc/font-spesial/frimand-fonts/druk201013/DrukText-Bold-Web.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
562a9943ecf88b927abaed4fcb6ab83d7fce6c32ce441ddab8110eef47fbd0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
vary
User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:18705457
x-vg-webcache
u89-varnish-01
x-age
3230900
content-length
38488
x-varnish-director
static_web
last-modified
Wed, 14 Oct 2020 06:15:04 GMT
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:28:32 GMT
c=82,827,5355,2047;w=1080;h=413;646553.jpg
akamai.vgc.no/drfront/images/2021/11/18/
74 KB
75 KB
Image
General
Full URL
https://akamai.vgc.no/drfront/images/2021/11/18/c=82,827,5355,2047;w=1080;h=413;646553.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
70808a75b619428904e5332c8f40b7f2fe2d0ac46bf305e49a0c3dd41e9dc396

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-vg-webcache
u89-varnish-04
x-age
2
content-length
76277
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Thu, 18 Nov 2021 18:36:09 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 17 May 2022 18:36:13 GMT
c=364,0,4864,3242;w=1080;h=720;646575.jpg
akamai.vgc.no/drfront/images/2021/11/18/
144 KB
145 KB
Image
General
Full URL
https://akamai.vgc.no/drfront/images/2021/11/18/c=364,0,4864,3242;w=1080;h=720;646575.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3a3d4c24978381df0a553fa8a5773f33993233961fbeaeb2524697b5f001ba82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-vg-webcache
oa68-varnish-01
x-age
1
content-length
147421
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Thu, 18 Nov 2021 18:55:34 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 17 May 2022 18:55:39 GMT
c=1237,924,3981,2133;w=462;h=248;642732.jpg
akamai.vgc.no/drfront/images/2021/11/01/
19 KB
19 KB
Image
General
Full URL
https://akamai.vgc.no/drfront/images/2021/11/01/c=1237,924,3981,2133;w=462;h=248;642732.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
db43c41720faff632295f171e2ffaecfea382e4bdba292c730cb0150a16eff9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-vg-webcache
oa68-varnish-01
x-age
0
content-length
18992
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Thu, 18 Nov 2021 17:54:59 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 17 May 2022 17:55:08 GMT
main.1.3.73.css
www.vg.no/vgc/cdn/vg-nav/
16 KB
4 KB
Stylesheet
General
Full URL
https://www.vg.no/vgc/cdn/vg-nav/main.1.3.73.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
a8429ec729fa51e37604449d8ce24188b691698eba74747a58e37b627a911063
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:395382
x-vg-webcache
oa68-varnish-01
x-age
27436
content-length
3331
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Thu, 18 Nov 2021 08:29:57 GMT
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Tue, 17 May 2022 11:19:36 GMT
app.3633fe85.css
www.vg.no/vgc/frimand/css/
38 KB
7 KB
Stylesheet
General
Full URL
https://www.vg.no/vgc/frimand/css/app.3633fe85.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
0a6fc17c48be1a66d64aacdf63c2850a1c33cd831a39d5c5041d16a6cd66a48d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:5223658
x-vg-webcache
u89-varnish-04
x-age
548283
content-length
6699
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Fri, 12 Nov 2021 10:35:53 GMT
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Wed, 11 May 2022 10:38:49 GMT
front.10ff5288.css
www.vg.no/vgc/frimand/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://www.vg.no/vgc/frimand/css/front.10ff5288.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
826e6630d4bb6ce5ef2ab1b84004b0cddb7c12f4e319cfc4be63c238942a8e1a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:26601038
x-vg-webcache
u89-varnish-04
x-age
3142894
content-length
4187
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Wed, 13 Oct 2021 09:53:13 GMT
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 11 Apr 2022 09:55:18 GMT
ast-patched.js
www.vg.no/vgc/cdn/js/libs/ast/0.33.0/
85 KB
28 KB
Script
General
Full URL
https://www.vg.no/vgc/cdn/js/libs/ast/0.33.0/ast-patched.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8d1a2bfb93fc1852c23e2d6aacc28e4ade090e40768f2b9e6c205c34189e4569
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:9362517
x-vg-webcache
oa68-varnish-01
x-age
1050353
content-length
28628
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Sat, 06 Nov 2021 15:05:18 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Thu, 05 May 2022 15:10:59 GMT
messagingNoTcfApi.js
cmp.vg.no/
79 KB
25 KB
Script
General
Full URL
https://cmp.vg.no/messagingNoTcfApi.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
822fa6bcd41ae4699f7666b4eb093dbb2080c69ccf88e70e4e1d9645641cd23b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:52:10 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 18:52:27 GMT
server
AmazonS3
age
288
etag
W/"8987d23d110a1ae3e470cc17b5edfad3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
gbH5JmGpedLoyJhBC2v6pQfYckuXqkf-Iso2GphU9iqnqh8V7vKMNg==
frimand-coronabox.750d0314.chunk.js
www.vg.no/vgc/frimand/js/
21 KB
8 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-coronabox.750d0314.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
668e9be9abe1eee8b22cadc0152c5947ab12438dfea7be3fb1897b7d45dca1cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:5122879
x-vg-webcache
oa68-varnish-04
x-age
548265
content-length
7517
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Fri, 12 Nov 2021 10:35:50 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Wed, 11 May 2022 10:39:08 GMT
frimand-coronabox.750d0314.css
www.vg.no/vgc/frimand/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.vg.no/vgc/frimand/css/frimand-coronabox.750d0314.css
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
df1fab99aefdb8ede901868006e2a38080d1f563e6771f3081b6b8ab96b6d964
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:5035581
x-vg-webcache
u89-varnish-01
x-age
548265
content-length
2606
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Fri, 12 Nov 2021 10:35:53 GMT
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Wed, 11 May 2022 10:39:08 GMT
app.48ed8aee.js
www.vg.no/vgc/frimand/js/
38 KB
10 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
0c8a236376461b0a2372fd814306c5f2d4ab7a4460969c4f40032877a068788f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:149175
x-vg-webcache
u89-varnish-01
x-age
4865
content-length
9652
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Thu, 18 Nov 2021 17:33:14 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
https://www.vg.no
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Tue, 17 May 2022 17:35:48 GMT
c=152,0,1031,941;w=527;h=480;646563.jpg
akamai.vgc.no/drfront/images/2021/11/18/
29 KB
29 KB
Image
General
Full URL
https://akamai.vgc.no/drfront/images/2021/11/18/c=152,0,1031,941;w=527;h=480;646563.jpg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e1c83a05d100111d4d432b65d950c729a4ef87e740a82983434765b93759142f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
oa68-tlsproxy-01.int.vgnett.no
x-vg-webcache
u89-varnish-04
x-age
0
content-length
29630
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Thu, 18 Nov 2021 18:35:19 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 17 May 2022 18:35:24 GMT
c=276,0,785,822;w=527;h=551;646574.jpg
akamai.vgc.no/drfront/images/2021/11/18/
35 KB
36 KB
Image
General
Full URL
https://akamai.vgc.no/drfront/images/2021/11/18/c=276,0,785,822;w=527;h=551;646574.jpg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6eca66032ec1abb2a3c45931cd6238073d1152a341328bcbb80870731ec25c91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-vg-webcache
u89-varnish-04
x-age
0
content-length
36222
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Thu, 18 Nov 2021 18:54:56 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 17 May 2022 18:54:59 GMT
Inter-roman.var.subset.woff2
www.vg.no/vgc/font-spesial/Inter/3.15/
41 KB
41 KB
Font
General
Full URL
https://www.vg.no/vgc/font-spesial/Inter/3.15/Inter-roman.var.subset.woff2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
e793402f00190c189be5fa4a77cce2489798d6b5f72f28b0c626eb25e378f74a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
vary
User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:12992971
x-vg-webcache
u89-varnish-04
x-age
3229214
content-length
41664
x-varnish-director
static_web
last-modified
Fri, 09 Oct 2020 13:22:36 GMT
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:56:39 GMT
AustinNewsDeck-MediumItalic-Web.woff2
www.vg.no/vgc/font-spesial/AustinNewsDeck/
44 KB
44 KB
Font
General
Full URL
https://www.vg.no/vgc/font-spesial/AustinNewsDeck/AustinNewsDeck-MediumItalic-Web.woff2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
856c60d09d765fe3fbf3ee796341cda6204242b4f5b4891d84adb601076d4448
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
vary
User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:6891080
x-vg-webcache
u89-varnish-01
x-age
3230899
content-length
44880
x-varnish-director
static_web
last-modified
Tue, 02 Jan 2018 10:26:45 GMT
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:28:33 GMT
t.gif
akamai.vgc.no/gfx/
43 B
390 B
Image
General
Full URL
https://akamai.vgc.no/gfx/t.gif
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-vg-webcache
oa68-varnish-04
x-age
80486
content-length
43
x-vg-webserver
static-web-02
last-modified
Mon, 23 Nov 2009 00:30:20 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 29 Jul 2021 05:53:36 GMT
vgtv_play_simple.svg
www.vg.no/vgc/frimand/gfx/icons/
470 B
708 B
Image
General
Full URL
https://www.vg.no/vgc/frimand/gfx/icons/vgtv_play_simple.svg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
747f0b34c7513b45075f2dd526c6f0259615a0a00a7d9f927f96905ea04f2fa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3961024
x-vg-webcache
oa68-varnish-04
x-age
2015919
content-length
305
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 26 Oct 2021 10:55:57 GMT
strict-transport-security
max-age=15552000
content-type
image/svg+xml
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 24 Apr 2022 10:58:13 GMT
c=18,15,1189,651;w=654;h=358;645182.jpg
akamai.vgc.no/drfront/images/2021/11/12/
33 KB
34 KB
Image
General
Full URL
https://akamai.vgc.no/drfront/images/2021/11/12/c=18,15,1189,651;w=654;h=358;645182.jpg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02664811e98693eab8f98e6d8631b20e20da468123d339c5cbaf8a054e7002f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-vg-webcache
u89-varnish-04
x-age
0
content-length
34145
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Mon, 15 Nov 2021 20:40:44 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 17 May 2022 06:17:31 GMT
direkte-widget.18128e90.css
www.vg.no/vgc/direkte-widget/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.vg.no/vgc/direkte-widget/direkte-widget.18128e90.css
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
15bc6829385e8b00d3cbfc40c644219f163b4ff2efeb36d04d576d4667dd30b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:26526691
x-vg-webcache
u89-varnish-04
x-age
3229214
content-length
1486
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Mon, 11 Oct 2021 14:03:29 GMT
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:56:38 GMT
AustinNewsDeck-Roman-Web.woff2
www.vg.no/vgc/font-spesial/AustinNewsDeck/
43 KB
43 KB
Font
General
Full URL
https://www.vg.no/vgc/font-spesial/AustinNewsDeck/AustinNewsDeck-Roman-Web.woff2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8e311a00cc0f077fed2cbfb9d3b8686761181a8cc51b01cc0e392cf199c88ad5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
vary
User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:6251955
x-vg-webcache
oa68-varnish-01
x-age
3233633
content-length
44084
x-varnish-director
static_web
last-modified
Tue, 02 Jan 2018 10:26:45 GMT
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 08:42:59 GMT
pluss.svg
www.vg.no/vgc/frimand/gfx/icons/
414 B
717 B
Image
General
Full URL
https://www.vg.no/vgc/frimand/gfx/icons/pluss.svg?x=2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8d39bf2d8403b3cd1d98bcb9d9133e6a1d286fd376159f7b8b5fad1101ec292b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:4217267
x-vg-webcache
oa68-varnish-04
x-age
2015920
content-length
314
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 26 Oct 2021 10:55:57 GMT
strict-transport-security
max-age=15552000
content-type
image/svg+xml
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 24 Apr 2022 10:58:13 GMT
AustinNewsDeck-Italic-Web.woff2
www.vg.no/vgc/font-spesial/AustinNewsDeck/
44 KB
44 KB
Font
General
Full URL
https://www.vg.no/vgc/font-spesial/AustinNewsDeck/AustinNewsDeck-Italic-Web.woff2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
dfa50bfc9666a5dd09e2378cb51dd42d3aa16acdb3024db7e999f6a8c36058e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.vg.no/
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
vary
User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:4918907
x-vg-webcache
u89-varnish-01
x-age
3101885
content-length
44852
x-varnish-director
static_web
last-modified
Tue, 02 Jan 2018 10:26:45 GMT
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 11 Apr 2022 21:18:47 GMT
vg-logo.svg
www.vg.no/vgc/frimand/gfx/icons/
829 B
888 B
Image
General
Full URL
https://www.vg.no/vgc/frimand/gfx/icons/vg-logo.svg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8065bc4cd38626c2c3e6bbb5132d0f4bcd27233d50ec7e55ce189d97f74cda39
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3729510
x-vg-webcache
oa68-varnish-04
x-age
2015919
content-length
485
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 26 Oct 2021 10:55:57 GMT
strict-transport-security
max-age=15552000
content-type
image/svg+xml
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 24 Apr 2022 10:58:13 GMT
5da754f4f2b5b6ef3899c2adab6faf87
imbo.vgc.no/users/godt/images/
53 KB
53 KB
Image
General
Full URL
https://imbo.vgc.no/users/godt/images/5da754f4f2b5b6ef3899c2adab6faf87?t[]=400q80
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::c , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
ee542887af2ba85aaf14e28ac8d43f11b8d4c25455bc8eb4f6b029c06536d135

