xp.soughstreek.com Open in urlscan Pro
23.109.170.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hedvigwessel.no/
Effective URL:
https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE
Submission: On October 08 via manual (October 8th 2024, 6:20:12 am UTC) from HK — Scanned from NO

Summary HTTP 92 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 14 domains to perform 92 HTTP transactions. The main IP is 23.109.170.72, located in Netherlands and belongs to SERVERS-COM, US. The main domain is xp.soughstreek.com.
TLS certificate: Issued by R11 on August 25th 2024. Valid for: 3 months.

This is the only time xp.soughstreek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	178.62.113.58 178.62.113.58	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	172.67.182.202 172.67.182.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	165.227.231.170 165.227.231.170	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	172.67.176.34 172.67.176.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 5	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.109.170.72 23.109.170.72	7979 (SERVERS-COM) (SERVERS-COM)
92	13

11 178.62.113.58 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv1.hedvigwessel.no

hedvigwessel.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.182.202 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.scontentflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 165.227.231.170 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv1.dev.theliftagency.com

dev.theliftagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.176.34 (United States)

ASN13335 (CLOUDFLARENET, US)

tnews.contentraffic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.yametric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ww1.tech4u.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.170.72 (Netherlands)

ASN7979 (SERVERS-COM, US)

xp.soughstreek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	hedvigwessel.no hedvigwessel.no	2 MB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9307	4 KB
3	tech4u.app 1 redirects ww1.tech4u.app tech4u.app Failed	1 KB
3	theliftagency.com dev.theliftagency.com	28 KB
2	yametric.com www.yametric.com	26 KB
2	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 4610 Failed	72 KB
2	contentraffic.com tnews.contentraffic.com Failed	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	15 KB
1	soughstreek.com xp.soughstreek.com
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	31 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412	31 KB
1	typekit.net use.typekit.net — Cisco Umbrella Rank: 455	969 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	78 KB
1	scontentflow.com assets.scontentflow.com	95 KB
92	14

	Domain	Requested by
11	hedvigwessel.no	hedvigwessel.no
6	mc.yandex.com	2 redirects tnews.contentraffic.com mc.yandex.ru
3	ww1.tech4u.app	1 redirects
3	dev.theliftagency.com	hedvigwessel.no
2	www.yametric.com	tnews.contentraffic.com www.yametric.com
2	mc.yandex.ru	assets.scontentflow.com tnews.contentraffic.com
2	tnews.contentraffic.com	assets.scontentflow.com
2	cdn.jsdelivr.net	hedvigwessel.no
1	xp.soughstreek.com
1	code.jquery.com	hedvigwessel.no
1	ajax.googleapis.com	hedvigwessel.no
1	use.typekit.net	hedvigwessel.no
1	www.googletagmanager.com	hedvigwessel.no
1	assets.scontentflow.com	hedvigwessel.no
0	tech4u.app Failed
92	15

This site contains no links.

Subject Issuer	Validity	Valid
hedvigwessel.no R11	`2024-08-18` - `2024-11-16`	3 months	crt.sh
scontentflow.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
dev.theliftagency.com R11	`2024-09-06` - `2024-12-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
contentraffic.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
yametric.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
tech4u.app WE1	`2024-08-16` - `2024-11-14`	3 months	crt.sh
xp.soughstreek.com R11	`2024-08-25` - `2024-11-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE
Frame ID: 2B6082BD705C22A2D0A1579B8D48C2E2
Requests: 91 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: A5D50115CA216A0F1793AE6E63F5044D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hedvigwessel.no/ HTTP 307
https://hedvigwessel.no/ Page URL
https://tnews.contentraffic.com/?news Page URL
https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE Page URL

Page Statistics

92
Requests

34 %
HTTPS

50 %
IPv6

14
Domains

15
Subdomains

13
IPs

5
Countries

2502 kB
Transfer

3671 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hedvigwessel.no/ HTTP 307
https://hedvigwessel.no/ Page URL
https://tnews.contentraffic.com/?news Page URL
https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hedvigwessel.no/ HTTP 307
https://hedvigwessel.no/

