www.storm.no Open in urlscan Pro
77.75.209.110  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://sb.scorecardresearch.com/b?c1=2&c2=24504393&ns__t=1615493148235&ns_c=UTF-8&c8=storm.no&c7=https%3A%2F%2Fwww.storm.no%2F&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=24504393&ns__t=1615493148235&ns_c=UTF-8&c8=storm.no&c7=https%3A%2F%2Fwww.storm.no%2F&c9=&cs_ak_ss=1

Request Chain 84

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 86

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3210118519972284388

Request Chain 87

• https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B544F360-AA7F-4425-80AD-180EDC44D6A6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B544F360-AA7F-4425-80AD-180EDC44D6A6&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 88

• https://pixel.onaudience.com/?partner=214&mapped=B544F360-AA7F-4425-80AD-180EDC44D6A6 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://pixel.onaudience.com/?partner=147&mapped=ab62c255-928b-4431-baa1-4f8ad90dac7d&icm HTTP 302
• https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e60da4d7493d30cfae740d84929c1d16 HTTP 302
• https://spl.zeotap.com/?zdid=1332&zcluid=6ed1ce55a8507053 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85097673-7f53-40e1-4d21-bfee17126872&reqId=466220f8-5b8e-4ccd-7cfa-0691d99f06d2&zcluid=6ed1ce55a8507053&zdid=1332 HTTP 302
• https://mwzeom.zeotap.com/mw?google_gid=CAESEOLdiIO8JoduK_5GlO9beE0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85097673-7f53-40e1-4d21-bfee17126872&reqId=466220f8-5b8e-4ccd-7cfa-0691d99f06d2&zcluid=6ed1ce55a8507053&zdid=1332

Request Chain 89

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU0NEYzNjAtQUE3Ri00NDI1LTgwQUQtMTgwRURDNDRENkE2&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 90

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC0XysiSDyp3gfdZXVUjnHI&google_cver=1

Request Chain 91

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e174015-6ac0-40b3-ba4f-360a241ea952

Request Chain 92

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d321604a-7820-4a00-832f-45462789c0bf&gdpr=0&gdpr_consent=

Request Chain 93

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8988044859591072289

Request Chain 94

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2181412944167057445&gdpr=0&gdpr_consent=