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:334023
x-vg-webcache
oa68-varnish-01
x-age
71616
x-imbo-originalwidth
980
allow
OPTIONS, GET, HEAD, DELETE
content-length
54108
x-imbo-originalextension
jpg
x-imbo-version
2.2.0
x-vg-webserver
imbo-02
x-imbo-originalmimetype
image/jpeg
last-modified
Tue, 16 Jan 2018 09:15:07 GMT
etag
"ef8048dd3d5ae05eacb7a24ef2e7d294"
vary
Origin,X-Imbo-PublicKey
content-type
image/jpeg
cache-control
max-age=31536000, public
x-imbo-imageidentifier
5da754f4f2b5b6ef3899c2adab6faf87
accept-ranges
bytes
x-varnish-director
imbo_02
x-imbo-originalheight
550
x-imbo-originalfilesize
298948
godt-dark.svg
www.vg.no/gfx/icons/
3 KB
2 KB
Image
General
Full URL
https://www.vg.no/gfx/icons/godt-dark.svg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
c5932e79c1e9cbd2bc8d72ed92af2b49bd47266e1b695cb82d9e6f72c2efb91f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,User-Agent
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:13441
x-vg-webcache
oa68-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
4733
content-length
1241
x-varnish-director
vg_frimand_director_goto
last-modified
Thu, 18 Nov 2021 17:30:03 GMT
etag
"c73-5d113823a5cc0-br"
strict-transport-security
max-age=15552000
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 17:37:59 GMT
vektklubb.svg
www.vg.no/vgc/frimand/gfx/icons/
1 KB
1 KB
Image
General
Full URL
https://www.vg.no/vgc/frimand/gfx/icons/vektklubb.svg?x=2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
590225138c235b6200c6f0fb6faee9cbee552c554bb70c0f718adacb1757b99c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:2786944
x-vg-webcache
u89-varnish-04
x-age
2015919
content-length
790
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 26 Oct 2021 10:55:57 GMT
strict-transport-security
max-age=15552000
content-type
image/svg+xml
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 24 Apr 2022 10:58:13 GMT
frimand-resources_js_advert_partnerstudio-front_js.60b465ec.chunk.js
www.vg.no/vgc/frimand/js/
740 B
748 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_advert_partnerstudio-front_js.60b465ec.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
5a5d3d7854a412b06e36cd5c6472aaf3bb6c195e4c7e4452b33afe97ec15b6e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:24532956
x-vg-webcache
oa68-varnish-04
x-age
3232053
content-length
348
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:09:20 GMT
frimand-commons.c180045b.chunk.js
www.vg.no/vgc/frimand/js/
54 KB
17 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
a06be388b3a173b8cc7969b078542e7c96a7452a9f0b511090f73129d744be91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:6776347
x-vg-webcache
oa68-varnish-01
x-age
784883
content-length
16970
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 09 Nov 2021 16:54:15 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 08 May 2022 16:55:29 GMT
frimand-resources_js_tracking_index_js.be305875.chunk.js
www.vg.no/vgc/frimand/js/
5 KB
2 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_tracking_index_js.be305875.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8fac955557260a43a2751cc551d57f74913d6a1846cfa2aa185b1008b790ad4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:8859540
x-vg-webcache
u89-varnish-04
x-age
1050361
content-length
1510
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Sat, 06 Nov 2021 15:09:23 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Thu, 05 May 2022 15:10:52 GMT
vendors-node_modules_lodash-es__baseIteratee_js-node_modules_lodash-es__baseMap_js-node_modul-1894f7.d2b45be7.chunk.js
www.vg.no/vgc/frimand/js/
24 KB
6 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/vendors-node_modules_lodash-es__baseIteratee_js-node_modules_lodash-es__baseMap_js-node_modul-1894f7.d2b45be7.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
23b751657b98bbd957c351abaa803d40b1fc7fbf3d7ef8667734999a8d0b60d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:15211152
x-vg-webcache
u89-varnish-01
x-age
1927972
content-length
5991
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Fri, 01 Oct 2021 14:50:07 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 25 Apr 2022 11:24:00 GMT
vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
www.vg.no/vgc/frimand/js/
34 KB
10 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
40d428e1522bbe31e718e1c7733701de2a12ed7d89d54a8227cc0c5295f3c03c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:15683265
x-vg-webcache
oa68-varnish-04
x-age
1928559
content-length
10016
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Fri, 01 Oct 2021 14:50:07 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 25 Apr 2022 11:14:13 GMT
frimand-node_modules_lodash-es_debounce_js.f291c5df.chunk.js
www.vg.no/vgc/frimand/js/
2 KB
1 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-node_modules_lodash-es_debounce_js.f291c5df.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
ada68f8550b64b3e4b69aefeb61cb219724b987f734d6b41c745f783698a9da7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:24640089
x-vg-webcache
u89-varnish-01
x-age
3230900
content-length
854
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:28:33 GMT
frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
www.vg.no/vgc/frimand/js/
4 KB
2 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
abbb43632a4a0cf0051e715ec713c509adf07b6fc5f87e73999559b306d692f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:15388122
x-vg-webcache
u89-varnish-04
x-age
1940799
content-length
1139
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Fri, 01 Oct 2021 14:50:05 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 25 Apr 2022 07:50:14 GMT
frimand-resources_js_partnerstudio-on-front_js.3d7693c0.chunk.js
www.vg.no/vgc/frimand/js/
477 B
639 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_partnerstudio-on-front_js.3d7693c0.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
d6b3a9379d4868ee8488bfbcc6d803f12635b9be81484e2efe139e49e58fcda8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:25390980
x-vg-webcache
oa68-varnish-01
x-age
3233633
content-length
238
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 08:42:59 GMT
vendors-node_modules_preact_compat_dist_compat_module_js.7a8cc2fe.chunk.js
www.vg.no/vgc/frimand/js/
22 KB
8 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/vendors-node_modules_preact_compat_dist_compat_module_js.7a8cc2fe.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
4fbb54bf2673ddd51f5f8746d560317ce0639765b3979918f2aa797b9ca9833a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:15130637
x-vg-webcache
oa68-varnish-01
x-age
1914468
content-length
7375
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Wed, 27 Oct 2021 14:58:34 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 25 Apr 2022 15:09:05 GMT
frimand-resources_js_vg-nav_js.612cf7a1.chunk.js
www.vg.no/vgc/frimand/js/
700 B
765 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_vg-nav_js.612cf7a1.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
e59d21686495f1145f43f23c25256ce633dca4e0864c0b93213eeb79a5972197
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:6125473
x-vg-webcache
u89-varnish-04
x-age
1914468
content-length
366
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Wed, 27 Oct 2021 14:58:33 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 25 Apr 2022 15:09:05 GMT
frimand-resources_js_vgtv-on-front_js.a575520a.chunk.js
www.vg.no/vgc/frimand/js/
1 KB
1 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_vgtv-on-front_js.a575520a.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
a8538bdf9b4f3e29367f79f3aa32ae3fbf04e3443e7bdca7f92ad846eca99fce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:24681954
x-vg-webcache
u89-varnish-01
x-age
3230900
content-length
718
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 12 Oct 2021 07:11:03 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:28:32 GMT
frimand-resources_js_font-resizer_js.980c18ce.chunk.js
www.vg.no/vgc/frimand/js/
704 B
730 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_font-resizer_js.980c18ce.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
eb2f42ac8de710da42df10051589b091ce6cf9b8577c1586161eaa00dcd89d88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:25773855
x-vg-webcache
oa68-varnish-04
x-age
3232053
content-length
330
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:09:20 GMT
native-message
cmp.vg.no/wrapper/tcfv2/v1/gdpr/ Frame
0
0
Preflight
General
Full URL
https://cmp.vg.no/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&hasCsp=true&env=prod&consentLanguage=no&body=%7B%22propertyId%22%3A8876%2C%22accountId%22%3A1047%2C%22requestUUID%22%3A%22e948eed0-9bd3-46d1-9994-712d0a164ff9%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.vg.no%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.vg.no%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D&scriptVersion=2.0.10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.vg.no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
content-length
2
date
Thu, 18 Nov 2021 18:56:53 GMT
x-powered-by
Express
access-control-allow-origin
https://www.vg.no
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
CPHhz3cHBAjsRFg_P6iNBQL2F6M_9NlwEc1kp2cv9C48cxM53KHfqA==
native-message
cmp.vg.no/wrapper/tcfv2/v1/gdpr/
37 KB
7 KB
XHR
General
Full URL
https://cmp.vg.no/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&hasCsp=true&env=prod&consentLanguage=no&body=%7B%22propertyId%22%3A8876%2C%22accountId%22%3A1047%2C%22requestUUID%22%3A%22e948eed0-9bd3-46d1-9994-712d0a164ff9%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.vg.no%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.vg.no%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D&scriptVersion=2.0.10
Requested by
Host: cmp.vg.no
URL: https://cmp.vg.no/messagingNoTcfApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
aa29d5e6e4e8274b7ed9e7babb3a0f97540b1e5f3f7fa61eebf9fddbf1d8b7da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vg.no
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
rIwqEDEmhRGZLWGOAi2SqcY6W3NCMNJS5iiThky7Z617e71J6-mavQ==
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
vendors-node_modules_clsx_dist_clsx_m_js-node_modules_lodash-es_isNumber_js-node_modules_loda-edf9e1.e52f36f8.chunk.js
www.vg.no/vgc/frimand/js/
100 KB
27 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/vendors-node_modules_clsx_dist_clsx_m_js-node_modules_lodash-es_isNumber_js-node_modules_loda-edf9e1.e52f36f8.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
11425f6c1d05eebd74716896bc88576786af8d0e9d97da7e5177eeef960b38a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:14705795
x-vg-webcache
oa68-varnish-01
x-age
1914468
content-length
27653
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Wed, 27 Oct 2021 14:58:34 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 25 Apr 2022 15:09:05 GMT
aCxhpRb
imbo.vgc.no/s/
25 KB
26 KB
Image
General
Full URL
https://imbo.vgc.no/s/aCxhpRb
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::c , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
3d40e8c99e2199a035bce3db433543214203d5edd444391fa2dfca80afaea8c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-imbo-imagevariation
1024x576
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:352398
x-imbo-shorturl
http://imbo.vgc.no/s/aCxhpRb
x-vg-webcache
u89-varnish-01
x-age
167740
x-imbo-originalwidth
3000
allow
OPTIONS, GET, HEAD
content-length
25641
x-imbo-originalextension
jpg
x-varnish-director
imbo_02
x-vg-webserver
imbo-02
x-imbo-originalmimetype
image/jpeg
last-modified
Tue, 16 Nov 2021 20:21:10 GMT
etag
"3f6dc54311cfaf7d6a84a92bcf843bd4"
vary
X-Imbo-PublicKey
content-type
image/jpeg
cache-control
max-age=31536000, public
x-imbo-version
2.2.0
x-imbo-imageidentifier
29f5652765027be074058c8ddedb161d
accept-ranges
bytes
x-imbo-originalheight
1687
x-imbo-originalfilesize
409946
c=0,123,2302,1595;w=376;h=260;646223.jpg
akamai.vgc.no/drfront/images/2021/11/17/
13 KB
13 KB
Image
General
Full URL
https://akamai.vgc.no/drfront/images/2021/11/17/c=0,123,2302,1595;w=376;h=260;646223.jpg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ee846f55a12c8f1e97a76168954ab362fae250a9aa979c3b58e9f3d002c78903

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-vg-webcache
oa68-varnish-04
x-age
638
content-length
12838
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Thu, 18 Nov 2021 06:02:47 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 17 May 2022 06:03:17 GMT
account-sdk-browser.6837ef6d.chunk.js
www.vg.no/vgc/frimand/js/
21 KB
6 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/account-sdk-browser.6837ef6d.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
55f076db7834e6c5b11502c9774b5d4ef8d1fb5606691491a2967c9ae7cdf661
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:24864189
x-vg-webcache
u89-varnish-01
x-age
3230900
content-length
6113
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 12 Oct 2021 07:11:01 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:28:32 GMT
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/0a6a1f/
79 B
515 B
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/0a6a1f/a.js?_=1610535190000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
cd975dc0885a337698295f590a63c03d64b4ee6b46aae69f4dbbfa914086890c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3727
x-vg-webcache
oa68-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1134
content-length
70
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Wed, 13 Jan 2021 10:53:10 GMT
etag
"78422942ab71967213b24be2f11cc6bb-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/c059fb/
478 B
693 B
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/c059fb/a.js?_=1634555022000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
53857a391b2d3ec18a9abf2c12cc65cce90389ff3d722fdf9a490d778fab0e0c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:4617
x-vg-webcache
oa68-varnish-04
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1133
content-length
247
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Mon, 18 Oct 2021 11:03:42 GMT
etag
"b1849d067d5ee5a4418c2246e8d04012-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/39fbf0/
2 KB
1 KB
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/39fbf0/a.js?_=1634832267000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
7b6dafea9b863c112e28ce6a433bfbd2d2b8679f285d795aa849d2184d9fa16b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3769
x-vg-webcache
u89-varnish-04
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1133
content-length
971
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Thu, 21 Oct 2021 16:04:27 GMT
etag
"a9f47e9e5265700132a73e7cb48b44c7-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/261212/
183 B
589 B
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/261212/a.js?_=1636454914000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
c4c7a2037ecb17eec815a3dcdffc3b8398209b15688f6e4e4857d2d3f9afab35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3879
x-vg-webcache
u89-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1134
content-length
144
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Tue, 09 Nov 2021 10:48:34 GMT
etag
"a9a940c32c90ebc2a588912a93c2f169-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/7641a8/
2 KB
1 KB
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/7641a8/a.js?_=1617974930000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
ca503ed50bd8e2c1fd0667d797d212b1adedb2d88e27fa5034c952df8edcdfce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3883
x-vg-webcache
oa68-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1133
content-length
786
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Fri, 09 Apr 2021 13:28:50 GMT
etag
"a114b2de8bc4bebc26c97c3a7017c2b8-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/d5dd58/
3 KB
2 KB
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/d5dd58/a.js?_=1620294765000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
23beca11d801768c43ca614a976d405cb3a36448db99a615c7bf0a95e19e4769
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:1781
x-vg-webcache
u89-varnish-04
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1133
content-length
1293
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Thu, 06 May 2021 09:52:45 GMT
etag
"dd061abca18312361890ea38dee3534b-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/5abfb0/
8 KB
3 KB
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/5abfb0/a.js?_=1632775187000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
e19e6d3ba89c88a6cf9f0976216f61f2ed28135ffac9eeffebc06190b9acf10b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:4074
x-vg-webcache
oa68-varnish-04
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1134
content-length
2471
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Mon, 27 Sep 2021 20:39:47 GMT
etag
"6c86a7385a53c67593a92b92bbef4586-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
b.js
www.vg.no/frimand-api/experiments/hovedfront/production/5e17da/
174 B
578 B
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/5e17da/b.js?_=1634119096000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8d7763073c27838491005666307267ea47b4abd2b7760c643e56d7000825b8fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:1619
x-vg-webcache
oa68-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1133
content-length
131
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Wed, 13 Oct 2021 09:58:16 GMT
etag
"f674a44b8269099674725ace2e125327-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/9191a2/
1 KB
944 B
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/9191a2/a.js?_=1636365402000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
ebaac4751415076fa39ef02dee8f7a2eccbc100beb22a7374fd171f2e50820d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3942
x-vg-webcache
u89-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1133
content-length
499
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Mon, 08 Nov 2021 09:56:42 GMT
etag
"13040c8d232efd211f14e23330b7dfa5-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
a.js
www.vg.no/frimand-api/experiments/hovedfront/production/5e17da/
236 B
600 B
Script
General
Full URL
https://www.vg.no/frimand-api/experiments/hovedfront/production/5e17da/a.js?_=1634119096000
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-resources_js_experiments-loader_js.bc1df5dd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
35da4716556a1d4729712554701d0fcbf3085e527366394981eaf68b67235c55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
Origin
https://www.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:1594
x-vg-webcache
u89-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
1134
content-length
155
bfcache-opt-in
unload
x-varnish-director
vg_frimand_director_goto
last-modified
Wed, 13 Oct 2021 09:58:16 GMT
etag
"c02d1db60af4b20a286a274fc2689fcd-br"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
cache-control
immutable, max-age=2592000, public
accept-ranges
bytes
main.1.3.73.js
www.vg.no/vgc/cdn/vg-nav/
45 KB
14 KB
Script
General
Full URL
https://www.vg.no/vgc/cdn/vg-nav/main.1.3.73.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
ecc8dcc3a15475f058f94874e5a39541114fcbb4217649c4dde27919daaf008a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:380761
x-vg-webcache
oa68-varnish-01
x-age
27437
content-length
13539
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Thu, 18 Nov 2021 08:29:57 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Tue, 17 May 2022 11:19:35 GMT
infected.svg
redutv-api.vg.no/corona/v1/front/widget/00/
12 KB
3 KB
Image
General
Full URL
https://redutv-api.vg.no/corona/v1/front/widget/00/infected.svg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::41 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
8e1fc7a5c35d7b41353db7f9b4f56429d54d4c3c91da1fecebe93ceddfdd07ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-cache
HIT:987053
x-vg-webcache
u89-varnish-03
x-age
16834
content-length
2300
x-xss-protection
1; mode=block
x-varnish-director
vgredutv_corona_api_backend_prod_goto
referrer-policy
no-referrer
x-frame-options
DENY
x-download-options
noopen
vary
origin,accept-encoding
content-type
image/svg+xml
cache-control
max-age=0,must-revalidate,no-store
accept-ranges
bytes
hospitalized.svg
redutv-api.vg.no/corona/v1/front/widget/00/
3 KB
1 KB
Image
General
Full URL
https://redutv-api.vg.no/corona/v1/front/widget/00/hospitalized.svg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::41 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
5d451d810a82ab74645a669ba48f7ba339a09477781f60ec7da4d9f41eaab758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-cache
HIT:1486463
x-vg-webcache
oa68-varnish-03
x-age
25548
content-length
665
x-xss-protection
1; mode=block
x-varnish-director
vgredutv_corona_api_backend_prod_goto
referrer-policy
no-referrer
x-frame-options
DENY
x-download-options
noopen
vary
origin,accept-encoding
content-type
image/svg+xml
cache-control
max-age=0,must-revalidate,no-store
accept-ranges
bytes
positive-share.svg
redutv-api.vg.no/corona/v1/front/widget/00/
12 KB
2 KB
Image
General
Full URL
https://redutv-api.vg.no/corona/v1/front/widget/00/positive-share.svg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::41 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
d11236d21468ca8a7c1918a25d06f8c8fd43a069aad68a728fdf33e646893040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
x-vg-tlsproxy
u89-tlsproxy-02.int.vgnett.no
x-cache
HIT:1169676
x-vg-webcache
oa68-varnish-03
x-age
20046
content-length
1909
x-xss-protection
1; mode=block
x-varnish-director
vgredutv_corona_api_backend_prod_goto
referrer-policy
no-referrer
x-frame-options
DENY
x-download-options
noopen
vary
origin,accept-encoding
content-type
image/svg+xml
cache-control
max-age=0,must-revalidate,no-store
accept-ranges
bytes
set_consent_cookies
cmp.vg.no/mms/
0
440 B
XHR
General
Full URL
https://cmp.vg.no/mms/set_consent_cookies?consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&consentUUID_maxAge=31536000&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&hasCsp=true
Requested by
Host: cmp.vg.no
URL: https://cmp.vg.no/messagingNoTcfApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
Jetty(9.4.2.v20170220) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
server
Jetty(9.4.2.v20170220)
x-amz-cf-pop
DUS51-C1
strict-transport-security
max-age=15552000; includeSubdomains
access-control-allow-methods
*
access-control-allow-origin
https://www.vg.no
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
V9vpT_1j0b5nvuZmWs_r1fWDnb4h5TfQCa7r7IENqb20Meuu-WvyDA==
index.html
cmp.vg.no/ Frame 4498
4 KB
2 KB
Document
General
Full URL
https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
Requested by
Host: cmp.vg.no
URL: https://cmp.vg.no/messagingNoTcfApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/