Request Chain 84

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10516.fLWsa-olI05z2fBE9G1TGZIzlPz5NDuVXF03DRM8v-vOZfLOarRf4SIrs6B23eKG.dY-OSAQNxbYCP7y0GUPYvZ08wEU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10516.AoSTdvDSY-w_ZA3qw9LrM8OM1B3F8fCBGTmyXGk39NwDe2QONZBqMrzhyF77MA0wrhJpZ1zfVdTzTlrRoB7ZIySjwo_VePIpc4y89_sFkVammubmTmjOHiND8vo20gLFeXlp78CAf-V4dh9k50ud6U9KveGF9HvRWuljkEfZL1Q61sjD5fehk3yDXAy59TWjw_t_jore12tJueSdj_hwooRzq2KB2velKNG8GFo_Rk4%2C.wYLAnv9BjMhzmQ0A2_t4FRyqqiA%2C

Request Chain 87

https://mc.yandex.com/watch/97059988?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fhedvigwessel.no%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A1470%3Acn%3A1%3Adp%3A0%3Als%3A81604034108%3Ahid%3A337004566%3Az%3A120%3Ai%3A20241008081943%3Aet%3A1728368383%3Ac%3A1%3Arn%3A978005978%3Arqn%3A1%3Au%3A172836838314741414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C32%2C163%2C3%2C7%2C0%2C%2C16%2C0%2C%2C%2C%2C227%3Aco%3A0%3Acpf%3A1%3Ans%3A1728368382509%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728368383%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/97059988/1?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fhedvigwessel.no%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A1470%3Acn%3A1%3Adp%3A0%3Als%3A81604034108%3Ahid%3A337004566%3Az%3A120%3Ai%3A20241008081943%3Aet%3A1728368383%3Ac%3A1%3Arn%3A978005978%3Arqn%3A1%3Au%3A172836838314741414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C32%2C163%2C3%2C7%2C0%2C%2C16%2C0%2C%2C%2C%2C227%3Aco%3A0%3Acpf%3A1%3Ans%3A1728368382509%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728368383%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Request Chain 88

https://ww1.tech4u.app/mpc HTTP 301
http://ww1.tech4u.app/mpc/ HTTP 307
https://ww1.tech4u.app/mpc/

Request Chain 90

https://ww1.tech4u.app/favicon.ico HTTP 302
https://tech4u.app/

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
hedvigwessel.no/
Redirect Chain

http://hedvigwessel.no/
https://hedvigwessel.no/

209 KB
20 KB

401ms
300ms

Document
text/html

178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e2ab2e1e83c75b761e78280b4f1fa7178c5d3cdd74277ae3bef15f71a7419103

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20372
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Oct 2024 06:19:41 GMT
Keep-Alive: timeout=5, max=100
Link: <https://hedvigwessel.no/wp-json/>; rel="https://api.w.org/" <https://hedvigwessel.no/wp-json/wp/v2/pages/178>; rel="alternate"; type="application/json" <https://hedvigwessel.no/>; rel=shortlink
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
X-LiteSpeed-Tag: fc6_HTTP.200

Redirect headers

Location: https://hedvigwessel.no/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 / Show response
assets.scontentflow.com/ 248 KB
95 KB 249ms
202ms Script
application/javascript 172.67.182.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.scontentflow.com/
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76ae6362ce5b2a27f7ea3d845157e202c131e56b2347f5bd8dc7716207177197

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73ntfoW5YRDN1hQMuYrxgWPu7eBXd7JpN0FpNmERamTz38MYpZK%2BCApVypMAKh1zcGel86A6UsHtpTuWihNk7GU5ZJyjIFf%2BOnQrw2uCbdtUVQ6Si1xWduz61GW6zIaTGpEN%2FebTPYOIyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cf405546d7d569b-OSL
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
78 KB 198ms
73ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32507940-51

Requested by

Host: hedvigwessel.no
URL: https://hedvigwessel.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a35ec36b76f7033a9132e69e20da5534ccef82682a5b7a8d269f75e5872728ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 08 Oct 2024 06:19:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79010
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 iuk7ovr.css
use.typekit.net/ 3 KB
969 B 196ms
50ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/iuk7ovr.css

Requested by

Host: hedvigwessel.no
URL: https://hedvigwessel.no/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e01252c12f8c12552238fa97e883de54e7a06db595bb719f7eac7e376b5f295a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 746
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
944 B 108ms
33ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: hedvigwessel.no
URL: https://hedvigwessel.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
age: 2791153
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220022-FRA, cache-bma1630-BMA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 484
x-jsd-version: 1.8.1

GET
H/1.1 200
OK style.min.css
dev.theliftagency.com/dev_hedwig/wp-includes/css/dist/block-library/ 79 KB
11 KB 229ms
43ms Stylesheet
text/css 165.227.231.170
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.theliftagency.com/dev_hedwig/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.231.170 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.dev.theliftagency.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "13abe-5c94a94ee4fe3-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 10523
Keep-Alive: timeout=5, max=100
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Wed, 11 Aug 2021 15:50:46 GMT
Vary: Accept-Encoding
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/css