Request Chain 95

• https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:811f52c7-ebc8-4768-9b28-d0ce17471ef5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.storm.no/	396 KB 59 KB	226ms 38ms	Document text/html	77.75.209.110 NO-TV2-AS
General Check archive.org Show headers Download Go to Full URL https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 77.75.209.110 Drobak, Norway, ASN35703 (NO-TV2-AS, NO), Reverse DNS Software / Resource Hash f1bd210924569835901ef44a9b5bc3f3a2f06a729b19918abc8ea8cd460459bb Request headers Host www.storm.no Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type text/html; charset=utf-8 etag W/"62e0e-SxcS5iRo2Y/X5chBVoccIhys7CY" date Thu, 11 Mar 2021 20:03:39 GMT x-envoy-upstream-service-time 2797 Alt-Svc clear Content-Encoding gzip Age 126 Vary Accept-Encoding,X-Platform X-Served-By varnish14 X-Cache hit cached Accept-Ranges bytes Content-Length 59713 Connection keep-alive
GET H2	200	tv2interface.css www.tv2.no/s/stylesheets/	27 KB 6 KB	189ms 29ms	Stylesheet text/css	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/stylesheets/tv2interface.css Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Generic Web Server / Waring WO48 Resource Hash ddf885fce4b7eeef04c0a9bfe9fb281985fcf64fe695d1bd6770b1dd6718d821 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 19:23:13 GMT content-encoding gzip x-todo Keep on smiling age 2553 x-powered-by Waring WO48 x-cache HIT content-length 6193 x-served-by oslvarnish03 x-ttl 3600.000 last-modified Wed, 04 Dec 2019 09:32:27 GMT server Generic Web Server etag W/"5de77d2b-6cc6" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes
GET H/1.1	200 OK	main.css www.cdn.tv2.no/s/pages/storm/assets/backup/	110 KB 27 KB	207ms 74ms	Stylesheet text/css	104.83.177.52 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.cdn.tv2.no/s/pages/storm/assets/backup/main.css Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.83.177.52 Madrid, Spain, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-83-177-52.deploy.static.akamaitechnologies.com Software ALynx/1.29 / IBM System/38 Resource Hash 99dbfabf0cabbc03fc22b2f06bcddb1cb4f32c1e9c7864fa1eb589c041f51451 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:47 GMT Content-Encoding gzip ETag W/"5f85976a-1b9dd" X-Powered-By IBM System/38 Connection keep-alive Content-Length 27442 X-Served-By oslvarnish03 x-ttl 604800.000 Last-Modified Tue, 13 Oct 2020 12:02:50 GMT Server ALynx/1.29 X-Todo Keep on smiling Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Cache-Control public, max-age=407174 Accept-Ranges bytes
GET H2	200	ads.js Show response www.tv2.no/s/js/	33 B 338 B	188ms 28ms	Script application/x-javascript	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/js/ads.js Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software thttpd/2.25b / M-power Resource Hash df94fd95433c41a38596cfb12bc08981c41beb07c3d92e719d64e05a91f6ab62 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 07 Mar 2021 02:39:06 GMT etag "55fff98e-21" age 408400 x-powered-by M-power x-cache HIT content-length 33 x-served-by oslvarnish04 x-ttl 3600.000 last-modified Mon, 21 Sep 2015 12:35:26 GMT server thttpd/2.25b x-todo Keep on smiling vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes
GET H2	200	tv2.all.js Show response www.tv2.no/s/gcp/adhub/tv2/prod/	347 KB 122 KB	204ms 44ms	Script application/javascript	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software BMW M4 CSL / SodaStream Penguin C25 Resource Hash 9641da3aaa330d20c0915a557f53e6b15f44b61cae2d1d8f57b1c6183dc345b8 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 13:13:07 GMT content-encoding gzip etag W/"45b8a002cde180d50365d0e49c3b0248" age 24759 x-goog-meta-adhub-version 130 x-guploader-uploadid ABg5-Uw4E2fIyM2Q8hWu4bWcrgxrLIL_1C1AFqjEg1-uCPb0zWnGUyo68I291HlwjrS6r4TU653DZtH-S_YV8IdVJUM8-RV_ng x-goog-meta-gpt-manager-path environment/prod/tv2 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-cache HIT alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-served-by oslvarnish02 x-goog-meta-gpt-manager-version 2.30.6 x-ttl 3600.000 last-modified Wed, 10 Mar 2021 13:12:59 GMT server BMW M4 CSL x-goog-meta-gpt-manager-build 205 x-powered-by SodaStream Penguin C25 x-todo Keep on smiling vary Accept-Encoding x-goog-hash crc32c=RJWJLw==, md5=RbigAs3hgNUDZdDknDsCSA== x-goog-generation 1615381979247824 access-control-allow-origin * cache-control public, max-age=86400, s-max-age=86400 x-goog-stored-content-length 355481 accept-ranges bytes content-type application/javascript x-goog-meta-adhub-target prod x-goog-meta-adhub-snapshot 73 expires Thu, 11 Mar 2021 14:13:07 GMT