Response headers

content-type
text/html
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 18 Nov 2021 18:11:44 GMT
etag
W/"89b8a4c9183b2e83d76d4204d34d51f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
NpeKMs3cQ8sUpQciFInnDfffLw4zn4VccRhYLqfhK-JnJSvPymRaQA==
age
3884
00
redutv-api.vg.no/corona/v1/front/widget/
397 B
743 B
Fetch
General
Full URL
https://redutv-api.vg.no/corona/v1/front/widget/00
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::41 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
f6ccff44d3152a81c3a4ae99b775227394c7893454211db430594521108cb706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:812397
x-vg-webcache
u89-varnish-03
x-age
13608
content-length
203
x-xss-protection
1; mode=block
x-varnish-director
vgredutv_corona_api_backend_prod_goto
referrer-policy
no-referrer
last-modified
Thu, 18 Nov 2021 15:10:04 GMT
x-frame-options
DENY
x-download-options
noopen
vary
Accept-Encoding, origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vg.no
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
max-age=0,must-revalidate,no-store
accept-ranges
bytes
areas
redutv-api.vg.no/corona/v1/
12 KB
3 KB
Fetch
General
Full URL
https://redutv-api.vg.no/corona/v1/areas
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::41 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
447d1c52a083853189e6a2bd3bc053a81cb8edfc34fd330a9ba333a6f4689160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:3085637
x-vg-webcache
oa68-varnish-03
x-age
35662
content-length
2332
x-xss-protection
1; mode=block
x-varnish-director
vgredutv_corona_api_backend_prod_goto
referrer-policy
no-referrer
x-frame-options
DENY
etag
"2uzY4t0DJ8G2CozGouU3AQ==-br"
x-download-options
noopen
vary
origin,accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vg.no
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
max-age=0,must-revalidate,no-store
accept-ranges
bytes
session
id.vg.no/
101 B
603 B
Fetch
General
Full URL
https://id.vg.no/session?client_sdrn=sdrn%3Aspid.no%3Aclient%3A4ef1cfb0e962dd2e0d8d0000&redirect_uri=https%3A%2F%2Fwww.vg.no%2Fauth%2Fcallback&sdk_version=4.4.0
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/account-sdk-browser.6837ef6d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.248.46.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-46-110.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
7f6f85b2474239f232c24918e2ac4a56a838bc64a9e872a62b89152e569602ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
Vary
Origin
Server
Finatra
X-Frame-Options
deny
X-Kong-Proxy-Latency
1
Strict-Transport-Security
max-age=63072000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.vg.no
X-Kong-Upstream-Latency
1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
113
Via
kong/2.4.1
X-Request-Id
53a2a84f-ad3f-47b0-8f9a-a1ae7162de98
Notice.03819.css
cmp.vg.no/ Frame 4498
32 KB
6 KB
Stylesheet
General
Full URL
https://cmp.vg.no/Notice.03819.css
Requested by
Host: cmp.vg.no
URL: https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:11:44 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
3884
etag
W/"894f01a34ee58f1147257366e6a6bde7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Bx2jY2LxBPGXCdzn08WUCNhsGYNct2PRGCatoHSTTtMfRHHb1Ig50g==
polyfills.d36c5.js
cmp.vg.no/ Frame 4498
5 KB
2 KB
Script
General
Full URL
https://cmp.vg.no/polyfills.d36c5.js
Requested by
Host: cmp.vg.no
URL: https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:11:44 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
3885
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
O6hLG71Ej20D3fmc17ejT2K1pcnCxF38kAq2u8bgmJEV0gHmJyHTuA==
Notice.70828.js
cmp.vg.no/ Frame 4498
209 KB
52 KB
Script
General
Full URL
https://cmp.vg.no/Notice.70828.js
Requested by
Host: cmp.vg.no
URL: https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-15.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/index.html?message_id=499991&consentUUID=87245ee8-95c0-45ca-ac42-dcb24e16467b&requestUUID=e948eed0-9bd3-46d1-9994-712d0a164ff9&preload_message=true&consentLanguage=no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:11:44 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 02:51:09 GMT
server
AmazonS3
age
3884
etag
W/"3f789fabb7890dc26d3914692795ffb3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
gQ2m4VTcGVqsYvLe878Sol-gsRWBZU2d8ZzsWSrYJGdCftLhfyG3vA==
schibsted.20210305.svg
static.privacy.schibsted.com/cmp/ Frame 4498
16 KB
6 KB
Image
General
Full URL
https://static.privacy.schibsted.com/cmp/schibsted.20210305.svg
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a17dbe0c9d25187a9ef656698d4a70e9144f61258f7b4211d5403548b8b6a2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:02:23 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 19:04:39 GMT
server
AmazonS3
age
82471
etag
W/"54024cc6ee81422a4228402ce3ea0139"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
OBnNIyIXx3T1adtFsB-2zYQtr1tHrYh4VoX6N1wVkK8qRWDT30OTnQ==
P001_EUchange.png
info.privacy.schibsted.com/wp-content/uploads/2018/04/ Frame 4498
21 KB
21 KB
Image
General
Full URL
https://info.privacy.schibsted.com/wp-content/uploads/2018/04/P001_EUchange.png
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a7c42779dfcf24d34cc624d9fdb1b30e8adea6e6e1d1b45a08cbfc75c24497e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-ac
2.hhn _atomic_ams HIT
last-modified
Thu, 13 Aug 2020 07:01:26 GMT
server
nginx
etag
"5f34e546-544f"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
21583
expires
Fri, 20 Aug 2021 22:35:27 GMT
p001_post_positive.png
info.privacy.schibsted.com/wp-content/uploads/2018/04/ Frame 4498
24 KB
24 KB
Image
General
Full URL
https://info.privacy.schibsted.com/wp-content/uploads/2018/04/p001_post_positive.png
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
18c43d517550dd0d7abca0d7f395ac554ff661032f9f81154811166c724c8ee5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-ac
2.hhn _atomic_ams HIT
last-modified
Thu, 13 Aug 2020 07:00:58 GMT
server
nginx
etag
"5f34e52a-5e7f"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
24191
expires
Fri, 20 Aug 2021 22:35:27 GMT
s008_post_understand.png
info.privacy.schibsted.com/wp-content/uploads/2018/05/ Frame 4498
23 KB
23 KB
Image
General
Full URL
https://info.privacy.schibsted.com/wp-content/uploads/2018/05/s008_post_understand.png
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe9c00b39aa997d1efe1f793dd8d68517005e27f2057f011c6007e313aae32ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-ac
2.hhn _atomic_ams HIT
last-modified
Thu, 13 Aug 2020 06:48:04 GMT
server
nginx
etag
"5f34e224-5d48"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
23880
expires
Fri, 20 Aug 2021 22:35:27 GMT
p005_featured-1.png
info.privacy.schibsted.com/wp-content/uploads/2020/09/ Frame 4498
13 KB
13 KB
Image
General
Full URL
https://info.privacy.schibsted.com/wp-content/uploads/2020/09/p005_featured-1.png
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fb06beff3b52ed00a1a147f87a577f9997347e9360ed04f0ef5add191979a1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmp.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
x-ac
2.hhn _atomic_ams HIT
last-modified
Wed, 23 Sep 2020 12:00:54 GMT
server
nginx
etag
"5f6b38f6-3387"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
13191
expires
Fri, 20 Aug 2021 22:35:27 GMT
identify
cis.schibsted.com/api/v1/
894 B
1 KB
Fetch
General
Full URL
https://cis.schibsted.com/api/v1/identify
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.53.178.57 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-53-178-57.eu-north-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
42a72b63748c1d579778449613e03e6bfdcf7fd408f0af5ef40ad7e02268e593
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/json

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Finatra
x-frame-options
DENY
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vg.no
access-control-max-age
86400
cache-control
private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
X-Requested-With,content-type,content-length
content-length
659
identify
cis.schibsted.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://cis.schibsted.com/api/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.53.178.57 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-53-178-57.eu-north-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.vg.no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-type
application/json; charset=utf-8
content-length
28
server
Finatra
cache-control
private, no-cache, proxy-revalidate, max-age=0
x-frame-options
DENY
access-control-max-age
86400
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'
access-control-allow-origin
https://www.vg.no
access-control-allow-headers
X-Requested-With,content-type,content-length
access-control-allow-methods
POST, OPTIONS
access-control-allow-credentials
true
content-encoding
gzip
v3
ib.adnxs.com/ut/
54 KB
12 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/cdn/js/libs/ast/0.33.0/ast-patched.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f1ad16b500fa9e13324bc9fa0c2acf533243809e5caa9476dedcd142b4b4e490
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 18 Nov 2021 18:56:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b2128afb-e6ad-45f0-80e2-5d4ff265028b
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.vg.no
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
FGrotesk-Book.woff2
d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/ Frame 4498
23 KB
24 KB
Font
General
Full URL
https://d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/FGrotesk-Book.woff2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-164.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe6494bba16b715e5c81b1506a56cefb3472ac2e91a072a0b6a46ff65690c4a0

Request headers

Referer
https://cmp.vg.no/
Origin
https://cmp.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 05:21:31 GMT
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
age
21216923
x-cache
Hit from cloudfront
content-length
23776
last-modified
Wed, 09 Sep 2020 11:47:51 GMT
server
AmazonS3
etag
"ebdac35919f67402c9cd56d96eaba892"
vary
Origin
access-control-allow-methods
GET, HEAD
x-amz-version-id
null
access-control-allow-origin
*
cache-control
no-transform,public,max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
V5x-tVJr0FIJEewQpNxKX9vsUM3dzLgWSFu2BLCJhRj5gpzRVQB1Cw==
FGroteskDemi-Regular.woff2
d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/ Frame 4498
19 KB
20 KB
Font
General
Full URL
https://d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/FGroteskDemi-Regular.woff2
Requested by
Host: www.vg.no
URL: https://www.vg.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-164.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1555705a6bb02ae2759a5559c5f6ba10c4f9bf90f8daa5c9eca33962e9d3d4b3

Request headers

Referer
https://cmp.vg.no/
Origin
https://cmp.vg.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 00:39:05 GMT
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
age
9829069
x-cache
Hit from cloudfront
content-length
19752
last-modified
Wed, 09 Sep 2020 11:47:51 GMT
server
AmazonS3
etag
"8959b66f98b0f6c96d2e98322da09845"
vary
Origin
access-control-allow-methods
GET, HEAD
x-amz-version-id
null
access-control-allow-origin
*
cache-control
no-transform,public,max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
4KVgfOpaRO48rKQRMIBe08XzxEWskjlt6uiWtgJNZpqwbH9Q09fzrA==
frimand-resources_js_tracking_bfcache-tracking_js.8a0a6fd2.chunk.js
www.vg.no/vgc/frimand/js/
716 B
783 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_tracking_bfcache-tracking_js.8a0a6fd2.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
26e9265421572e68fd9816a4f333c8f3924d0a80f4ee26d75c8dc658f86d55dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:7784388
x-vg-webcache
oa68-varnish-04
x-age
3232053
content-length
384
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:09:20 GMT
frimand-resources_js_lazy-front_js.11fa7ae9.chunk.js
www.vg.no/vgc/frimand/js/
1000 B
899 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_lazy-front_js.11fa7ae9.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
d6946838b7e2549cf78bfb9e5580351e7dce18d8a6b907792ae6ccf95adee147
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:2573929
x-vg-webcache
u89-varnish-04
x-age
3229214
content-length
500
x-varnish-director
static_web
x-vg-webserver
static-web-02
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:56:38 GMT
frimand-resources_js_auth_continue-as-popup_js.f51be643.chunk.js
www.vg.no/vgc/frimand/js/
1 KB
864 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_auth_continue-as-popup_js.f51be643.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
5aafce2bff3b21411baa5271803b17535f057121e450db0f55ebc104b58281a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:6083055
x-vg-webcache
oa68-varnish-04
x-age
3232053
content-length
465
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:09:20 GMT
frimand-resources_js_darkmode-trigger_js.5e46f484.chunk.js
www.vg.no/vgc/frimand/js/
692 B
759 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_darkmode-trigger_js.5e46f484.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
a8e9f02d13d664e9e3ad5d78eccb7793464740f23cb754e75f19bbf96d058084
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:7827382
x-vg-webcache
oa68-varnish-04
x-age
3232053
content-length
360
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 12 Oct 2021 07:11:02 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:09:20 GMT
frimand-resources_js_bfcache-cleanup_js.589225c1.chunk.js
www.vg.no/vgc/frimand/js/
621 B
701 B
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_bfcache-cleanup_js.589225c1.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
4577b79f6ca24a1f0c515f9e1dd598cdf0e5c6d011bee017e54b35c0758739e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:857707
x-vg-webcache
u89-varnish-04
x-age
103207
content-length
304
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Wed, 17 Nov 2021 14:15:07 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Mon, 16 May 2022 14:16:45 GMT
analytics.js
log.medietall.no/
225 KB
72 KB
Script
General
Full URL
https://log.medietall.no/analytics.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
daeab1ca7011173c07e0beea1be4566bad1a74afa1b7ccbb2f6830b31d306ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 13:55:38 GMT
server
Apache/2.4.29 (Ubuntu)
etag
"3854a-5d0d429f15bb3-gzip"
x-hw
1637261813.cds034.ml1.hn,1637261813.cds223.ml1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
content-length
73419
gdpr-bundle.js
cogwheel.inventory.schibsted.io/prod/latest/
43 KB
15 KB
Script
General
Full URL
https://cogwheel.inventory.schibsted.io/prod/latest/gdpr-bundle.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-17.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e35456bce17208d28444796fc6fc5f95847575eab1918010eedcb46a9f0baeec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:39:45 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 11:16:39 GMT
server
AmazonS3
age
76629
etag
W/"7e4b7a56f51b986b46e7a15e6840d61e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Ruu7D1mK4Eci8jkXfScaR_w8inPhdHJREAwEtpyOtQVCVjUg1jGOXQ==
vgnett
cookie.norstatsurveys.com/api/trackingpixel/39e260b332120c379b43e77fa3b2470c/
43 B
432 B
Image
General
Full URL
https://cookie.norstatsurveys.com/api/trackingpixel/39e260b332120c379b43e77fa3b2470c/vgnett
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.100.50.51 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-db3-013.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:53 GMT
Server
Microsoft-IIS/10.0
Content-Type
image/gif
Arr-Disable-Session-Affinity
True
Cache-Control
no-cache
Content-Length
43
Expires
-1
frimand-resources_js_widgets_direkte-loader_js.59e9f7f2.chunk.js
www.vg.no/vgc/frimand/js/
13 KB
5 KB
Script
General
Full URL
https://www.vg.no/vgc/frimand/js/frimand-resources_js_widgets_direkte-loader_js.59e9f7f2.chunk.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/app.48ed8aee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
818241f2ced316923ed63f67bc97a084a19e3cd6f2bc6d4858c3c7abca494d02
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:6913166
x-vg-webcache
u89-varnish-04
x-age
3229214
content-length
4785
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Tue, 12 Oct 2021 07:11:03 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:56:39 GMT
vgtv_play_simple.svg
www.vg.no/gfx/icons/
470 B
694 B
Image
General
Full URL
https://www.vg.no/gfx/icons/vgtv_play_simple.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
747f0b34c7513b45075f2dd526c6f0259615a0a00a7d9f927f96905ea04f2fa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,User-Agent
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:13613
x-vg-webcache
oa68-varnish-01
x-clue
Ly93d3cudmcubm8vZXBpY3dvcmsvCg==
x-age
4734
content-length
266
x-varnish-director
vg_frimand_director_goto
last-modified
Thu, 18 Nov 2021 17:30:03 GMT
etag
"1d6-5d113823a5cc0-br"
strict-transport-security
max-age=15552000
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 17:37:59 GMT
user-context
session-service.payment.schibsted.no/
26 B
535 B
Fetch
General
Full URL
https://session-service.payment.schibsted.no/user-context?client_sdrn=sdrn%3Aspid.no%3Aclient%3A4ef1cfb0e962dd2e0d8d0000&sdk_version=4.4.0
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/account-sdk-browser.6837ef6d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.248.46.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-46-110.eu-west-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
28885d54f98e4f35ce8e06ce3991dd4da7505ce771252465bbead57930a07778
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
gzip
Vary
Origin
Server
Finatra
X-Frame-Options
deny
X-Kong-Proxy-Latency
0
Strict-Transport-Security
max-age=63072000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.vg.no
X-Kong-Upstream-Latency
3
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
Via
kong/2.4.1
X-Request-Id
2a2d0571-1c35-4d45-8b8f-3aa49b17793d
direkte-widget.f5782a3c.js
www.vg.no/vgc/direkte-widget/
23 KB
8 KB
Script
General
Full URL
https://www.vg.no/vgc/direkte-widget/direkte-widget.f5782a3c.js
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:21e0::16 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software
/
Resource Hash
c46c497c0af8fadcc5f28daaff59f1094051a593f4a919ae0b0e9e6dc870b7df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:53 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
0
x-vg-tlsproxy
oa68-tlsproxy-02.int.vgnett.no
x-cache
HIT:7394149
x-vg-webcache
u89-varnish-01
x-age
3230901
content-length
7572
x-varnish-director
static_web
x-vg-webserver
static-web-01
last-modified
Mon, 11 Oct 2021 14:03:29 GMT
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
max-age=15552000, immutable
accept-ranges
bytes
expires
Sun, 10 Apr 2022 09:28:32 GMT
identify
cis.vg.no/api/v1/
858 B
1 KB
Fetch
General
Full URL
https://cis.vg.no/api/v1/identify
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.191.63 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-191-63.eu-north-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
41f4034ce5e9c8a0f44317edf0e8e1e9cbd17854095c3e7567bdc243b31ea189
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/json

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Finatra
x-frame-options
DENY
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vg.no
access-control-max-age
86400
cache-control
private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
X-Requested-With,content-type,content-length
content-length
640
identify
cis.vg.no/api/v1/ Frame
0
0
Preflight
General
Full URL
https://cis.vg.no/api/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.191.63 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-191-63.eu-north-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.vg.no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-type
application/json; charset=utf-8
content-length
28
server
Finatra
cache-control
private, no-cache, proxy-revalidate, max-age=0
x-frame-options
DENY
access-control-max-age
86400
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'
access-control-allow-origin
https://www.vg.no
access-control-allow-headers
X-Requested-With,content-type,content-length
access-control-allow-methods
POST, OPTIONS
access-control-allow-credentials
true
content-encoding
gzip
p
log.medietall.no/
0
77 B
Ping
General
Full URL
https://log.medietall.no/p?i=5f71d1d9588d3e7d6d099fb4&r=&sr=&mt=-1&ma=-1&tg=-1&ctg=-1&mp=-1&mu=-1&mi=https%3A%2F%2F1.vgc.no%2Fvgnett-prod%2Fimg%2FvgLogoSquare.png%3F28042014-1&md=Norges%20st%C3%B8rste%20nettsted.%20Oppdateres%20minutt%20for%20minutt%20p%C3%A5%20siste%20nytt%20innen%20sport%2C%20innenriks%2C%20utenriks%2C%20og%20underholdning.&or=-1&wc=-1&pw=&pwu=0&co=0&il=&hv=&sc=-1&p=https%3A%2F%2Fwww.vg.no%2F&c=desktop&t=frontpage&s=&_r=1637261814044:4.7.22:20210806-103121&_m=beacon
Requested by
Host: log.medietall.no
URL: https://log.medietall.no/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
server
Apache/2.4.29 (Ubuntu)
x-hw
1637261814.cds034.ml1.hn,1637261814.cds021.ml1.sc,1637261814.cds021.ml1.p
content-type
application/octet-stream
mbl
log.medietall.no/
0
119 B
Ping
General
Full URL
https://log.medietall.no/mbl?i=5f71d1d9588d3e7d6d099fb4&u=8zYmeKFwy9&d=&af=&ns=1&rt=1637261814&lu=0&as=0&p=https%3A%2F%2Fwww.vg.no%2F&c=desktop&t=frontpage&s=&tg=-1&ctg=-1&_r=1637261814046:4.7.22:20210806-103121&_m=beacon
Requested by
Host: log.medietall.no
URL: https://log.medietall.no/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
server
Apache/2.4.29 (Ubuntu)
x-hw
1637261814.cds034.ml1.hn,1637261814.cds202.ml1.sc,1637261814.cds202.ml1.p
content-type
application/octet-stream
/
cl.k5a.io/
0
146 B
Ping
General
Full URL
https://cl.k5a.io/?i=607d77e46bf6b242026472c2&l=p&u=https%3A%2F%2Fwww.vg.no%2F&c=desktop&ptp=website&psn=&sbs=&ul=&uid=rS6sUOAyNtrz0IBm&ns=1&_h=pageView&_s=js&_l=DOMContentLoaded&_m=b
Requested by
Host: log.medietall.no
URL: https://log.medietall.no/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.46 (Unix) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
server
Apache/2.4.46 (Unix)
x-hw
1637261814.cds023.ml1.hn,1637261814.cds211.ml1.sc,1637261814.cds211.ml1.p
content-type
application/octet-stream
3532505006766251240
sch-map.norstatsurveys.com/api/nids/schibsted/map/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cis.schibsted.com/api/v1/sync?ANID=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcis.schibsted.com%2Fapi%2Fv1%2Fsync%3FANID%3D%24UID
  • https://cis.schibsted.com/api/v1/sync?ANID=3532505006766251240
  • https://sch-map.norstatsurveys.com/api/nids/schibsted/map/3532505006766251240?alias=3db8ce1e-3844-43da-b152-524e5cea0ef8
43 B
264 B
Image
General
Full URL
https://sch-map.norstatsurveys.com/api/nids/schibsted/map/3532505006766251240?alias=3db8ce1e-3844-43da-b152-524e5cea0ef8
Protocol
HTTP/1.1
Server
23.100.50.51 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-db3-013.cloudapp.net
Software
Microsoft-IIS/10.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:54 GMT
Server
Microsoft-IIS/10.0
Content-Type
image/gif
Arr-Disable-Session-Affinity
True
Cache-Control
no-cache
Content-Length
43
Expires
-1