GET
H/1.1 200
OK style.css
dev.theliftagency.com/dev_hedwig/wp-content/themes/hedvigwessel/src/styles/ 115 KB
16 KB 232ms
46ms Stylesheet
text/css 165.227.231.170
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.theliftagency.com/dev_hedwig/wp-content/themes/hedvigwessel/src/styles/style.css?ver=1589373560
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.231.170 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.dev.theliftagency.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4b6088cdb8111540d7a69b3d2157d8e5fd9c65fe98ef615c15535a9c60da3133

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "1cc89-5d78339be1740-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15669
Keep-Alive: timeout=5, max=100
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Tue, 08 Feb 2022 15:18:13 GMT
Vary: Accept-Encoding
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/css

GET
H/1.1 200
OK lightbox.css
dev.theliftagency.com/dev_hedwig/wp-content/themes/hedvigwessel/src/lightbox/css/ 3 KB
1 KB 226ms
41ms Stylesheet
text/css 165.227.231.170
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.theliftagency.com/dev_hedwig/wp-content/themes/hedvigwessel/src/lightbox/css/lightbox.css?ver=5.8.2
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 165.227.231.170 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.dev.theliftagency.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2b83caeb6ce96e5fd77a54346cbc72533b4cc399cb746c9ddaa1a63d318cd686

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "dfc-5a9d2e4c69880-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1034
Keep-Alive: timeout=5, max=100
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Tue, 07 Jul 2020 05:02:10 GMT
Vary: Accept-Encoding
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 177ms
57ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: hedvigwessel.no
URL: https://hedvigwessel.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

content-encoding: gzip
age: 286332
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 22:47:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 22:47:30 GMT
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31021
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK athlete-2-3.jpg
hedvigwessel.no/wp-content/uploads/2020/04/ 158 KB
158 KB 72ms
41ms Image
image/jpeg 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hedvigwessel.no/wp-content/uploads/2020/04/athlete-2-3.jpg
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2bef608cde8b663bd9d6224005120944cb6989fb1f0955b74e3924005c2974d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

ETag: "276e0-5a2b0ea27e624"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 161504
Keep-Alive: timeout=5, max=99
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Tue, 07 Apr 2020 10:33:29 GMT
Content-Type: image/jpeg
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK PP_SHIELDER_HIGHRES-0677-scaled-e1638106664167.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 147 KB
148 KB 124ms
41ms Image
image/jpeg 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hedvigwessel.no/wp-content/uploads/2021/11/PP_SHIELDER_HIGHRES-0677-scaled-e1638106664167.jpg
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 890e3fed104ad0f9fbe049e75ad5d10334ec2b54407b6466441bcbb3a8a68e54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

ETag: "24d96-5d1d96dd78e48"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 150934
Keep-Alive: timeout=5, max=100
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Sun, 28 Nov 2021 13:37:44 GMT
Content-Type: image/jpeg
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK COMPDAY_VERBIER-5625-scaled.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 536 KB
537 KB 43ms
43ms Image
image/jpeg 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hedvigwessel.no/wp-content/uploads/2021/11/COMPDAY_VERBIER-5625-scaled.jpg
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 83c0a4e7d389d977cdc5cfdf0ce6acbec9921a7ffafc5e6cdabc495ddf9f01e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

ETag: "861bf-5d1d975c0b1f5"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 549311
Keep-Alive: timeout=5, max=98
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Sun, 28 Nov 2021 13:39:57 GMT
Content-Type: image/jpeg
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK IMG_3235.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 1 MB
1 MB 41ms
41ms Image
image/jpeg 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hedvigwessel.no/wp-content/uploads/2021/11/IMG_3235.jpg
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

ETag: "10c327-5d1d9de539894"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1098535
Keep-Alive: timeout=5, max=99
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Sun, 28 Nov 2021 14:09:11 GMT
Content-Type: image/jpeg
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK bio-04-1.jpg
hedvigwessel.no/wp-content/uploads/2020/04/ 117 KB
118 KB 42ms
42ms Image
image/jpeg 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hedvigwessel.no/wp-content/uploads/2020/04/bio-04-1.jpg
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 14da4dd0aebeeaec9ffca05ed774c26452fbcf86148bfc3ce8006bbda0decf1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