Redirect headers

location
https://sch-map.norstatsurveys.com/api/nids/schibsted/map/3532505006766251240?alias=3db8ce1e-3844-43da-b152-524e5cea0ef8
date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
server
Finatra
content-length
127
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
permissions
user-permissions.privacy.schibsted.com/privacy/v2/anonymous/vg/user/sdrn:schibsted:environment:92c23c3a-cfc6-41d6-b189-fed84ad9d9c9/
1 KB
694 B
Fetch
General
Full URL
https://user-permissions.privacy.schibsted.com/privacy/v2/anonymous/vg/user/sdrn:schibsted:environment:92c23c3a-cfc6-41d6-b189-fed84ad9d9c9/permissions
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/frimand-commons.c180045b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-49.dus51.r.cloudfront.net
Software
/
Resource Hash
a1a69c27e836363053c34ca3f36d2dbe66917eb04c4b82f44ff9aa791efc6b50
Security Headers
Name Value
Strict-Transport-Security max-age=14400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-plan3-correlation-id
WGG5yOgnMTGR1OwW
vary
origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.vg.no
cache-control
no-transform, max-age=43200
strict-transport-security
max-age=14400; includeSubDomains
content-length
286
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amz-cf-id
zrq6FfNCg9lbkhUamUWee-IRl1mCRZdTkn3He6rrW1Di6YomHxu1Sw==
sdrn:schibsted:client:vg
collector.schibsted.io/api/v1/track/
0
0
Ping
General
Full URL
https://collector.schibsted.io/api/v1/track/sdrn:schibsted:client:vg
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.53.106.136 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-53-106-136.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

sdrn:schibsted:client:vg
collector.schibsted.io/api/v1/track/
0
0
Ping
General
Full URL
https://collector.schibsted.io/api/v1/track/sdrn:schibsted:client:vg
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.53.106.136 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-53-106-136.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

safeframe-v2.html
acdn.adnxs.com/ast/safeframe/static/0.33.0/html/ Frame 53E2
215 B
560 B
Document
General
Full URL
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/cdn/js/libs/ast/0.33.0/ast-patched.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
7fed7359a85f890580a7e853781ef946a049d93debfc2825c1d100b6588b001d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/

Response headers

Last-Modified
Wed, 21 Oct 2020 14:50:40 GMT
ETag
"5f904ac0-d7"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
173
Cache-Control
max-age=86402
Expires
Fri, 19 Nov 2021 18:56:56 GMT
Date
Thu, 18 Nov 2021 18:56:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
safeframe-v2.html
acdn.adnxs.com/ast/safeframe/static/0.33.0/html/ Frame 68D7
215 B
560 B
Document
General
Full URL
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/cdn/js/libs/ast/0.33.0/ast-patched.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
7fed7359a85f890580a7e853781ef946a049d93debfc2825c1d100b6588b001d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/

Response headers

Last-Modified
Wed, 21 Oct 2020 14:50:40 GMT
ETag
"5f904ac0-d7"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
173
Cache-Control
max-age=86402
Expires
Fri, 19 Nov 2021 18:56:56 GMT
Date
Thu, 18 Nov 2021 18:56:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
sf-ext.js
acdn.adnxs.com/ast/safeframe/static/0.33.0/js/ Frame 53E2
30 KB
12 KB
Script
General
Full URL
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/js/sf-ext.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
d4b2e5e60e16ae183a496d3a7d89d2a9d216fadeaaf5ecd30580816ae0b1b788

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 14:50:40 GMT
Server
nginx/1.13.10
ETag
"5f904ac0-77f0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
12144
Expires
Fri, 19 Nov 2021 18:56:56 GMT
sf-ext.js
acdn.adnxs.com/ast/safeframe/static/0.33.0/js/ Frame 68D7
30 KB
12 KB
Script
General
Full URL
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/js/sf-ext.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
d4b2e5e60e16ae183a496d3a7d89d2a9d216fadeaaf5ecd30580816ae0b1b788

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 14:50:40 GMT
Server
nginx/1.13.10
ETag
"5f904ac0-77f0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
12144
Expires
Fri, 19 Nov 2021 18:56:56 GMT
mediation.js
acdn.adnxs.com/ast/mediation/0.33.0/ Frame 53E2
22 KB
8 KB
Script
General
Full URL
https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/js/sf-ext.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
a447da7124e27d0845b24a257c2d18ea6788e55682a989c939ba034b7e1bea9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 14:50:39 GMT
Server
nginx/1.13.10
ETag
"5f904abf-56a8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
7354
Expires
Fri, 19 Nov 2021 18:56:56 GMT
mediation.js
acdn.adnxs.com/ast/mediation/0.33.0/ Frame 68D7
22 KB
8 KB
Script
General
Full URL
https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/js/sf-ext.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
a447da7124e27d0845b24a257c2d18ea6788e55682a989c939ba034b7e1bea9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 14:50:39 GMT
Server
nginx/1.13.10
ETag
"5f904abf-56a8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
7354
Expires
Fri, 19 Nov 2021 18:56:56 GMT
log_req
fra1-ib.adnxs.com/mediation/v2/ Frame 53E2
0
803 B
Image
General
Full URL
https://fra1-ib.adnxs.com/mediation/v2/log_req?info=MQAAAAMABQEFAQj1w9qMBhDEn4u0mdPT_BEY5Esh3PRnP1KUJEAos4W_PjBWOABAAA..&s=bd5c8bbbe2ebb52185293f1345ca878ff7cd2684
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:54 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8dbfcbe6-ed1c-475f-bc8e-0fd865c12b58
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 66CE
77 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1047 / 308 of 1000 / last-modified: 1637237136"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26822
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 18:56:54 GMT
log_req
fra1-ib.adnxs.com/mediation/v2/ Frame 68D7
0
803 B
Image
General
Full URL
https://fra1-ib.adnxs.com/mediation/v2/log_req?info=MQAAAAMABQEFAQj1w9qMBhDM-P37182ugC4Y5EshNzy9UpYBIEAo2Za_PjBWOABAAA..&s=2feec05e5d63a24e67ed6194e979c1a6ffeddb51
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:54 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f05fb2b2-b610-4d0c-aa00-ead061cedf02
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 58F4
78 KB
26 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
537f05a68252d9bfd7f05788fdf4f0755f1d7408855be918a5cfdc893050ea14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1047 / 628 of 1000 / last-modified: 1637237214"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26933
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 18:56:54 GMT
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ Frame 66CE
345 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 18:56:54 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 58F4
344 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Nov 2021 18:56:54 GMT
integrator.js
adservice.google.de/adsid/ Frame 66CE
107 B
793 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=acdn.adnxs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 66CE
107 B
550 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=acdn.adnxs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 66CE
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4344932209593806&correlator=2386792975971614&output=ldjh&impl=fif&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211118&iu_parts=21712647113%2CNO-VG%2Cweb_desktop%2CNO-VG-wde-skyscraperright&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=180x500%7C160x600&prev_scp=second_price%3D2&eri=4&cdm=acdn.adnxs.com&bc=31&abxe=1&dt=1637261814609&dlt=1637261814464&idt=126&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2557516549&ucis=kbnfdpubhewp&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.vg.no%2F&loc=https%3A%2F%2Facdn.adnxs.com%2Fast%2Fsafeframe%2Fstatic%2F0.33.0%2Fhtml%2Fsafeframe-v2.html&top=www.vg.no&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=2028926305.1637261815&ga_sid=1637261815&ga_hid=1515811067&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8ee01cffc016fda672b2b3df10eb5983e452c5dcecb0637a527089ff564ebb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8174
x-xss-protection
0
google-lineitem-id
4690807376
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234722462
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://acdn.adnxs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 66CE
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73ce232f2bcb63abcd9a691b2f7d9e8d1ba84569be7fac1c61df0aec20523667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9150
x-xss-protection
0
container.html
c60d7171657617802cc0f343061a7f21.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0FFC
6 KB
4 KB
Document
General
Full URL
https://c60d7171657617802cc0f343061a7f21.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 18 Nov 2021 18:56:54 GMT
expires
Fri, 18 Nov 2022 18:56:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 58F4
107 B
166 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=acdn.adnxs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 58F4
107 B
166 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=acdn.adnxs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 58F4
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3565671000389503&correlator=486926005566380&output=ldjh&impl=fif&eid=31063712%2C31063798&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211118&iu_parts=21712647113%2CNO-VG%2Cweb_desktop%2CNO-VG-wde-topboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=980x150%7C728x90&prev_scp=second_price%3D21&eri=4&cdm=acdn.adnxs.com&bc=31&abxe=1&dt=1637261814637&dlt=1637261814475&idt=148&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=268099472&ucis=puztit750qp&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.vg.no%2F&loc=https%3A%2F%2Facdn.adnxs.com%2Fast%2Fsafeframe%2Fstatic%2F0.33.0%2Fhtml%2Fsafeframe-v2.html&top=www.vg.no&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=31938400.1637261815&ga_sid=1637261815&ga_hid=1503615189&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c10a5ca862556e15a835a8771f91e3a26d69d7bd72168681f2e7ea45a99199ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8186
x-xss-protection
0
google-lineitem-id
5292461963
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234806881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://acdn.adnxs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 58F4
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70e3c214cd3ab1b513af7ad0580e332c7ae675d04ce8b20f7b87f7a5c75b31b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9280
x-xss-protection
0
container.html
f533b6ab3f758e64d3a5232da9a146bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B6F
6 KB
4 KB
Document
General
Full URL
https://f533b6ab3f758e64d3a5232da9a146bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 18 Nov 2021 18:56:54 GMT
expires
Fri, 18 Nov 2022 18:56:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 66CE
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 18 Nov 2021 18:56:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 58F4
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 18:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 18 Nov 2021 18:56:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BBF4
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 16:35:30 GMT
expires
Fri, 18 Nov 2022 16:35:30 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3F99
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
12ad62edce4f8153a98a37a8ce140135ec6a2e9c4d119408ca054f55cf437697
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+utpnw1jZU6tweQOlz1K4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 18 Nov 2021 18:56:54 GMT
date
Thu, 18 Nov 2021 18:56:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+utpnw1jZU6tweQOlz1K4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 270C
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 16:35:30 GMT
expires
Fri, 18 Nov 2022 16:35:30 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C058
783 B
739 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5dd8a29a0d306ab9cc31c69ccd1901af59543e016e3c162dec92dc61c159690
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HQPr3Wtz0rlWTpgtVhfbAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 18 Nov 2021 18:56:54 GMT
date
Thu, 18 Nov 2021 18:56:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-HQPr3Wtz0rlWTpgtVhfbAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame BBF4
35 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 12:28:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
23304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 12:28:30 GMT
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 270C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 12:28:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
23304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 12:28:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3F99
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=4344932209593806&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame C058
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3565671000389503&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 58F4
0
120 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=3565671000389503&bg=!t7SltPDNAAZQLpa_UC47ACkAdvg8WgCYQTvkNM8uWbwkTUqjS_gf7psBkS0WfZlW3LEvNM_GMbE0QQIAAAByUgAAAAxoAQeZAslku4QDw7nBBC-ySJoiU2-ug-CWgXEJwEGAcBuDMTf-mECgMvs2kHajoJ-YcMUUo8mP-wwkQOuaC-hedKvTna0x4EAOx4aSiQ06YtayPjDXi5vBwf33_Dt7yqN7c3jdI-82z1LZXJhfGVST2_45mBID0NIhs4axHRlIHLDE_MGki0Bwq-NXo583_-g51aOMFCEgXfHpdaRtM4LSf-jdEWBHz683LXuYM1JeU6pAEGFJtMZHBXF7j2tzfEPkI8x97fJcZQFNcyiBGPLmb-R_tfYzyaaeUQOFeQCLef6kymqW8_77--O6y63AiyGxzr1u2NP-bqAs-BbiqXpPSHsjYRudparL6Z_5sVxLUIAPaNolQSBdu9fF9uUX-9Rv0fQoy5yiCeRR1De8EnFRHXLIlVKG7TvaKF2tHA9FY1o6-8QiivQ3gcqLd3xYzgB01FoMahe7wEflxjSHDcoJaMl3Q8XmZ8B0L20lT-pOjFP_h_vQ_yeoHT3GVtXEGv-4-HIUiXN5K5q7zgUz-s_lerMnEY63_7r-etWwWH_XAhpabwqYSBS5nAEFwR3AoK6ExnmvErTvEYYQvDFVO42QWGlxRA2_ASVvsdnuTqOX1jIsdbH0E_D2X_3H1ZYYJ4iymDDENK2MUBQ3JDUiM_PAI-yg4u--5TQVeM2PKfvwL5tUTbH9qx8gm1KajLfQVJ2JM6gXC-iyp0dqNtmdbxSGCJ1hr0JjgD070liDZaNiVBxlZ4o_jGzxaBWgrngumCVeJAUkXBfV0-xFQ3b18c_ldwg3_VzxBh-L0fC60OwqCah1BgtpDBoVF_ek3pfGTQg-t7bw2eUGVVQshO9QHc2lM0rHln55O1zHcp4heZurS76I2WvJa3ROEE7Ez-pijx7Y2mAY8A0NHDGC9NJ495mPIScVMLd-emiNr34T32QZojTP9BaUZxfVt2HigTJ9WQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 18:56:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66CE
0
57 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=4344932209593806&bg=!i4iliMzNAAZQLpa_UC47ACkAdvg8WnVTv9QQGOjyaaG9QT_jeuxOHuQwmmE9BuFWOpfpnEFM5O2poAIAAACXUgAAAApoAQcKADEp65AWxums9ifGMMUJ6NgG8i1ixNluRVbg1poGIzazM0ePmlUNd_SkB6GmgpYloJYNmQLojDVmPK5cVp4vnJmPha7qADlDTeDNbTKaW-AjIU-b8OMoxqA236PmNjPuNv-JIp_ECP35Cry0IQl9wCdqirOWLEfByQ-o-aR7tnTUquxxE8McE-z2bEVFwBk7UUtmjKTBNeRrVwKtfvF_Yq7t98OTOxD74cGG2egKV1v8ZC8aKk0Cz05tqRGrJ9E3-_rI6gdQO66__uX_pArf-SUX-zw9F81D_CZEIU2u3JsB43UlqagdoYW-FSGL9YYm1ZRCG1mXUiKy-4ZhnGJ7y9nxtIqKsUYsvxRnx_BaQxuytyb2caJM1k17gK9tdW2bN6qSKjW_BH-BxgSJOTpVyuNGVA8LfRqg6Rzx8kPwEguLdHmMXhHmeHOomrcz_x9w__9qfHznwFuu1jSFaCO2dOuzCFnY8byGXKTCm7ugGJnkY4EK9E4_kEtvjVdvixO0oBU0lfo8GGIo6hWKhlCHX7muiudHR-ZcFFmx9ynXuWYU_X8olfcYSRZ5L6PnH6m1B6T25qLpvT6pOlwuTT8J3tMVcbh9-Ma2CeTPRos2l_LnfsQanF-M7eGSJ7zvG6UNl3_18y2DcW8GWj9DUgElwqmdZZU1C3xrWYvqwD9--UGbAUrHyGBqr-p4cBuNVzhix4LhwBZSH9BP9mek36p2A29VFkUoxQgOBfoZxKxH2U0zR8oykx1FFUNvTvH6hlbVyOPR4gg2Yjd1R-HaVho8RIMKkTDW1K6qD_7lUfs3ozn05_9_FFSFPEoicN-oG_ts3X_wQZS4bU3dCftdT7ZZ1TI4iDs-vnlDzbZC2jtBtJG5nkXiltbD5QGNBV8miI2F0AK02aRT9KP0U19UdRNX7Ce7Asu24GyW9iFaUGzrqDMbrGXqw0115AbMJ4_jQp9uo9zzDwaWZ04GF98bdyZYGDP9CgoZTActLjY7i7Dm5HNgj5GM7qTjzs6eOOps516DzyAmvSXUYmVTQrvJW3fByRVnkH4dONctol-SqXM5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 18:56:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 19AF
0
0

noad.js
cdn.adnxs.com/mediation/ Frame 19AF
163 B
451 B
Script
General
Full URL
https://cdn.adnxs.com/mediation/noad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6408fb3f2ba4fec418a6e46730e5b42b9818641f7d5f3da7102bbd9c4873d996

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Last-Modified
Wed, 11 May 2016 16:43:06 GMT
Server
AkamaiNetStorage
ETag
"f9f86b68afb4864f1b17a1e756855da5:1462985686"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19AF
0
0

log_resp
fra1-ib.adnxs.com/mediation/v2/ Frame 53E2
0
803 B
Image
General
Full URL
https://fra1-ib.adnxs.com/mediation/v2/log_resp?info=MQAAAAMABQEFAQj1w9qMBhDEn4u0mdPT_BEY5Esh3PRnP1KUJEAos4W_PjBWOABAAA..&s=bd5c8bbbe2ebb52185293f1345ca878ff7cd2684&reason=2&latency=565
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
faa01013-eec7-4637-b0f1-7a90415ee59f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mtrcs_993451.js
s372.mxcdn.net/bb-mx/serve/ Frame A07E
146 KB
56 KB
Script
General
Full URL
https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b392efe402e4cd59d7eaa259c7fca62133aa67696a8129543603b2eac233946a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Nov 2021 11:27:57 GMT
Server
nginx
ETag
"\W00000570931636716477776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=85547
Connection
keep-alive
Content-Type
text/javascript
Content-Length
57093
Expires
Fri, 19 Nov 2021 18:42:42 GMT
trk.js
cdn.adnxs.com/v/s/221/ Frame A07E
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/221/trk.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Nov 2021 09:57:21 GMT
Server
AkamaiNetStorage
ETag
"f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29240
Expires
Fri, 18 Nov 2022 18:56:55 GMT
435d8ad0-c5f9-4bcd-b6f3-c41bb56b4128.jpg
crcdn01.adnxs-simple.com/creative/p/9700/2021/10/18/29143506/ Frame A07E
82 KB
82 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/9700/2021/10/18/29143506/435d8ad0-c5f9-4bcd-b6f3-c41bb56b4128.jpg
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
da23e413c9497baf74df872ff1c22ed41927ed514ecd6536fc088889d0cd4f0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Last-Modified
Mon, 18 Oct 2021 08:13:36 GMT
Server
nginx/1.19.0
x-amz-request-id
8001526e-5f31-4b38-b97c-b4c11b04809f
X-Clv-Request-Id
8001526e-5f31-4b38-b97c-b4c11b04809f
ETag
"34afb8e6bb21a2f47ca95b5c7529fa5a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83765
Expires
Sun, 02 Jan 2022 18:56:55 GMT
it
fra1-ib.adnxs.com/ Frame 53E2
0
803 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKoCqAoBQAAAwDWAAUBCPXD2owGEMSfi7SZ09P8ERgAKjYJd5yiI7n8zz8ReA0JKBkAAADAHoUxQCF4DRIAKREJ8LwxAAAAYGZmK0Aw0rLcBjjkS0DkS0gCUJfr0JcBWIDTY2AAaL29hQF41NkFgAEBigEDVVNEkgEDTk9LmAG0AaAB9AOoAQawAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6ASFuby12Zy13ZGUtZnJvbnRfc2t5c2NyYXBlcnJpZ2h0XzGKAll1ZignYScsIDU1OTU1OTksIDE2MzcyNjE4MTMpO3VmKCdpJywgNjUwNzgwNSwgMTYzNzI2MTgxMykFHTRyJywgMzE3OTk0MzkxLDIfAPQqAZIC_QMhRWxpWUVBajc1YW9ZRUpmcjBKY0JHQUFnZ05Oak1BSTRBRUFFU09STFVOS3kzQVpZQUdEX19fX19EMmdBY0FGNEFZQUJBWWdCQVpBQkFaZ0JBYUFCQ3FnQkE3QUJBTGtCS0VabVVJcDhBVURCQVh3LVB6X1dfTThfeVFIcS10bDZLMWZ4UDlrQlBCUUYta1ItSVVEZ0FaMmFqUVAxQVFBQUFBQ1lBZ0NnQWdDMUFnQUFBQUM5QWdBQUFBREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNPRFhnQV9jc2dBUUFpQVFBa0FRQW1BUUJ3UVFBQUFBQUFBQUFBTWtFQUFBQUFBQUFBQURZQkFEeEJBDRw4QUFBaUFXWkxha0ZQQlFGCbAMQ3hCUQEaCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKAC4T0FGbnNNQjhBWEVyT0FILUFYUHc5VUNnZ1lEVGs5TGlBWUFrQVlEbUFZQW9RWUEJUDBBaVFLZ0dBYklHSkFrDRMMQUFBQh2_BEJrARIJAQBDHRhATGdHQ2cuLpoCmQEhdHhIbFM-AQIoSURUWXlBRUtBQXgJPpBBQUlrQTZDVVpTUVRFNk5UYzROVUQzTEVrOEZBWDZSSDRoUUZFESsIQUFGHXkARx15AEcdGABIHRgQSGdBaVEdEPDtQS4u2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwHYA5PuL-ADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTkxLjE5OS4xMTguNzaoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQOOTcwMCNGUkExOjU3ODXaBAIIAeAEAfAEl-vQlwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAAUkKPA_0AbZMdoGFgoQBRAdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi5BkAAyAfH1gXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=d2c0f5ec4bf7c5440242e3f500b50f3407c5419f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f9f120ba-c662-4c71-9fff-186ceea04d08
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FCE2
0
0

noad.js
cdn.adnxs.com/mediation/ Frame FCE2
163 B
451 B
Script
General
Full URL
https://cdn.adnxs.com/mediation/noad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6408fb3f2ba4fec418a6e46730e5b42b9818641f7d5f3da7102bbd9c4873d996

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Last-Modified
Wed, 11 May 2016 16:43:06 GMT
Server
AkamaiNetStorage
ETag
"f9f86b68afb4864f1b17a1e756855da5:1462985686"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FCE2
0
0