ETag: "1d5f7-5a2b226db8f14"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 120311
Keep-Alive: timeout=5, max=97
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Tue, 07 Apr 2020 12:02:03 GMT
Content-Type: image/jpeg
Server: Apache/2.4.41 (Ubuntu)

GET thumbnail_ep20.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET partner-bio-300x221.png
hedvigwessel.no/wp-content/uploads/2021/03/ 0
0

GET DSC02211-683x1024.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET partner-peak-performance-300x221.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET AndersVest-10-1024x689.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET silva-1-logo-png-transparent-copy-300x92.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET DSC09169-1024x683.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET partner-head-300x221.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET AndersVest-44-1024x683.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET partner-poc-300x221.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET AndersVest-2-1024x665.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET logo-2015-copy.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET wes.10-1024x540.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET partner-mammut-300x221.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET AndersVest-13-852x1024.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET hestra-gloves-vector-logo-copy-236x300.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET Hedvigs_Way_Engelberg_LowRes-5-1024x683.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET gopro_logo_PNG12-300x82.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET HEDVIG-5581-1024x683.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET 0x0-copy.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET DJI_0109-1024x768.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET silva-1-logo-png-transparent-copy-white-300x92.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET IMG_0885-1024x683.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET unnamed-copy.png
hedvigwessel.no/wp-content/uploads/2022/06/ 0
0

GET COMPDAY_VERBIER-5448-1024x683.jpg
hedvigwessel.no/wp-content/uploads/2022/03/ 0
0

GET
H/1.1 200
OK stylesheet.css
hedvigwessel.no/wp-content/themes/hedvigwessel/src/font/ 6 KB
950 B 42ms
42ms Stylesheet
text/css 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hedvigwessel.no/wp-content/themes/hedvigwessel/src/font/stylesheet.css
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7792fff1de721eb15ff8d7c637e0d6e8309c720f5093558a8fc8c87243e17ed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "18ff-5a81f3cad5bc0-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 614
Keep-Alive: timeout=5, max=96
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Mon, 15 Jun 2020 13:16:39 GMT
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)
Content-Type: text/css

GET AndersVest-46-scaled.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET Hedwig_Wessel_Safety_Camp_LowRes-85-200x300.jpg
hedvigwessel.no/wp-content/uploads/2022/03/ 0
0

GET close.svg
hedvigwessel.no/wp-content/themes/hedvigwessel/src/images/ 0
0

GET DSC02079-scaled.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET partner-bio.png
hedvigwessel.no/wp-content/uploads/2021/03/ 0
0

GET PP_SHIELDER_HIGHRES-0849-scaled.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET partner-peak-performance.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET 905F6B18-15D6-4172-AF8C-862F748A0623.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET silva-1-logo-png-transparent-copy.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET AndersVest-93-scaled.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET partner-head.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET HEDVIG-PODIUM-6726-scaled.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET partner-poc.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET DSC01660-scaled.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET AndersVest-48-scaled.jpg
hedvigwessel.no/wp-content/uploads/2021/11/ 0
0

GET partner-mammut.png
hedvigwessel.no/wp-content/uploads/2020/03/ 0
0

GET Hedvigs_Way_Engelberg_LowRes-138.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET hestra-gloves-vector-logo-copy.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET HEDVIG-5599-scaled.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET gopro_logo_PNG12.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET DSC04309.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET IMG_0887.jpg
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET silva-1-logo-png-transparent-copy-white.png
hedvigwessel.no/wp-content/uploads/2022/05/ 0
0

GET 1146F0BB-FF38-4D0C-B8F2-6C508E6FE88E.jpg
hedvigwessel.no/wp-content/uploads/2022/06/ 0
0

GET forms.js
hedvigwessel.no/wp-content/plugins/mailchimp-for-wp/assets/js/ 0
0

GET
H2 200 jquery-3.6.0.min.js
code.jquery.com/ 87 KB
31 KB 107ms
32ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 2319839
x-cache: HIT, HIT
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 318729, 87738
x-served-by: cache-lga21931-LGA, cache-bma1670-BMA
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1728368383.586156,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H/1.1 200
OK 1.a2d8e02a.chunk.js
hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/ 154 KB
50 KB 50ms
49ms Script
application/javascript 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/1.a2d8e02a.chunk.js
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "2670d-5a0821e7d2b6f-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 50382
Keep-Alive: timeout=5, max=98
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Tue, 10 Mar 2020 15:53:21 GMT
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)
Content-Type: application/javascript