log_resp
fra1-ib.adnxs.com/mediation/v2/ Frame 68D7
0
803 B
Image
General
Full URL
https://fra1-ib.adnxs.com/mediation/v2/log_resp?info=MQAAAAMABQEFAQj1w9qMBhDM-P37182ugC4Y5EshNzy9UpYBIEAo2Za_PjBWOABAAA..&s=2feec05e5d63a24e67ed6194e979c1a6ffeddb51&reason=2&latency=636
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a7d66f07-2ebf-4ce0-a00c-f7037af233fc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mtrcs_993451.js
s372.mxcdn.net/bb-mx/serve/ Frame 53E2
146 KB
56 KB
Script
General
Full URL
https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by
Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b392efe402e4cd59d7eaa259c7fca62133aa67696a8129543603b2eac233946a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Nov 2021 11:27:57 GMT
Server
nginx
ETag
"\W00000570931636716477776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=85547
Connection
keep-alive
Content-Type
text/javascript
Content-Length
57093
Expires
Fri, 19 Nov 2021 18:42:42 GMT
rd_log
fra1-ib.adnxs.com/ Frame A07E
0
803 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKmD6CmBwAAAwDWAAUBCPXD2owGEMz4_fvXza6ALhgAKjYJNzy9UpYBIEARNw0JJBkAAABACtceQCERGwApEQnwqjEAAACA61H4PzDfstwGOORLQORLSAJQ2Za_PliA02NgAGisqYUBeMfWBYABAYoBA1VTRJIBA05PS5gB1AegAZYBqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEYbm8tdmctd2RlLWZyb250X3RvcGJvYXJkigI8dWYoJ2EnLCAzMDE0NTQ2LCAxNjM3MjYxODEzKTt1ZigncicsIDEzMTA1ODUyMSwgMR0f9EgBkgLBBCFrMmszaGdqMjZjY01FTm1Xdno0WUFDQ0EwMk13QURnQVFBUkk1RXRRMzdMY0JsZ0FZUF9fX184UGFBQndBWGdCZ0FFQmlBRUJrQUVCbUFFQm9BRUJxQUVEc0FFQXVRRTFXTjJQQUlCUlFNRUIyTU52dUpVQklFREpBUUFBQUFBQUFQQV8yUUU4RkFYNlJINGhRT0FCQVBVQkFBQ01RcGdDQUtBQ0FMVUNBQUFBQUwwQ0FBQUFBTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOVGM0TmVBRDl5eUlCQUNRQkFDWUJBR3lCQW9JcU11UEJ4Q1F3WUVOc2dRS0NMUExqd2NRa01HQkRiSUVDZ2pBeTQ4SEVKREJnUTJ5QkFvSTJNdVBCeENRd1lFTndRUUEBxwUBCE1rRQUIBQEYRFlCQUR4QgUMCQFIaUFXWkxhSUZCUWp4eTQ4SHFRVRn4CExFRgkmAQEIREJCMSAUQUFBeVFVAQcJAQBOMigAAFouKAC4NEFXMjdERHdCWmFOc0FQNEJaTF90d0dDQmdOT1QwdUlCaENRQmdHWUJnQ2hCZ0EFUDBnRkZBcUFZQnNnWWtDHXQARR0MAEcdDABJHQw4dUFZS5oClQEhLUJFa1VnNkUCJGdOTmpJQVFvQUQtFEEFfERvSlJsSkJNVG8xTnpnMVFQY3NTVHdVQmZwRWZpRkFVHV0AVx0MAFkdDABhHQwAYx0MEGVBQ0pBHRDI2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL_ICEQoGQURWX0lEEgczMDE0NTQ2BRQIQ1BHBRQYNzA3OTU3NAEUCAVDUAETGAgyNjM0MjYBKDgNCghBRFZfRlJFURIBMPIBEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BVxEPEAsKB0NQFQ4QCQoFSU8BYAQA8gEaBElPFRo4EwoPQ1VTVE9NX01PREVMDSQIGgoWMhYAHExFQUZfTkFNBWoIHgoaNh0ACEFTVAE-EElGSUVEAWIcDQoIU1BMSVQBTfCBATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AOT7i_gAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc2qAQAsgQQCAAQARjUByCWASgAMAA4ArgEAMAEAMgEANIEDjk3MDAjRlJBMTo1Nzg12gQCCAHgBAHwBKEiIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC5AAAADYBQHgBQHqBRkKE2FhLXNjaC1jb3VudHJ5X2NvZGUSAm5vARwAEA0c0HBhZ2VfdHlwZRIFZnJvbnTqBR0KE25vLXNuby1uZXdzLXNlY3Rpb24SBnZnYmV0YeoFIgoVDSB0cHVibGlzaGVyZ3JvdXASCXNjaGlic3RlZOoFIQoSDWEUc3VwcGx5CWM4C3dlYl9kZXNrdG9w6gUWGYUAdQ1JqBICdmfqBR4KGW5vLWdlbmVyaWMtZXh0ZXJuYWxpZF9zcmMSATDqBRgKDW4JoxxkZXZpY2USBxVVCCIKDw2eZHRhcmdldGlkEg9hZHZlcnQtdG9wYm9hcmTqAcMNnhxpbnZlbnRvcg2hMAllZGl0b3JpYWzqBRsVSiRhZGZvcm1hdBIIEUNY8AXO8A76BQQIABAAkAYAmAYAuAYAwQYhfzAAAPA_0AbZMdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4uQZAAMgHx9YF0gcNNdQBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=5d00ec88f183a4445cec834058be25341ff95a96&bdref=https%3A%2F%2Fwww.vg.no%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.vg.no%2F,https%3A%2F%2Facdn.adnxs.com%2Fast%2Fsafeframe%2Fstatic%2F0.33.0%2Fhtml%2Fsafeframe-v2.html,https%3A%2F%2Facdn.adnxs.com%2Fast%2Fsafeframe%2Fstatic%2F0.33.0%2Fhtml%2Fsafeframe-v2.html&
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e3044785-323f-4e1c-ade4-c659c1123fd1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mtrcs_993451.js
s372.mxcdn.net/bb-mx/serve/ Frame D2CE
146 KB
56 KB
Script
General
Full URL
https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b392efe402e4cd59d7eaa259c7fca62133aa67696a8129543603b2eac233946a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Nov 2021 11:27:57 GMT
Server
nginx
ETag
"\W00000570931636716477776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=85547
Connection
keep-alive
Content-Type
text/javascript
Content-Length
57093
Expires
Fri, 19 Nov 2021 18:42:42 GMT
trk.js
cdn.adnxs.com/v/s/221/ Frame D2CE
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/221/trk.js
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Nov 2021 09:57:21 GMT
Server
AkamaiNetStorage
ETag
"f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29240
Expires
Fri, 18 Nov 2022 18:56:55 GMT
48a9df81-2379-4b0c-9bb4-32e3fd1523cf.png
crcdn01.adnxs-simple.com/creative/p/9700/2021/10/12/29019220/ Frame D2CE
51 KB
51 KB
Image
General
Full URL
https://crcdn01.adnxs-simple.com/creative/p/9700/2021/10/12/29019220/48a9df81-2379-4b0c-9bb4-32e3fd1523cf.png
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/mediation/0.33.0/mediation.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.19.0 /
Resource Hash
47d249c45cf9ef63e73f26e1fad6fe0be939de03d05474ed1e9d7f2fa0a5622f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Last-Modified
Tue, 12 Oct 2021 12:06:54 GMT
Server
nginx/1.19.0
x-amz-request-id
1c5f58e7-27df-48eb-9436-22b3681d4063
X-Clv-Request-Id
1c5f58e7-27df-48eb-9436-22b3681d4063
ETag
"b1c2ab5789fd683d7b493eef4fd6792f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51714
Expires
Sun, 02 Jan 2022 18:56:55 GMT
it
fra1-ib.adnxs.com/ Frame 68D7
0
803 B
Image
General
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKfCqAfBQAAAwDWAAUBCPXD2owGEMz4_fvXza6ALhgAKjYJRnwnZr0Y-D8RRg0JJBkAAABACtceQCERGwApEQnwyTEAAACA61H4PzDfstwGOORLQORLSAJQhNWRlwFYgNNjYABorKmFAXjU2QWAAQGKAQNVU0SSAQNOT0uYAdQHoAGsAqgBBrABALgBAcABBMgBAtABANgBAOABAPABAPoBGG5vLXZnLXdkZS1mcm9udF90b3Bib2FyZIoCWXVmKCdhJywgNTM1NzcyMCwgMTYzNzI2MTgxMyk7dWYoJ2knLCA2NTc2MDExLCAxNjM3MjYxODEzKTt1ZigncicsIDMxNjk1OTM2NCwgMTYZH_QqAZIC_QMhcFZZc2VRaTB1N1FZRUlUVmtaY0JHQUFnZ05Oak1BSTRBRUFFU09STFVOLXkzQVpZQUdEX19fX19EMmdBY0FGNEFZQUJBWWdCQVpBQkFaZ0JBYUFCQ3FnQkE3QUJBTGtCYzhtb1VYZFlLa0RCQWZQOVUzekFHUGdfeVFFdFVHWVFIMlh3UDlrQlBCUUYta1ItSVVEZ0FZdXZrUVAxQVFBQUFBQ1lBZ0NnQWdDMUFnQUFBQUM5QWdBQUFBREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNPRFhnQV9jc2dBUUFpQVFBa0FRQW1BUUJ3UVFBQUFBQUFBQUFBTWtFQUFBQUFBQUFBQURZQkFEeEJBDRw4QUFBaUFXWkxha0ZQQlFGCbAMQ3hCUQEaCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKAC4T0FGekpnSjhBWDl2T2tILUFXWWdjY0NnZ1lEVGs5TGlBWUFrQVlEbUFZQW9RWUEJUDBBa1FLZ0dBYklHSkFrDRMMQUFBQh2_BEJrARIJAQBDHRhATGdHQ2cuLpoCmQEhNmhDbjk-AQIoSURUWXlBRUtBQXgJPpBBQUpFQTZDVVpTUVRFNk5UYzROVUQzTEVrOEZBWDZSSDRoUUZFESsIQUFGHXkARx15AEcdGABIHRgQSGdBaVEdEPDtQS4u2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwHYA5PuL-ADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTkxLjE5OS4xMTguNzaoBACyBBAIABABGNQHIJYBKAAwADgCuAQAwAQAyAQA0gQOOTcwMCNGUkExOjU3ODXaBAIIAeAEAfAEhNWRlwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAAUkKPA_0AbZMdoGFgoQBRAdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi5BkAAyAfH1gXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=4529766de9ea7147a30093f08df44bc7aafcaf25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3f74ebb2-1dc9-4cf1-bbe8-55a0db677eea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame A07E
0
824 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKoCqAoBQAAAwDWAAUBCPXD2owGEMSfi7SZ09P8ERgAKjYJd5yiI7n8zz8ReA0JKBkAAADAHoUxQCF4DRIAKREJ8LwxAAAAYGZmK0Aw0rLcBjjkS0DkS0gCUJfr0JcBWIDTY2AAaL29hQF41NkFgAEBigEDVVNEkgEDTk9LmAG0AaAB9AOoAQawAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6ASFuby12Zy13ZGUtZnJvbnRfc2t5c2NyYXBlcnJpZ2h0XzGKAll1ZignYScsIDU1OTU1OTksIDE2MzcyNjE4MTMpO3VmKCdpJywgNjUwNzgwNSwgMTYzNzI2MTgxMykFHTRyJywgMzE3OTk0MzkxLDIfAPQqAZIC_QMhRWxpWUVBajc1YW9ZRUpmcjBKY0JHQUFnZ05Oak1BSTRBRUFFU09STFVOS3kzQVpZQUdEX19fX19EMmdBY0FGNEFZQUJBWWdCQVpBQkFaZ0JBYUFCQ3FnQkE3QUJBTGtCS0VabVVJcDhBVURCQVh3LVB6X1dfTThfeVFIcS10bDZLMWZ4UDlrQlBCUUYta1ItSVVEZ0FaMmFqUVAxQVFBQUFBQ1lBZ0NnQWdDMUFnQUFBQUM5QWdBQUFBREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNPRFhnQV9jc2dBUUFpQVFBa0FRQW1BUUJ3UVFBQUFBQUFBQUFBTWtFQUFBQUFBQUFBQURZQkFEeEJBDRw4QUFBaUFXWkxha0ZQQlFGCbAMQ3hCUQEaCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKAC4T0FGbnNNQjhBWEVyT0FILUFYUHc5VUNnZ1lEVGs5TGlBWUFrQVlEbUFZQW9RWUEJUDBBaVFLZ0dBYklHSkFrDRMMQUFBQh2_BEJrARIJAQBDHRhATGdHQ2cuLpoCmQEhdHhIbFM-AQIoSURUWXlBRUtBQXgJPpBBQUlrQTZDVVpTUVRFNk5UYzROVUQzTEVrOEZBWDZSSDRoUUZFESsIQUFGHXkARx15AEcdGABIHRgQSGdBaVEdEPDtQS4u2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwHYA5PuL-ADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTkxLjE5OS4xMTguNzaoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQOOTcwMCNGUkExOjU3ODXaBAIIAeAEAfAEl-vQlwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAAUkKPA_0AbZMdoGFgoQBRAdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi5BkAAyAfH1gXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=d2c0f5ec4bf7c5440242e3f500b50f3407c5419f&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=500&sid=2225058431683285934&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14096722&sw=1600&sh=1200&pw=180&ph=508&ww=180&wh=500&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5472d9d0-a822-4361-b7d3-5b2b176b73ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://acdn.adnxs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
stat
stat.meetrics.net/ Frame 53E2
82 B
351 B
Script
General
Full URL
https://stat.meetrics.net/stat
Requested by
Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.47.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h489.meetrics.de
Software
nginx /
Resource Hash
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Cache-Control
private, no-cache, must-revalidate
Last-Modified
Thu, 18 Nov 2021 18:56:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gettag
s372.meetrics.net/bb-mxad/ Frame 53E2
0
208 B
Script
General
Full URL
https://s372.meetrics.net/bb-mxad/gettag
Requested by
Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.36.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h399.meetrics.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Cache-control
private,must-revalidate
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
submit
b200.s372.meetrics.net/bb-mx/ Frame 53E2
43 B
291 B
Image
General
Full URL
https://b200.s372.meetrics.net/bb-mx/submit?/G33uBGAAA/whFJBo0F0wFz6BvvAhjFkuFuhEkuF4zFujEvtFvhEz0FvzEhmFlmFyhFtlFvzE0hF0pFjvBwuAzzAuwAvoE0tFsvBzhFmlFmyFhtFltB2yBuoE0tFsBFxpyFo0F0wFz6BvvA33F3uB2nFuuEvvB+k2FoywAyxAtxAxtAxyAtxAx6Ay3At5A5zA01AxtAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2Az3Ay2Ax4Ax0Az1A3BEjwtFuvFulFnqnFluFtVETsBluFLlnFB/k0FbCxgAwqFpkF95A5zA01AxmAjwFpkF91AxwAzyA4yA3mAzpF0lF9zA42A1zA40AmwEshFjlF9xA0wA52A3yAymAjpFk9BzxA35A50Az5AxmAhkFj9BxzAxxA0yA3mAhkF29B11A51A15A5mAhwFh9B21Aw3A4wA1mAhwFi9Bx2Ay1A42Ay4AmhEwjF95A3wAwmAzpF6lF9oElzF0lFzrFvmBjiF9yAw3Ay2A02AzyAyBETkzF7FAAAAAA0C0H0HAPAAAAAAAAAOAAAAGCAAAAA0C0H0HABPBAAAAAAAABAOxASksFoChAAAAAAAAAAAAEAAAAOxAAAAAAAIA1xAwzAy4Ay3AIAx0Aw5A23AyyAHAz4A21Az4A0BEIAolFz0FlzFrvFJAzxA35A50Az5AxBEHAxzAxxA0yA3BEAAAAHA11A51A15A5BEHA21Aw3A4wA1BEIAx2Ay1A42Ay4AEA53AwwAQtjFdKMjTA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.239.192.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h533.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Thu, 18 Nov 2021 18:56:54 GMT
data
b200.s372.meetrics.net/ Frame 53E2
43 B
308 B
Image
General
Full URL
https://b200.s372.meetrics.net/data?/G33uCgAAAL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBETkzFuZEAAFAx8Ey8ExBEGAywAx2AwwArKcnAPAAAFAAAOxTKcnASksFROdAAAAAA0CA0HAFAAAKcnAAAtBo0F0wFz6BvvAjyFjkFuwBxuAhkFu4FztBzpFtwFslFujEvtFvjEylFh0Fp2FlvBwvB53AwwAvyAwyAxvAxwAvxA4vAy5Ax0Az1Aw2Av0Az1Ak4BhkFwtAj1Bm5Bt0AijFktBi2BmzBtjE0xAiiF12Ai0BxyA4uAqwFnBFCATTFAAAAAAAAAAAAQHo0F0wFz6BvvAmyFhxBtpEiuBhkFu4FzuBjvFtvBjsFpjFr/Bk1B5pFJ3Bu4B66F50AuLFJqF1mF6QFQ3FBBFBNFBlFoUFGBFlKF5pFJ3Bu4B66F50AuLFJqF1mF6QFQ4BUQFnwFhaFU2FrSF4yBzsEK1BjwFtVFuxBvaFaoFBBFBBFBGFJaFx3EErFKRFBBF1DEVBFBBFJBFBBFDYFOmFRTFnPFrZFBBFBBFBBFCWFVwBRBFUrF5MEBMFRBF2BFL5BYnFBBFxHE3HFBRFRDFBBFBBFBNFJBFhDF3BF53EBBFBBFBuBviEjyF9BEBBFBBFBBFB4BE4B9vAjuFk9BlyAx0E4IFsTFBqF31AhvFZFFKmFywBKjFCHFJEFUZF5BFFLFBBF4BFBBFBBFBBFBJFrBF2DEVaFTRFUFF2OEUjF0OEVEFzMEFrF4GEBYF2SEI0BoRFGFFBBFBBFBBFBBFBBFGrFBBFBBFBBFBBFBBFHFFBBFBBFBBFBBFBBFHrFBBFBBFBBFBBFBBFIFFBBFBBFBBFBBFBBFInFBpFRFFBBFBBFBBFBBFBBFBuBuvAjjFh9BPUFj3FNDFOHFVrFF4FPqFVzBPEFV9BviEu9B5zAz5A2vAjsFpjFrlFujF9oE00FwzFlzABlByGElyAG3F33FukEl0F1yFuuEvlByGEj5FilFytFvuF0oFDAJNFHBFQtjFPjHBWA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.239.192.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h533.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:54 GMT
data
b200.s372.meetrics.net/ Frame 53E2
43 B
308 B
Image
General
Full URL
https://b200.s372.meetrics.net/data?/G33uDhAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFkeVNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.239.192.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h533.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:54 GMT
mtrcs_993451.js
s372.mxcdn.net/bb-mx/serve/ Frame 68D7
146 KB
56 KB
Script
General
Full URL
https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by
Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b392efe402e4cd59d7eaa259c7fca62133aa67696a8129543603b2eac233946a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Nov 2021 11:27:57 GMT
Server
nginx
ETag
"\W00000570931636716477776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=85547
Connection
keep-alive
Content-Type
text/javascript
Content-Length
57093
Expires
Fri, 19 Nov 2021 18:42:42 GMT
rd_log
fra1-ib.adnxs.com/ Frame D2CE
0
803 B
Script
General
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKmD6CmBwAAAwDWAAUBCPXD2owGEMz4_fvXza6ALhgAKjYJNzy9UpYBIEARNw0JJBkAAABACtceQCERGwApEQnwqjEAAACA61H4PzDfstwGOORLQORLSAJQ2Za_PliA02NgAGisqYUBeMfWBYABAYoBA1VTRJIBA05PS5gB1AegAZYBqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEYbm8tdmctd2RlLWZyb250X3RvcGJvYXJkigI8dWYoJ2EnLCAzMDE0NTQ2LCAxNjM3MjYxODEzKTt1ZigncicsIDEzMTA1ODUyMSwgMR0f9EgBkgLBBCFrMmszaGdqMjZjY01FTm1Xdno0WUFDQ0EwMk13QURnQVFBUkk1RXRRMzdMY0JsZ0FZUF9fX184UGFBQndBWGdCZ0FFQmlBRUJrQUVCbUFFQm9BRUJxQUVEc0FFQXVRRTFXTjJQQUlCUlFNRUIyTU52dUpVQklFREpBUUFBQUFBQUFQQV8yUUU4RkFYNlJINGhRT0FCQVBVQkFBQ01RcGdDQUtBQ0FMVUNBQUFBQUwwQ0FBQUFBTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOVGM0TmVBRDl5eUlCQUNRQkFDWUJBR3lCQW9JcU11UEJ4Q1F3WUVOc2dRS0NMUExqd2NRa01HQkRiSUVDZ2pBeTQ4SEVKREJnUTJ5QkFvSTJNdVBCeENRd1lFTndRUUEBxwUBCE1rRQUIBQEYRFlCQUR4QgUMCQFIaUFXWkxhSUZCUWp4eTQ4SHFRVRn4CExFRgkmAQEIREJCMSAUQUFBeVFVAQcJAQBOMigAAFouKAC4NEFXMjdERHdCWmFOc0FQNEJaTF90d0dDQmdOT1QwdUlCaENRQmdHWUJnQ2hCZ0EFUDBnRkZBcUFZQnNnWWtDHXQARR0MAEcdDABJHQw4dUFZS5oClQEhLUJFa1VnNkUCJGdOTmpJQVFvQUQtFEEFfERvSlJsSkJNVG8xTnpnMVFQY3NTVHdVQmZwRWZpRkFVHV0AVx0MAFkdDABhHQwAYx0MEGVBQ0pBHRDI2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL_ICEQoGQURWX0lEEgczMDE0NTQ2BRQIQ1BHBRQYNzA3OTU3NAEUCAVDUAETGAgyNjM0MjYBKDgNCghBRFZfRlJFURIBMPIBEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BVxEPEAsKB0NQFQ4QCQoFSU8BYAQA8gEaBElPFRo4EwoPQ1VTVE9NX01PREVMDSQIGgoWMhYAHExFQUZfTkFNBWoIHgoaNh0ACEFTVAE-EElGSUVEAWIcDQoIU1BMSVQBTfCBATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AOT7i_gAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc2qAQAsgQQCAAQARjUByCWASgAMAA4ArgEAMAEAMgEANIEDjk3MDAjRlJBMTo1Nzg12gQCCAHgBAHwBKEiIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC5AAAADYBQHgBQHqBRkKE2FhLXNjaC1jb3VudHJ5X2NvZGUSAm5vARwAEA0c0HBhZ2VfdHlwZRIFZnJvbnTqBR0KE25vLXNuby1uZXdzLXNlY3Rpb24SBnZnYmV0YeoFIgoVDSB0cHVibGlzaGVyZ3JvdXASCXNjaGlic3RlZOoFIQoSDWEUc3VwcGx5CWM4C3dlYl9kZXNrdG9w6gUWGYUAdQ1JqBICdmfqBR4KGW5vLWdlbmVyaWMtZXh0ZXJuYWxpZF9zcmMSATDqBRgKDW4JoxxkZXZpY2USBxVVCCIKDw2eZHRhcmdldGlkEg9hZHZlcnQtdG9wYm9hcmTqAcMNnhxpbnZlbnRvcg2hMAllZGl0b3JpYWzqBRsVSiRhZGZvcm1hdBIIEUNY8AXO8A76BQQIABAAkAYAmAYAuAYAwQYhfzAAAPA_0AbZMdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4uQZAAMgHx9YF0gcNNdQBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=5d00ec88f183a4445cec834058be25341ff95a96&bdref=https%3A%2F%2Fwww.vg.no%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.vg.no%2F,https%3A%2F%2Facdn.adnxs.com%2Fast%2Fsafeframe%2Fstatic%2F0.33.0%2Fhtml%2Fsafeframe-v2.html,https%3A%2F%2Facdn.adnxs.com%2Fast%2Fsafeframe%2Fstatic%2F0.33.0%2Fhtml%2Fsafeframe-v2.html&
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/safeframe/static/0.33.0/html/safeframe-v2.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b8b6c179-4230-489d-b4c2-ed4575c4b6ca
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
stat
stat.meetrics.net/ Frame 68D7
82 B
351 B
Script
General
Full URL
https://stat.meetrics.net/stat
Requested by
Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.47.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h489.meetrics.de
Software
nginx /
Resource Hash
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Cache-Control
private, no-cache, must-revalidate
Last-Modified
Thu, 18 Nov 2021 18:56:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gettag
s372.meetrics.net/bb-mxad/ Frame 68D7
0
208 B
Script
General
Full URL
https://s372.meetrics.net/bb-mxad/gettag
Requested by
Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.36.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h399.meetrics.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 18:56:55 GMT
Cache-control
private,must-revalidate
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
submit
b14.s372.meetrics.net/bb-mx/ Frame 68D7
43 B
291 B
Image
General
Full URL
https://b14.s372.meetrics.net/bb-mx/submit?/UA5OBIAAA/whFJBo0F0wFz6BvvAhjFkuFuhEkuF4zFujEvtFvhEz0FvzEhmFlmFyhFtlFvzE0hF0pFjvBwuAzzAuwAvoE0tFsvBzhFmlFmyFhtFltB2yBuoE0tFsBFxpyFo0F0wFz6BvvA33F3uB2nFuuEvvB+k2FoywAyxAtxAxtAxyAtxAx6Ay3At5A5zA01AxtAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2Az3Ay2Ax4Ax0Az2A2BEjwtFuvFulFnqnFluFtVETsBluFLlnFB/k0FbCxgAwqFpkF95A5zA01AxmAjwFpkF91AxxA5xAyyAwmAzpF0lF9zA42A1zA40AmwEshFjlF9xA0wA52A3zA1mAjpFk9BzxA25A15Az2A0mAhkFj9BxzAxxA0yA3mAhkF29B1zA13A3yAwmAhwFh9B21A32AwxAxmAhwFi9Bx2A0wA4xA45AmhEwjF95A3wAwmAzpF6lF9oElzF0lFzrFvmBjiF9yAw3Ay2A02AzyAyBETkzF7FAAAAAAUPsEsEAPAAAAAAAAAOAAAAGCAAAAAUPsEsEABPBAAAAAAAAB6z1ASksFoChAAAAAAAAAAAAEAAA6z1AAAAAAAIA1xAx5AxyAywAIAx0Aw5A23Az1AHAz4A21Az4A0BEIAolFz0FlzFrvFJAzxA25A15Az2A0BEHAxzAxxA0yA3BEAAAAHA1zA13A3yAwBEHA21A32AwxAxBEIAx2A0wA4xA45AEA53AwwAQtjFyKpkTA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.218.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h238.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Thu, 18 Nov 2021 18:56:54 GMT
data
b14.s372.meetrics.net/ Frame 68D7
43 B
308 B
Image
General
Full URL
https://b14.s372.meetrics.net/data?/UA5OChAAAL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBETkzFuZGAAFAx8Ey8ExBEGAyyAw0AxwArpSvAPAAAFAA6z1TpSvASksF/QdAAAAAAUPAsEAFAAApSvAAAtBo0F0wFz6BvvAjyFjkFuwBxuAhkFu4FztBzpFtwFslFujEvtFvjEylFh0Fp2FlvBwvB53AwwAvyAwyAxvAxwAvxAyvAy5AwxA5yAywAv0A4hE5kEm4BxtAyzA35At0AiwBjtB5iEi0BtzAylEzmEkxB1yAzjEmuBwuFnBFCAMCFAAAAAAAAAAAADJo0F0wFz6BvvAmyFhxBtpEiuBhkFu4FzuBjvFtvBjsFpjFr/BSuF3uFayFwZEtEE5HEmDFktF2SFq0BQ3FBBFBFFBLFx4E1BESuF3uFayFwZEtEE5HEmDFktF2SFq0BQwB44BmzB50E1nFB1F4yBzsEK1BjwFtVFuxBvaFaoFBBFBBFBGF4aEx3EErFKRFBBF1DEVBFBBFJBFBBFDFFh1FRTFnPFrZFBBFBBFBBFCWFVwBRBFUrF5MEBOFREFsnFDzFWBFBBFxHE3HFBRFRDFBBFBBFBNFJBFqpFX3BN3FBBFBBFBuBviEjyF9BEBBFBBFBBFB4BE4B9vAjuFk9BlyAx2AoDFu5BRpFw1E3REZFFJUFWrFajFCHFJEFUZF5BFFLFBBF4BFBBFBBFBBFBKFFBF2DEVaFTRFUFF2OEUjF0OEVEFzMEFrF4GEBYF2SEI0BoRFGFFBBFBBFBBFBBFBBFGrFBBFBBFBBFBBFBBFHFFBBFBBFBBFBBFBBFHrFBBFBBFBBFBBFBBFIFFBBFBBFBBFBBFBBFInFBpFRFFBBFBBFBBFBBFBBFBuBuvAjjFh9BPUFj3FNDFOHFVrFF4FPqFVzBPEFV9BviEu9B5zAz5A2vAjsFpjFrlFujF9oE00FwzFlzABlByGElyAGoFhwFw5Fi5F0lFzuBuvFlyAGmFslF4tBwsF1zFztB3tAniFlyAGlBzGE10FtfFzvF1yFjlFlzAEzFjoFizF0lFkfFjwFjlBy2A10FtfFtlFkpF1tFlzAEkFpzFwlBy2A10FtfFjhFtwFhpFnuFlzAEmFw3BniFfwFypFzrF10F0lBy2A10FtfFjvFu0FluF0lBzEE0lFrfFzpF0hF0BFDAJNFHBFQtjF/9cSXA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.218.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h238.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:54 GMT
data
b14.s372.meetrics.net/ Frame 68D7
43 B
308 B
Image
General
Full URL
https://b14.s372.meetrics.net/data?/UA5ODiAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjF7cVNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.218.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h238.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:54 GMT
vevent
fra1-ib.adnxs.com/ Frame D2CE
0
824 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKfCqAfBQAAAwDWAAUBCPXD2owGEMz4_fvXza6ALhgAKjYJRnwnZr0Y-D8RRg0JJBkAAABACtceQCERGwApEQnwyTEAAACA61H4PzDfstwGOORLQORLSAJQhNWRlwFYgNNjYABorKmFAXjU2QWAAQGKAQNVU0SSAQNOT0uYAdQHoAGsAqgBBrABALgBAcABBMgBAtABANgBAOABAPABAPoBGG5vLXZnLXdkZS1mcm9udF90b3Bib2FyZIoCWXVmKCdhJywgNTM1NzcyMCwgMTYzNzI2MTgxMyk7dWYoJ2knLCA2NTc2MDExLCAxNjM3MjYxODEzKTt1ZigncicsIDMxNjk1OTM2NCwgMTYZH_QqAZIC_QMhcFZZc2VRaTB1N1FZRUlUVmtaY0JHQUFnZ05Oak1BSTRBRUFFU09STFVOLXkzQVpZQUdEX19fX19EMmdBY0FGNEFZQUJBWWdCQVpBQkFaZ0JBYUFCQ3FnQkE3QUJBTGtCYzhtb1VYZFlLa0RCQWZQOVUzekFHUGdfeVFFdFVHWVFIMlh3UDlrQlBCUUYta1ItSVVEZ0FZdXZrUVAxQVFBQUFBQ1lBZ0NnQWdDMUFnQUFBQUM5QWdBQUFBREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNPRFhnQV9jc2dBUUFpQVFBa0FRQW1BUUJ3UVFBQUFBQUFBQUFBTWtFQUFBQUFBQUFBQURZQkFEeEJBDRw4QUFBaUFXWkxha0ZQQlFGCbAMQ3hCUQEaCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKAC4T0FGekpnSjhBWDl2T2tILUFXWWdjY0NnZ1lEVGs5TGlBWUFrQVlEbUFZQW9RWUEJUDBBa1FLZ0dBYklHSkFrDRMMQUFBQh2_BEJrARIJAQBDHRhATGdHQ2cuLpoCmQEhNmhDbjk-AQIoSURUWXlBRUtBQXgJPpBBQUpFQTZDVVpTUVRFNk5UYzROVUQzTEVrOEZBWDZSSDRoUUZFESsIQUFGHXkARx15AEcdGABIHRgQSGdBaVEdEPDtQS4u2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwHYA5PuL-ADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTkxLjE5OS4xMTguNzaoBACyBBAIABABGNQHIJYBKAAwADgCuAQAwAQAyAQA0gQOOTcwMCNGUkExOjU3ODXaBAIIAeAEAfAEhNWRlwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAAUkKPA_0AbZMdoGFgoQBRAdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi5BkAAyAfH1gXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=4529766de9ea7147a30093f08df44bc7aafcaf25&type=nv&nvt=5&jm=1003&px=0&py=0&bw=980&bh=300&sid=2225058431683285934&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14096735&sw=1600&sh=1200&pw=980&ph=308&ww=980&wh=300&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0b13c7b7-20c5-4d5a-8465-136b6c188065
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://acdn.adnxs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
data
b200.s372.meetrics.net/ Frame 53E2
43 B
308 B
Image
General
Full URL
https://b200.s372.meetrics.net/data?/G33uEpDAAwrvFo0F0wFz6BvvA33F3uB2nFuuEvBFLruFBLkqFFlqwF55Az0A1xALl1FDLkqFK0kyB55Az0A1xA6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az3Ay2Ax4Ax0Az1A3yE3wAziEjwBx6FwBEL2vFB/k0FbCxgAwqFpkF95A5zA01AxmAjwFpkF91AxwAzyA4yA3mAzpF0lF9zA42A1zA40AmwEshFjlF9xA0wA52A3yAymAjpFk9BzxA35A50Az5AxmAhkFj9BxzAxxA0yA3mAhkF29B11A51A15A5mAhwFh9B21Aw3A4wA1mAhwFi9Bx2Ay1A42Ay4AmhEwjF95A3wAwmAzpF6lF9oElzF0lFzrFvmBjiF9yAw3Ay2A02AzyAyBEOprFriyDOqwFriyDlqwF55Az0A1xALkmFBTkzFzPoAAAZAwSAcAAAAQHBAAAAAAAYAAAA3BAQAAAAAAAAAXAAAA3BARksFAQtjFUOOySA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.239.192.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h533.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:54 GMT
data
b14.s372.meetrics.net/ Frame 68D7
43 B
308 B
Image
General
Full URL
https://b14.s372.meetrics.net/data?/UA5OEqDAAwrvFo0F0wFz6BvvA33F3uB2nFuuEvBFLruFBLkqFFlqwF55Az0A1xALl1FDLkqFK0kyB55Az0A1xA6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az3Ay2Ax4Ax0Az2A22AsqFzoFxpEiiFoBFL2vFB/k0FbCxgAwqFpkF95A5zA01AxmAjwFpkF91AxxA5xAyyAwmAzpF0lF9zA42A1zA40AmwEshFjlF9xA0wA52A3zA1mAjpFk9BzxA25A15Az2A0mAhkFj9BxzAxxA0yA3mAhkF29B1zA13A3yAwmAhwFh9B21A32AwxAxmAhwFi9Bx2A0wA4xA45AmhEwjF95A3wAwmAzpF6lF9oElzF0lFzrFvmBjiF9yAw3Ay2A02AzyAyBEOprFriyDOqwFriyDlqwF55Az0A1xALkmFBTkzFzPrAAAZAwSAcAAAAQZAAAAAAAAYAAAAOBAQAAAAAAAAAXAAAAOBARksFAQtjFM7mySA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.218.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h238.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:54 GMT
vevent
fra1-ib.adnxs.com/ Frame A07E
0
824 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKoCqAoBQAAAwDWAAUBCPXD2owGEMSfi7SZ09P8ERgAKjYJd5yiI7n8zz8ReA0JKBkAAADAHoUxQCF4DRIAKREJ8LwxAAAAYGZmK0Aw0rLcBjjkS0DkS0gCUJfr0JcBWIDTY2AAaL29hQF41NkFgAEBigEDVVNEkgEDTk9LmAG0AaAB9AOoAQawAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6ASFuby12Zy13ZGUtZnJvbnRfc2t5c2NyYXBlcnJpZ2h0XzGKAll1ZignYScsIDU1OTU1OTksIDE2MzcyNjE4MTMpO3VmKCdpJywgNjUwNzgwNSwgMTYzNzI2MTgxMykFHTRyJywgMzE3OTk0MzkxLDIfAPQqAZIC_QMhRWxpWUVBajc1YW9ZRUpmcjBKY0JHQUFnZ05Oak1BSTRBRUFFU09STFVOS3kzQVpZQUdEX19fX19EMmdBY0FGNEFZQUJBWWdCQVpBQkFaZ0JBYUFCQ3FnQkE3QUJBTGtCS0VabVVJcDhBVURCQVh3LVB6X1dfTThfeVFIcS10bDZLMWZ4UDlrQlBCUUYta1ItSVVEZ0FaMmFqUVAxQVFBQUFBQ1lBZ0NnQWdDMUFnQUFBQUM5QWdBQUFBREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNPRFhnQV9jc2dBUUFpQVFBa0FRQW1BUUJ3UVFBQUFBQUFBQUFBTWtFQUFBQUFBQUFBQURZQkFEeEJBDRw4QUFBaUFXWkxha0ZQQlFGCbAMQ3hCUQEaCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKAC4T0FGbnNNQjhBWEVyT0FILUFYUHc5VUNnZ1lEVGs5TGlBWUFrQVlEbUFZQW9RWUEJUDBBaVFLZ0dBYklHSkFrDRMMQUFBQh2_BEJrARIJAQBDHRhATGdHQ2cuLpoCmQEhdHhIbFM-AQIoSURUWXlBRUtBQXgJPpBBQUlrQTZDVVpTUVRFNk5UYzROVUQzTEVrOEZBWDZSSDRoUUZFESsIQUFGHXkARx15AEcdGABIHRgQSGdBaVEdEPDtQS4u2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwHYA5PuL-ADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTkxLjE5OS4xMTguNzaoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQOOTcwMCNGUkExOjU3ODXaBAIIAeAEAfAEl-vQlwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAAUkKPA_0AbZMdoGFgoQBRAdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi5BkAAyAfH1gXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=d2c0f5ec4bf7c5440242e3f500b50f3407c5419f&type=pv&jm=1003&px=0&py=0&bw=180&bh=500&sf=1&sid=2225058431683285934&vd=ct~0|rr~5&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14096722&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:56 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b103369d-ef72-4d82-ba4c-e019e91f7b75
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://acdn.adnxs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuidj
secure.adnxs.com/
29 B
856 B
Fetch
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e717a94e78117107ea16a4e7739711b89b60360cb8d449d4a2f0382ea40f5dba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.vg.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:56 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
992eb627-c099-4730-bfc5-a8a6da83a293
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.vg.no
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
identify
cis.schibsted.com/api/v1/
896 B
1 KB
Fetch
General
Full URL
https://cis.schibsted.com/api/v1/identify
Requested by
Host: www.vg.no
URL: https://www.vg.no/vgc/frimand/js/vendors-node_modules_spt-tracking_pulse-sdk_dist_ejs_index_js.c5e4346d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.53.178.57 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-53-178-57.eu-north-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
734e9009029d1d6c9de783193f9c13dfbe6323383a03ba33a204d658570bf897
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.vg.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/json