GET
H/1.1 200
OK app.a216a83f.js
hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/ 9 KB
2 KB 43ms
42ms Script
application/javascript 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/app.a216a83f.js
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "22c1-5e0f3f292c314-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1953
Keep-Alive: timeout=5, max=95
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Wed, 08 Jun 2022 18:33:54 GMT
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)
Content-Type: application/javascript

GET
H/1.1 200
OK flickity.pkgd.min.js
hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/plugins/ 53 KB
14 KB 44ms
44ms Script
application/javascript 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/plugins/flickity.pkgd.min.js
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "d32f-5a0821e970c9c-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 13635
Keep-Alive: timeout=5, max=97
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Tue, 10 Mar 2020 15:53:22 GMT
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)
Content-Type: application/javascript

GET
H/1.1 200
OK scripts.js
hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/ 6 KB
2 KB 42ms
42ms Script
application/javascript 178.62.113.58
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hedvigwessel.no/wp-content/themes/hedvigwessel/src/scripts/scripts.js
Requested by: Host: hedvigwessel.no
URL: https://hedvigwessel.no/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.62.113.58 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv1.hedvigwessel.no
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

Content-Encoding: gzip
ETag: "1829-5a14c865e576b-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1509
Keep-Alive: timeout=5, max=94
Date: Tue, 08 Oct 2024 06:19:42 GMT
Last-Modified: Fri, 20 Mar 2020 17:22:07 GMT
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)
Content-Type: application/javascript

GET
H2 200 slick.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 87 KB
14 KB 34ms
34ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js

Requested by

Host: hedvigwessel.no
URL: https://hedvigwessel.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hedvigwessel.no/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
age: 2237533
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220115-FRA, cache-bma1630-BMA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14488
x-jsd-version: 1.8.1

GET lightbox.js
hedvigwessel.no/wp-content/themes/hedvigwessel/src/lightbox/js/ 0
0

GET /
tnews.contentraffic.com/ 0
0

GET
H3 200 / Show response
tnews.contentraffic.com/ 1 KB
1 KB 202ms
164ms Document
text/html 172.67.176.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tnews.contentraffic.com/?news
Requested by: Host: assets.scontentflow.com
URL: https://assets.scontentflow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd39c8c639c2837badb381ebada18e6294467ba1c934a00278f92a344e0d8760

Request headers

Referer: https://hedvigwessel.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8cf405570d0256b7-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 06:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh: 0;url=https://ww1.tech4u.app/mpc
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=11%2BOqSC%2BU8P%2Fy3G2eZJN8D9iEBqgQBk%2FRectD8P%2Bo6zofzt5rQVM7pmbkMd06Q4E3D8BZG7HnhfHtF%2BOj5qEBbRm3y7jQ4XN67a96Y9CxtuJAUPyJea4xpF3W%2BRMHh8wgFczxcve1p%2FD1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: accept-encoding

GET tag.js
mc.yandex.ru/metrika/ 0
0

GET 97059986
mc.yandex.ru/watch/ 0
0

GET
H3 200 speculation
tnews.contentraffic.com/cdn-cgi/ 128 B
553 B 33ms
32ms Other
application/speculationrules+json 172.67.176.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tnews.contentraffic.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://tnews.contentraffic.com
Referer: https://tnews.contentraffic.com/?news

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwK0VEoPtpUD5wb9DNYz%2BmC9GNFHXwXswUARmZYn4qSN83BatmKhUb7C3FHrx33Wryd9EeUQqppb7dmjpl%2F42HnjeIrTh6B90RG8pOlOLvcUPyrpduyP7KS522eGGUsCGli8izi54e7bLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cf405581e4156b7-OSL
access-control-allow-origin: https://tnews.contentraffic.com
content-length: 128
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 207 KB
72 KB 304ms
149ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c2cba4a85edebe3fcc80f42f721024d33b227c51812fe7411c6b37c2f100036f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tnews.contentraffic.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66fd4449-11c45"
expires: Tue, 08 Oct 2024 07:19:42 GMT
access-control-allow-origin: *
content-length: 72773
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 13:02:01 GMT