Response headers

date
Thu, 18 Nov 2021 18:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Finatra
x-frame-options
DENY
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.vg.no
access-control-max-age
86400
cache-control
private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'
access-control-allow-headers
X-Requested-With,content-type,content-length
content-length
672
identify
cis.schibsted.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://cis.schibsted.com/api/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.53.178.57 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-53-178-57.eu-north-1.compute.amazonaws.com
Software
Finatra /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.vg.no
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 18 Nov 2021 18:56:56 GMT
content-type
application/json; charset=utf-8
content-length
28
server
Finatra
cache-control
private, no-cache, proxy-revalidate, max-age=0
x-frame-options
DENY
access-control-max-age
86400
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'none'
access-control-allow-origin
https://www.vg.no
access-control-allow-headers
X-Requested-With,content-type,content-length
access-control-allow-methods
POST, OPTIONS
access-control-allow-credentials
true
content-encoding
gzip
vevent
fra1-ib.adnxs.com/ Frame D2CE
0
824 B
Ping
General
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.vg.no%2F&e=wqT_3QKfCqAfBQAAAwDWAAUBCPXD2owGEMz4_fvXza6ALhgAKjYJRnwnZr0Y-D8RRg0JJBkAAABACtceQCERGwApEQnwyTEAAACA61H4PzDfstwGOORLQORLSAJQhNWRlwFYgNNjYABorKmFAXjU2QWAAQGKAQNVU0SSAQNOT0uYAdQHoAGsAqgBBrABALgBAcABBMgBAtABANgBAOABAPABAPoBGG5vLXZnLXdkZS1mcm9udF90b3Bib2FyZIoCWXVmKCdhJywgNTM1NzcyMCwgMTYzNzI2MTgxMyk7dWYoJ2knLCA2NTc2MDExLCAxNjM3MjYxODEzKTt1ZigncicsIDMxNjk1OTM2NCwgMTYZH_QqAZIC_QMhcFZZc2VRaTB1N1FZRUlUVmtaY0JHQUFnZ05Oak1BSTRBRUFFU09STFVOLXkzQVpZQUdEX19fX19EMmdBY0FGNEFZQUJBWWdCQVpBQkFaZ0JBYUFCQ3FnQkE3QUJBTGtCYzhtb1VYZFlLa0RCQWZQOVUzekFHUGdfeVFFdFVHWVFIMlh3UDlrQlBCUUYta1ItSVVEZ0FZdXZrUVAxQVFBQUFBQ1lBZ0NnQWdDMUFnQUFBQUM5QWdBQUFBREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVTNPRFhnQV9jc2dBUUFpQVFBa0FRQW1BUUJ3UVFBQUFBQUFBQUFBTWtFQUFBQUFBQUFBQURZQkFEeEJBDRw4QUFBaUFXWkxha0ZQQlFGCbAMQ3hCUQEaCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKAC4T0FGekpnSjhBWDl2T2tILUFXWWdjY0NnZ1lEVGs5TGlBWUFrQVlEbUFZQW9RWUEJUDBBa1FLZ0dBYklHSkFrDRMMQUFBQh2_BEJrARIJAQBDHRhATGdHQ2cuLpoCmQEhNmhDbjk-AQIoSURUWXlBRUtBQXgJPpBBQUpFQTZDVVpTUVRFNk5UYzROVUQzTEVrOEZBWDZSSDRoUUZFESsIQUFGHXkARx15AEcdGABIHRgQSGdBaVEdEPDtQS4u2AKH7QHgAsb5SuoCEmh0dHBzOi8vd3d3LnZnLm5vL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwHYA5PuL-ADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTkxLjE5OS4xMTguNzaoBACyBBAIABABGNQHIJYBKAAwADgCuAQAwAQAyAQA0gQOOTcwMCNGUkExOjU3ODXaBAIIAeAEAfAEhNWRlwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGAAUkKPA_0AbZMdoGFgoQBRAdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi5BkAAyAfH1gXSBw0JETsBOAjaBwYJJ0TgBwDqBwIIAPAHopADiggCEAA.&s=4529766de9ea7147a30093f08df44bc7aafcaf25&type=pv&jm=1003&px=0&py=0&bw=980&bh=300&sf=1&sid=2225058431683285934&vd=ct~0|rr~5&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14096735&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:56 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
db7e0336-4970-4593-9b27-6292d48f821d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://acdn.adnxs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
data
b200.s372.meetrics.net/ Frame 53E2
43 B
308 B
Image
General
Full URL
https://b200.s372.meetrics.net/data?/G33uF9XAATkzFARksFAQtjF1qJNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.239.192.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h533.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:56 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:55 GMT
data
b14.s372.meetrics.net/ Frame 68D7
43 B
308 B
Image
General
Full URL
https://b14.s372.meetrics.net/data?/UA5OF+XAATkzFARksFAQtjFjnJNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.218.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h238.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:56 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:55 GMT
data
b200.s372.meetrics.net/ Frame 53E2
43 B
308 B
Image
General
Full URL
https://b200.s372.meetrics.net/data?/G33uGH7AAl2yFuvFfhFwpFTkzFARksFAQtjFGkRNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.239.192.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h533.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:57 GMT
data
b14.s372.meetrics.net/ Frame 68D7
43 B
308 B
Image
General
Full URL
https://b14.s372.meetrics.net/data?/UA5OGI7AAl2yFuvFfhFwpFTkzFARksFAQtjFdiRNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.218.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h238.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 18:56:59 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Thu, 18-Nov-21 18:56:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCD1yy3ARK7q6acPKH_cBgEGeE0gPLmeK1fsGU_mTjKHc5gPk37QpQDSejLQiTi9lxf8piywIPV0Pxo4WCFXCA3lr4bTcx8JdhcWGfNjUeoSKwMzXCFNnqZ_iunCvORKBEblXoEBAdk6s6j55w7wXOh57MMze-eWhajxhPPtyA__pCNtZsB4rUUQHHhnPkA7abj-2vrT0bx1fQQLLrupfzNZYUcjgHyqDDUp8prsdaDGzppOd-1lbx1ehlvtvtIzJrFWeAuA4080sBwobzk8Ya4rF_XqOardk9Vq53ZzQ15e-DcM_-56iO6BDgHg7CxdeEKnpWv7O80CmB3TxQLiJ80rc63Q&sig=Cg0ArKJSzFPxVHLBbB3oEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE-2TAiV5kf01IPr-Q_7ZLxHqQbJdul9ALC_lZjh2kphac1-wMgmhZY4yAEW_-gIsN294lxxVZi-x1PjDR71mNJ3xP7oqJM1EUrubo3SQl38sZYSiApXilxKYRsQTG31sNXGu7BAnoqqNPnUgyMRbpkHlG1FDT910t_Q30uZ5hNynocV_Aqzi3WxmruiKiD-1taVTHivgYGHPyMLcMDBjWWBF9GbYgwBdpPmhSYR9eeiT-L4IPOmXV_D5oY7opbqPCIZUSFeM_HvxzL8Som7OTb72fh23JlyMycX6cB5YT28zrs5nqqPVTXsbMiUyAy5-qz_5VgrL5GfGKvGsTeKqduw&sig=Cg0ArKJSzC-wN_o9StPwEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| apntag object| webpackChunkfrimand function| $$ object| _sp_ function| frimandRequire function| getScript function| pulse object| React object| ReactDOM object| _sp_queue object| SPiD object| SPiD_Identity object| SPiD_Monetization function| VGNav function| startTTT object| preact object| preactHooks object| e function| t function| Direkte object| __DIREKTE_HUB__ boolean| _MBLLoad object| MBL function| setImmediate function| clearImmediate object| regeneratorRuntime object| lbmpPermissions