GET
H3 200 matomo.js Show response
www.yametric.com/ 66 KB
25 KB 77ms
34ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yametric.com/matomo.js
Requested by: Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tnews.contentraffic.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6700a13b-10784"
age: 1457
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BMPr6SDjrrlBAGYI2M8B8%2FCcNvsqgufQnNNzhA893yTdHudAPyL9XCq6f3JcjOxfwRm2qQC9WxzNwHDmoFDkCX3IX8rjuO3Cb8GZeobDsiGxhbOzRE2tVLj8%2Bsre7V0W9peM"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cf405587dbd56aa-OSL
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 05 Oct 2024 02:15:23 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 204 matomo.php
www.yametric.com/ 0
413 B 88ms
87ms Ping
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yametric.com/matomo.php?action_name=&idsite=19&rec=1&r=852452&h=8&m=19&s=42&url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&urlref=https%3A%2F%2Fhedvigwessel.no%2F&_id=9143ffcebf57bf94&_idn=1&send_image=0&_refts=1728368383&_ref=https%3A%2F%2Fhedvigwessel.no%2F&pv_id=a63fn4&pf_net=37&pf_srv=163&pf_tfr=3&pf_dm1=14&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: www.yametric.com
URL: https://www.yametric.com/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://tnews.contentraffic.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRAtxoqYmzg1lSmWki6ky1lT2JjJq1YvGZyz%2BeAvr1h4TFd%2FBcisdMRSsFDFXEHRF2xfW8x1TxVzSuDT1FcSj78X5%2BePdM6zPzmDt3nNO%2F%2FqfKjfIOIDVA2IoMS%2BfZ9D5%2B%2Fy"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cf40558de8756aa-OSL
access-control-allow-origin: https://tnews.contentraffic.com
date: Tue, 08 Oct 2024 06:19:42 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10516.fLWsa-olI05z2fBE9G1TGZIzlPz5NDuVXF03DRM8v-vOZfLOarRf4SIrs6B23eKG.dY-OSAQNxbYCP7y0GUPYvZ08wEU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10516.AoSTdvDSY-w_ZA3qw9LrM8OM1B3F8fCBGTmyXGk39NwDe2QONZBqMrzhyF77MA0wrhJpZ1zfVdTzTlrRoB7ZIySjwo_VePIpc4y89_sFkVammubmTmjOHiND8vo20gLFeXlp78CAf-...

43 B
674 B

75ms
75ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10516.AoSTdvDSY-w_ZA3qw9LrM8OM1B3F8fCBGTmyXGk39NwDe2QONZBqMrzhyF77MA0wrhJpZ1zfVdTzTlrRoB7ZIySjwo_VePIpc4y89_sFkVammubmTmjOHiND8vo20gLFeXlp78CAf-V4dh9k50ud6U9KveGF9HvRWuljkEfZL1Q61sjD5fehk3yDXAy59TWjw_t_jore12tJueSdj_hwooRzq2KB2velKNG8GFo_Rk4%2C.wYLAnv9BjMhzmQ0A2_t4FRyqqiA%2C

Requested by

Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tnews.contentraffic.com/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Tue, 08 Oct 2024 06:19:43 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?token=10516.AoSTdvDSY-w_ZA3qw9LrM8OM1B3F8fCBGTmyXGk39NwDe2QONZBqMrzhyF77MA0wrhJpZ1zfVdTzTlrRoB7ZIySjwo_VePIpc4y89_sFkVammubmTmjOHiND8vo20gLFeXlp78CAf-V4dh9k50ud6U9KveGF9HvRWuljkEfZL1Q61sjD5fehk3yDXAy59TWjw_t_jore12tJueSdj_hwooRzq2KB2velKNG8GFo_Rk4%2C.wYLAnv9BjMhzmQ0A2_t4FRyqqiA%2C
date: Tue, 08 Oct 2024 06:19:43 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
596 B 111ms
111ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tnews.contentraffic.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66fd4449-2b"
expires: Tue, 08 Oct 2024 07:19:43 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 08 Oct 2024 06:19:43 GMT
last-modified: Wed, 02 Oct 2024 13:02:01 GMT
content-type: image/gif

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame A5D5 0
0 233ms
79ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tnews.contentraffic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 08 Oct 2024 06:19:43 GMT
etag: "66fd4449-416"
expires: Tue, 08 Oct 2024 07:19:43 GMT
last-modified: Wed, 02 Oct 2024 13:02:01 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/97059988/
Redirect Chain

https://mc.yandex.com/watch/97059988?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fhedvigwessel.no%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf...
https://mc.yandex.com/watch/97059988/1?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fhedvigwessel.no%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3A...