20 Cookies

Domain/Path Name / Value
www.vg.no/ Name: clientBucket
Value: 69
www.vg.no/ Name: _sp_v1_uid
Value: 1:844:51efc01d-861d-4b3e-a2d2-faa4fe9d81a8
www.vg.no/ Name: _sp_v1_data
Value: 2:349377:1637261813:0:1:0:1:0:0:_:-1
www.vg.no/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKphqjNlYnRikVxM4rzckBskvAEtW1w0ZCKRYA6MbB_DgBAAA%3D
www.vg.no/ Name: _sp_v1_opt
Value: 1:
www.vg.no/ Name: _sp_v1_freqcap
Value: 0!qYuNAk5Az9qWikz4bFgBKF4NjZXxQ2dy6yHnCIJx4sGURQ6QTxkkCgDYcuxEF_g-jBCQthNGk5tD5kp2t5PeG1n07R-IWQWAnyuoCexK9Jw=
www.vg.no/ Name: _sp_v1_csv
Value: null
www.vg.no/ Name: _sp_v1_lt
Value: 1:
.vg.no/ Name: consentUUID
Value: 87245ee8-95c0-45ca-ac42-dcb24e16467b
.vg.no/ Name: _MBL
Value: %7B%22u%22%3A%228zYmeKFwy9%22%2C%22t%22%3A1637261814%7D
.vg.no/ Name: __mbl
Value: %7B%22u%22%3A%5B%7B%22uid%22%3A%22rS6sUOAyNtrz0IBm%22%2C%22ts%22%3A1637261814%7D%2C1637351814%5D%7D
.norstatsurveys.com/ Name: ctuser
Value: 90006128a3754a5484542f32ac5f895d
.vg.no/ Name: cis-jwe
Value: eyJpc3N1ZWRBdCI6IjIwMjEtMTEtMThUMTg6NTY6NTRaIiwiZW5jIjoiQTEyOENCQy1IUzI1NiIsImFsZyI6ImRpciIsImtpZCI6IjIifQ..dxVeB2LZxKFMlt-PREiITQ.J577MubBN_5UK8EYJRlZELyh3sJuw9Y0Oxy7vPpiwEC5sJENUs1RzieSLtRWT6-ZRfH2deb877YbMTaOSiCt_XpWReKlAXeUvALn8MYEtiQCkUpRcS_FiNKoYxhtXeGzb_0S8OaRuPd1A-fbbpNrM0o_h8WsIZYmgcYbW6sQL0Vgoqjj8vyrG9xpnVMGKGlPlQ8EyOR-iW20SooewxCe2A.ruTNcwc21jyXk_ZCD9z5iQ
.vg.no/ Name: _pulsesession
Value: %5B%22sdrn%3Aschibsted%3Asession%3A06b7d6c0-f980-42fb-b2aa-fe7e3585ef09%22%2C1637261814226%2C1637261814229%5D
.adnxs.com/ Name: icu
Value: ChgIw4VQEAoYASABKAEw9sPajAY4AUABSAEQ9sPajAYYAA..
.adnxs.com/ Name: uuid2
Value: 5303315765391617479
.doubleclick.net/ Name: IDE
Value: AHWqTUkSk054NFqF-r-K6mcXFo2OUl0Sv6fXR43Etp2U3L--jQQSNtiS7J4rKX3SqKo
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.schibsted.com/ Name: cis-jwe
Value: eyJpc3N1ZWRBdCI6IjIwMjEtMTEtMThUMTg6NTY6NTRaIiwiZW5jIjoiQTEyOENCQy1IUzI1NiIsImFsZyI6ImRpciIsImtpZCI6IjIifQ..D1LwWpt8_woZA3mg6Nz3eg.OV4u0YHFifbijncvQXfv_OGfFcgecb9JqRd0H7B0rTHZB9cL1Gk3-trn7ReSoKzcfQsVCFBu-jhQV_S-g3cWFxfD9Ods4hA2JQpYrws5__wBkwXKJZZ67artkHWz0Cjm1YXES7vNEBppnL-UURhdI7XQtt_Txg4V41icY_M6pDr-r14lAkmeV2IBId6l1uMxS6qprHg0bb_FsPm6ca_TFcWa7fAyFCA4YUlQEgX4_wI.vviEYDrCfGtuHe9y8AURDw
.vg.no/ Name: _pulse2data
Value: 92c23c3a-cfc6-41d6-b189-fed84ad9d9c9%2Cv%2C%2C1637262716301%2CeyJpc3N1ZWRBdCI6IjIwMjEtMTEtMThUMTg6NTY6NTRaIiwiZW5jIjoiQTEyOENCQy1IUzI1NiIsImFsZyI6ImRpciIsImtpZCI6IjIifQ..D1LwWpt8_woZA3mg6Nz3eg.OV4u0YHFifbijncvQXfv_OGfFcgecb9JqRd0H7B0rTHZB9cL1Gk3-trn7ReSoKzcfQsVCFBu-jhQV_S-g3cWFxfD9Ods4hA2JQpYrws5__wBkwXKJZZ67artkHWz0Cjm1YXES7vNEBppnL-UURhdI7XQtt_Txg4V41icY_M6pDr-r14lAkmeV2IBId6l1uMxS6qprHg0bb_FsPm6ca_TFcWa7fAyFCA4YUlQEgX4_wI.vviEYDrCfGtuHe9y8AURDw%2C5303315765391617479%2C1637276216301%2Ctrue%2C%2CeyJraWQiOiIyIiwiYWxnIjoiSFMyNTYifQ..5oxSBcFSoOelpLUmQLX98t_y2B7GKBUKpoo8Yg_u4Qg

4 Console Messages

Source Level URL
Text
network error URL: https://id.vg.no/session?client_sdrn=sdrn%3Aspid.no%3Aclient%3A4ef1cfb0e962dd2e0d8d0000&redirect_uri=https%3A%2F%2Fwww.vg.no%2Fauth%2Fcallback&sdk_version=4.4.0
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://session-service.payment.schibsted.no/user-context?client_sdrn=sdrn%3Aspid.no%3Aclient%3A4ef1cfb0e962dd2e0d8d0000&sdk_version=4.4.0
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://www.vg.no/vgc/cdn/js/libs/ast/0.33.0/ast-patched.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.vg.no') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://www.vg.no/vgc/cdn/js/libs/ast/0.33.0/ast-patched.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.vg.no') does not match the recipient window's origin ('https://acdn.adnxs.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://admarket.no https://admarket.schibsted.se
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
akamai.vgc.no
b14.s372.meetrics.net
b200.s372.meetrics.net
c60d7171657617802cc0f343061a7f21.safeframe.googlesyndication.com
cdn.adnxs.com
cis.schibsted.com
cis.vg.no
cl.k5a.io
cmp.vg.no
cogwheel.inventory.schibsted.io
collector.schibsted.io
cookie.norstatsurveys.com
crcdn01.adnxs-simple.com
d3iwtia3ndepsv.cloudfront.net
f533b6ab3f758e64d3a5232da9a146bf.safeframe.googlesyndication.com
fra1-ib.adnxs.com
ib.adnxs.com
id.vg.no
imbo.vgc.no
info.privacy.schibsted.com
log.medietall.no
pagead2.googlesyndication.com
redutv-api.vg.no
s372.meetrics.net
s372.mxcdn.net
sch-map.norstatsurveys.com
secure.adnxs.com
securepubads.g.doubleclick.net
session-service.payment.schibsted.no
stat.meetrics.net
static.privacy.schibsted.com
tpc.googlesyndication.com
user-permissions.privacy.schibsted.com
vg.no
www.google.com
www.googletagservices.com
www.vg.no
securepubads.g.doubleclick.net
www.googletagservices.com
13.226.145.15
13.226.145.17
13.226.145.49
13.226.145.90
13.226.156.164
13.49.191.63
13.53.106.136
13.53.178.57
136.243.36.130
142.250.186.98
144.76.218.118
148.251.47.75
151.139.128.11
192.0.78.192
2.18.232.130
2.18.233.67
2001:67c:21e0::16
2001:67c:21e0::41
2001:67c:21e0::c
213.239.192.170
23.100.50.51
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:829::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a02:26f0:6c00::210:ba68
34.248.46.110
37.252.172.123
37.252.172.37
37.252.173.215
02664811e98693eab8f98e6d8631b20e20da468123d339c5cbaf8a054e7002f9
0a6fc17c48be1a66d64aacdf63c2850a1c33cd831a39d5c5041d16a6cd66a48d
0c8a236376461b0a2372fd814306c5f2d4ab7a4460969c4f40032877a068788f
11425f6c1d05eebd74716896bc88576786af8d0e9d97da7e5177eeef960b38a1
12ad62edce4f8153a98a37a8ce140135ec6a2e9c4d119408ca054f55cf437697
1555705a6bb02ae2759a5559c5f6ba10c4f9bf90f8daa5c9eca33962e9d3d4b3
15bc6829385e8b00d3cbfc40c644219f163b4ff2efeb36d04d576d4667dd30b4
18c43d517550dd0d7abca0d7f395ac554ff661032f9f81154811166c724c8ee5
23b751657b98bbd957c351abaa803d40b1fc7fbf3d7ef8667734999a8d0b60d9
23beca11d801768c43ca614a976d405cb3a36448db99a615c7bf0a95e19e4769
26e9265421572e68fd9816a4f333c8f3924d0a80f4ee26d75c8dc658f86d55dc
28885d54f98e4f35ce8e06ce3991dd4da7505ce771252465bbead57930a07778
35da4716556a1d4729712554701d0fcbf3085e527366394981eaf68b67235c55
3a3d4c24978381df0a553fa8a5773f33993233961fbeaeb2524697b5f001ba82
3d40e8c99e2199a035bce3db433543214203d5edd444391fa2dfca80afaea8c4
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
40d428e1522bbe31e718e1c7733701de2a12ed7d89d54a8227cc0c5295f3c03c
41f4034ce5e9c8a0f44317edf0e8e1e9cbd17854095c3e7567bdc243b31ea189
42a72b63748c1d579778449613e03e6bfdcf7fd408f0af5ef40ad7e02268e593
447d1c52a083853189e6a2bd3bc053a81cb8edfc34fd330a9ba333a6f4689160
4577b79f6ca24a1f0c515f9e1dd598cdf0e5c6d011bee017e54b35c0758739e1
477237f0d6e9a3c22af6f156fbd454f8e5402da834b9894d5e603224dcd15c0b
47d249c45cf9ef63e73f26e1fad6fe0be939de03d05474ed1e9d7f2fa0a5622f
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fbb54bf2673ddd51f5f8746d560317ce0639765b3979918f2aa797b9ca9833a
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
537f05a68252d9bfd7f05788fdf4f0755f1d7408855be918a5cfdc893050ea14
53857a391b2d3ec18a9abf2c12cc65cce90389ff3d722fdf9a490d778fab0e0c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f076db7834e6c5b11502c9774b5d4ef8d1fb5606691491a2967c9ae7cdf661
562a9943ecf88b927abaed4fcb6ab83d7fce6c32ce441ddab8110eef47fbd0b6
590225138c235b6200c6f0fb6faee9cbee552c554bb70c0f718adacb1757b99c
5a5d3d7854a412b06e36cd5c6472aaf3bb6c195e4c7e4452b33afe97ec15b6e8
5aafce2bff3b21411baa5271803b17535f057121e450db0f55ebc104b58281a4
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5d451d810a82ab74645a669ba48f7ba339a09477781f60ec7da4d9f41eaab758
6408fb3f2ba4fec418a6e46730e5b42b9818641f7d5f3da7102bbd9c4873d996
668e9be9abe1eee8b22cadc0152c5947ab12438dfea7be3fb1897b7d45dca1cc
6eca66032ec1abb2a3c45931cd6238073d1152a341328bcbb80870731ec25c91
70808a75b619428904e5332c8f40b7f2fe2d0ac46bf305e49a0c3dd41e9dc396
70e3c214cd3ab1b513af7ad0580e332c7ae675d04ce8b20f7b87f7a5c75b31b6
734e9009029d1d6c9de783193f9c13dfbe6323383a03ba33a204d658570bf897
73ce232f2bcb63abcd9a691b2f7d9e8d1ba84569be7fac1c61df0aec20523667
747f0b34c7513b45075f2dd526c6f0259615a0a00a7d9f927f96905ea04f2fa4
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7b6dafea9b863c112e28ce6a433bfbd2d2b8679f285d795aa849d2184d9fa16b
7f6f85b2474239f232c24918e2ac4a56a838bc64a9e872a62b89152e569602ff
7fed7359a85f890580a7e853781ef946a049d93debfc2825c1d100b6588b001d
8065bc4cd38626c2c3e6bbb5132d0f4bcd27233d50ec7e55ce189d97f74cda39
818241f2ced316923ed63f67bc97a084a19e3cd6f2bc6d4858c3c7abca494d02
822fa6bcd41ae4699f7666b4eb093dbb2080c69ccf88e70e4e1d9645641cd23b
826e6630d4bb6ce5ef2ab1b84004b0cddb7c12f4e319cfc4be63c238942a8e1a
856c60d09d765fe3fbf3ee796341cda6204242b4f5b4891d84adb601076d4448
8a17dbe0c9d25187a9ef656698d4a70e9144f61258f7b4211d5403548b8b6a2c
8d1a2bfb93fc1852c23e2d6aacc28e4ade090e40768f2b9e6c205c34189e4569
8d39bf2d8403b3cd1d98bcb9d9133e6a1d286fd376159f7b8b5fad1101ec292b
8d7763073c27838491005666307267ea47b4abd2b7760c643e56d7000825b8fc
8d7a8b7f69f05b37dfa175b4c42750f4df6d49a34f3aea9f28f1d835247616cc
8e1fc7a5c35d7b41353db7f9b4f56429d54d4c3c91da1fecebe93ceddfdd07ed
8e311a00cc0f077fed2cbfb9d3b8686761181a8cc51b01cc0e392cf199c88ad5
8ee01cffc016fda672b2b3df10eb5983e452c5dcecb0637a527089ff564ebb8d
8fac955557260a43a2751cc551d57f74913d6a1846cfa2aa185b1008b790ad4f
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
977282790cf5afdf33dede4feed4bab854498e61c6226f9d036059070b64e0e1
a06be388b3a173b8cc7969b078542e7c96a7452a9f0b511090f73129d744be91
a1a69c27e836363053c34ca3f36d2dbe66917eb04c4b82f44ff9aa791efc6b50
a447da7124e27d0845b24a257c2d18ea6788e55682a989c939ba034b7e1bea9a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c42779dfcf24d34cc624d9fdb1b30e8adea6e6e1d1b45a08cbfc75c24497e1
a8429ec729fa51e37604449d8ce24188b691698eba74747a58e37b627a911063
a8538bdf9b4f3e29367f79f3aa32ae3fbf04e3443e7bdca7f92ad846eca99fce
a8e9f02d13d664e9e3ad5d78eccb7793464740f23cb754e75f19bbf96d058084
aa29d5e6e4e8274b7ed9e7babb3a0f97540b1e5f3f7fa61eebf9fddbf1d8b7da
abbb43632a4a0cf0051e715ec713c509adf07b6fc5f87e73999559b306d692f8
ada68f8550b64b3e4b69aefeb61cb219724b987f734d6b41c745f783698a9da7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0
b392efe402e4cd59d7eaa259c7fca62133aa67696a8129543603b2eac233946a
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
c10a5ca862556e15a835a8771f91e3a26d69d7bd72168681f2e7ea45a99199ab
c46c497c0af8fadcc5f28daaff59f1094051a593f4a919ae0b0e9e6dc870b7df
c4c7a2037ecb17eec815a3dcdffc3b8398209b15688f6e4e4857d2d3f9afab35
c5932e79c1e9cbd2bc8d72ed92af2b49bd47266e1b695cb82d9e6f72c2efb91f
ca503ed50bd8e2c1fd0667d797d212b1adedb2d88e27fa5034c952df8edcdfce
cd975dc0885a337698295f590a63c03d64b4ee6b46aae69f4dbbfa914086890c
d11236d21468ca8a7c1918a25d06f8c8fd43a069aad68a728fdf33e646893040
d4b2e5e60e16ae183a496d3a7d89d2a9d216fadeaaf5ecd30580816ae0b1b788
d5dd8a29a0d306ab9cc31c69ccd1901af59543e016e3c162dec92dc61c159690
d6946838b7e2549cf78bfb9e5580351e7dce18d8a6b907792ae6ccf95adee147
d6b3a9379d4868ee8488bfbcc6d803f12635b9be81484e2efe139e49e58fcda8
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
da23e413c9497baf74df872ff1c22ed41927ed514ecd6536fc088889d0cd4f0b
daeab1ca7011173c07e0beea1be4566bad1a74afa1b7ccbb2f6830b31d306ac5
db43c41720faff632295f171e2ffaecfea382e4bdba292c730cb0150a16eff9b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df1fab99aefdb8ede901868006e2a38080d1f563e6771f3081b6b8ab96b6d964
dfa50bfc9666a5dd09e2378cb51dd42d3aa16acdb3024db7e999f6a8c36058e1
e19e6d3ba89c88a6cf9f0976216f61f2ed28135ffac9eeffebc06190b9acf10b
e1c83a05d100111d4d432b65d950c729a4ef87e740a82983434765b93759142f
e35456bce17208d28444796fc6fc5f95847575eab1918010eedcb46a9f0baeec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59d21686495f1145f43f23c25256ce633dca4e0864c0b93213eeb79a5972197
e717a94e78117107ea16a4e7739711b89b60360cb8d449d4a2f0382ea40f5dba
e793402f00190c189be5fa4a77cce2489798d6b5f72f28b0c626eb25e378f74a
eb2f42ac8de710da42df10051589b091ce6cf9b8577c1586161eaa00dcd89d88
ebaac4751415076fa39ef02dee8f7a2eccbc100beb22a7374fd171f2e50820d3
ecc8dcc3a15475f058f94874e5a39541114fcbb4217649c4dde27919daaf008a
ee542887af2ba85aaf14e28ac8d43f11b8d4c25455bc8eb4f6b029c06536d135
ee846f55a12c8f1e97a76168954ab362fae250a9aa979c3b58e9f3d002c78903
f1ad16b500fa9e13324bc9fa0c2acf533243809e5caa9476dedcd142b4b4e490
f6ccff44d3152a81c3a4ae99b775227394c7893454211db430594521108cb706
fb06beff3b52ed00a1a147f87a577f9997347e9360ed04f0ef5add191979a1d4
fe6494bba16b715e5c81b1506a56cefb3472ac2e91a072a0b6a46ff65690c4a0
fe9c00b39aa997d1efe1f793dd8d68517005e27f2057f011c6007e313aae32ed