603 B
1 KB

79ms
79ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/97059988/1?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fhedvigwessel.no%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A1470%3Acn%3A1%3Adp%3A0%3Als%3A81604034108%3Ahid%3A337004566%3Az%3A120%3Ai%3A20241008081943%3Aet%3A1728368383%3Ac%3A1%3Arn%3A978005978%3Arqn%3A1%3Au%3A172836838314741414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C32%2C163%2C3%2C7%2C0%2C%2C16%2C0%2C%2C%2C%2C227%3Aco%3A0%3Acpf%3A1%3Ans%3A1728368382509%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728368383%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Requested by

Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

bfbab94588617eeaa10a11b685c8847d1d78dd4dbfbbf5806f9db76a3c0b2b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tnews.contentraffic.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 08-Oct-2024 06:19:43 GMT
access-control-allow-origin: https://tnews.contentraffic.com
content-length: 603
x-xss-protection: 1; mode=block
date: Tue, 08 Oct 2024 06:19:43 GMT
last-modified: Tue, 08-Oct-2024 06:19:43 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/97059988/1?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fhedvigwessel.no%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A1470%3Acn%3A1%3Adp%3A0%3Als%3A81604034108%3Ahid%3A337004566%3Az%3A120%3Ai%3A20241008081943%3Aet%3A1728368383%3Ac%3A1%3Arn%3A978005978%3Arqn%3A1%3Au%3A172836838314741414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C32%2C163%2C3%2C7%2C0%2C%2C16%2C0%2C%2C%2C%2C227%3Aco%3A0%3Acpf%3A1%3Ans%3A1728368382509%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728368383%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 08-Oct-2024 06:19:43 GMT
access-control-allow-origin: https://tnews.contentraffic.com
x-xss-protection: 1; mode=block
date: Tue, 08 Oct 2024 06:19:43 GMT
last-modified: Tue, 08-Oct-2024 06:19:43 GMT

GET
H3

200

/ Show response
ww1.tech4u.app/mpc/
Redirect Chain

https://ww1.tech4u.app/mpc
http://ww1.tech4u.app/mpc/
https://ww1.tech4u.app/mpc/

0
474 B

59ms
59ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.tech4u.app/mpc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tnews.contentraffic.com/?news
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8cf4055e88e256b7-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 06:19:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh: 0; url=https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIDcGA09xm8sm3ocX%2Ba%2FH2qkAxD9kBhkglC%2Fx3ouNwgF5WNuZvaZ%2Bby9jJ%2BKORoLMnarZKOJpHSixeTNRm2FrHq6sYoPsz8t%2BmJll1%2FAaF5YJTLQ%2Bu8GwwtV6Zv1EqpusA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://ww1.tech4u.app/mpc/
Non-Authoritative-Reason: HSTS

GET
H3 200 speculation
ww1.tech4u.app/cdn-cgi/ 128 B
543 B 33ms
32ms Other
application/speculationrules+json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1.tech4u.app/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ww1.tech4u.app
Referer: https://ww1.tech4u.app/mpc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zONRZYxiR%2Bqsq1r%2Fe1E%2Flj9dJWu%2B4OZhG8R0ZNUaCCByRRchrGXYy1MGC76vWdIQJNF1RcsvNYQOxvCsQRDgEuZxhsO0WwcKByIMGCNlsuMBMPlf68iSMP%2FbAntAJAaDgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cf4055ef96556b7-OSL
access-control-allow-origin: https://ww1.tech4u.app
content-length: 128
date: Tue, 08 Oct 2024 06:19:43 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK Primary Request gVEQE
xp.soughstreek.com/ihggBqXM4nhgaGD/ 52 B
0 232ms
52ms Document
text/html 23.109.170.72
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.72 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ww1.tech4u.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Oct 2024 06:19:44 GMT
Keep-Alive: timeout=20
Server: nginx
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET

/
tech4u.app/
Redirect Chain

https://ww1.tech4u.app/favicon.ico
https://tech4u.app/

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/thumbnail_ep20.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/03/partner-bio-300x221.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/DSC02211-683x1024.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-peak-performance-300x221.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/AndersVest-10-1024x689.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/silva-1-logo-png-transparent-copy-300x92.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/DSC09169-1024x683.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-head-300x221.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/AndersVest-44-1024x683.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-poc-300x221.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/AndersVest-2-1024x665.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/logo-2015-copy.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/wes.10-1024x540.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-mammut-300x221.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/AndersVest-13-852x1024.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/hestra-gloves-vector-logo-copy-236x300.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/Hedvigs_Way_Engelberg_LowRes-5-1024x683.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/gopro_logo_PNG12-300x82.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/HEDVIG-5581-1024x683.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/0x0-copy.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/DJI_0109-1024x768.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/silva-1-logo-png-transparent-copy-white-300x92.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/IMG_0885-1024x683.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/06/unnamed-copy.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/03/COMPDAY_VERBIER-5448-1024x683.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/AndersVest-46-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/03/Hedwig_Wessel_Safety_Camp_LowRes-85-200x300.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/themes/hedvigwessel/src/images/close.svg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/DSC02079-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/03/partner-bio.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/PP_SHIELDER_HIGHRES-0849-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-peak-performance.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/905F6B18-15D6-4172-AF8C-862F748A0623.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/silva-1-logo-png-transparent-copy.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/AndersVest-93-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-head.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/HEDVIG-PODIUM-6726-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-poc.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/DSC01660-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2021/11/AndersVest-48-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2020/03/partner-mammut.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/Hedvigs_Way_Engelberg_LowRes-138.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/hestra-gloves-vector-logo-copy.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/HEDVIG-5599-scaled.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/gopro_logo_PNG12.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/DSC04309.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/IMG_0887.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/05/silva-1-logo-png-transparent-copy-white.png

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/uploads/2022/06/1146F0BB-FF38-4D0C-B8F2-6C508E6FE88E.jpg

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.8

Domain: hedvigwessel.no
URL: https://hedvigwessel.no/wp-content/themes/hedvigwessel/src/lightbox/js/lightbox.js?ver=5.8.1

Domain: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Domain: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Domain: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Domain: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Domain: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/watch/97059986

Domain: tech4u.app
URL: https://tech4u.app/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.scontentflow.com
cdn.jsdelivr.net
code.jquery.com
dev.theliftagency.com
hedvigwessel.no
mc.yandex.com
mc.yandex.ru
tech4u.app
tnews.contentraffic.com
use.typekit.net
ww1.tech4u.app
www.googletagmanager.com
www.yametric.com
xp.soughstreek.com
hedvigwessel.no
mc.yandex.ru
tech4u.app
tnews.contentraffic.com
165.227.231.170
172.67.176.34
172.67.182.202
178.62.113.58
188.114.96.3
23.109.170.72
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2008
2a02:26f0:3500:16::215:148f
2a02:6b8::1:119
2a04:4e42::485
2a04:4e42::649
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
14da4dd0aebeeaec9ffca05ed774c26452fbcf86148bfc3ce8006bbda0decf1b
2b83caeb6ce96e5fd77a54346cbc72533b4cc399cb746c9ddaa1a63d318cd686
2bef608cde8b663bd9d6224005120944cb6989fb1f0955b74e3924005c2974d6
4b6088cdb8111540d7a69b3d2157d8e5fd9c65fe98ef615c15535a9c60da3133
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
76ae6362ce5b2a27f7ea3d845157e202c131e56b2347f5bd8dc7716207177197
7792fff1de721eb15ff8d7c637e0d6e8309c720f5093558a8fc8c87243e17ed9
83c0a4e7d389d977cdc5cfdf0ce6acbec9921a7ffafc5e6cdabc495ddf9f01e0
890e3fed104ad0f9fbe049e75ad5d10334ec2b54407b6466441bcbb3a8a68e54
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
a35ec36b76f7033a9132e69e20da5534ccef82682a5b7a8d269f75e5872728ad
bfbab94588617eeaa10a11b685c8847d1d78dd4dbfbbf5806f9db76a3c0b2b95
c2cba4a85edebe3fcc80f42f721024d33b227c51812fe7411c6b37c2f100036f
cd39c8c639c2837badb381ebada18e6294467ba1c934a00278f92a344e0d8760
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e01252c12f8c12552238fa97e883de54e7a06db595bb719f7eac7e376b5f295a
e2ab2e1e83c75b761e78280b4f1fa7178c5d3cdd74277ae3bef15f71a7419103
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

xp.soughstreek.com Open in urlscan Pro 23.109.170.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

92 Requests

34 %HTTPS

50 %IPv6

14 Domains

15 Subdomains

13 IPs

5 Countries

2502 kBTransfer

3671 kBSize

Cookies

0 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

xp.soughstreek.com Open in urlscan Pro
23.109.170.72 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

34 %
HTTPS

50 %
IPv6

14
Domains

15
Subdomains

13
IPs

5
Countries

2502 kB
Transfer

3671 kB
Size

92 HTTP transactions
0 data transactions