GET H2	200	tv2-logo-header.svg www.tv2.no/s/lab/2.5/p/img/logo/	2 KB 2 KB	65ms 32ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/lab/2.5/p/img/logo/tv2-logo-header.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Oracle Web Server/8i / Genie H6000A-2K Resource Hash 2380f6b0aa22176669d96120f03bdc6c52661805c6038b35958acf285c1416a9 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 14:14:26 GMT last-modified Fri, 06 Dec 2019 07:26:29 GMT x-ttl 3600.000 x-todo Keep on smiling age 193880 x-powered-by Genie H6000A-2K etag W/"5dea02a5-667" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1639 server Oracle Web Server/8i x-served-by oslvarnish02
GET H2	200	storm-logo.svg www.tv2.no/s/pages/storm/assets/icons/	5 KB 5 KB	83ms 49ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/storm-logo.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software NCSA HTTPd/1.4.7a / AEG ProTex L75480FL Resource Hash 96d9bb367aec461b4c4abd2db35711c77bf26dfdd9f928680596f0587e0deeeb Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 07 Mar 2021 02:39:12 GMT last-modified Thu, 30 Jun 2016 07:49:38 GMT x-ttl 3600.000 x-todo Keep on smiling age 408394 x-powered-by AEG ProTex L75480FL etag W/"5774cf12-1471" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 5233 server NCSA HTTPd/1.4.7a x-served-by oslvarnish04
GET H2	200	bergansfotokonkurranse.png www.tv2.no/s/pages/storm/assets/	15 KB 15 KB	83ms 50ms	Image image/png	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/bergansfotokonkurranse.png Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Generic Web Server / Sinclair ZX81 Resource Hash 85cf55ca9e39dae7eddbf9a6a7844f34050f255f1c909ebb0ffdbce74e70cc01 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 01:45:41 GMT last-modified Mon, 18 Dec 2017 13:56:44 GMT x-ttl 3600.000 x-todo Keep on smiling age 584406 x-powered-by Sinclair ZX81 etag "5a37c91c-3a0b" x-cache HIT content-type image/png access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 14859 server Generic Web Server x-served-by oslvarnish03
GET H2	200	avatar_small.svg www.tv2.no/s/pages/storm/assets/icons/	3 KB 3 KB	64ms 31ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/avatar_small.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software nc -l -p 80 / Sinclair ZX81 Resource Hash c607c4225e1d645868c73f311c1879856f60d525917de5be0207040935b23522 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 14:14:14 GMT last-modified Fri, 17 Jun 2016 11:09:52 GMT x-ttl 3600.000 x-todo Keep on smiling age 193892 x-powered-by Sinclair ZX81 etag W/"5763da80-b66" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 2918 server nc -l -p 80 x-served-by oslvarnish02
GET H2	200	search_small.svg www.tv2.no/s/pages/storm/assets/icons/	2 KB 2 KB	97ms 29ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/search_small.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software CERN httpd/3.0A / Olympus CF-Q140L Resource Hash 6b1c5d451c4b29e0d56f7359fac5ef3163fe127c7e46172f595d24adbf8f2ac5 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 07 Mar 2021 02:49:49 GMT last-modified Fri, 17 Jun 2016 11:09:52 GMT x-ttl 3600.000 x-todo Keep on smiling age 407758 x-powered-by Olympus CF-Q140L etag W/"5763da80-772" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1906 server CERN httpd/3.0A x-served-by oslvarnish04
GET H2	200	2_drops_small.svg www.tv2.no/s/pages/storm/assets/icons/	1 KB 1 KB	63ms 30ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/2_drops_small.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software BMW M4 CSL / BMW M4 GTS Resource Hash 178bfbb80b191f85f02fd33c8e07d00493a200b81f69806335abd91b26fef6b5 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 01:28:30 GMT last-modified Fri, 17 Jun 2016 11:09:52 GMT x-ttl 3600.000 x-todo Keep on smiling age 585436 x-powered-by BMW M4 GTS etag W/"5763da80-42c" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1068 server BMW M4 CSL x-served-by oslvarnish03
GET H2	200	map_pin.svg www.tv2.no/s/pages/storm/assets/icons/	2 KB 2 KB	65ms 32ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/map_pin.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Boa/0.94.13 / BMW M4 GTS Resource Hash d7ce125d308675c36b170ba2dc6b315b7e9bed7f6f27a170e75ac187fd25c6c1 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 01:38:37 GMT last-modified Fri, 17 Jun 2016 11:09:52 GMT x-ttl 3600.000 x-todo Keep on smiling age 584830 x-powered-by BMW M4 GTS etag W/"5763da80-720" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1824 server Boa/0.94.13 x-served-by oslvarnish03
GET H2	200	chevron_right_white.svg www.tv2.no/s/pages/storm/assets/icons/	889 B 1021 B	95ms 28ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/chevron_right_white.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software NCSA HTTPd/1.4.7a / Siemens Step7 Resource Hash f02043538c292c99d9710bcdf467eabcd37730dc7d157632d1185286d7980ad5 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 01:33:17 GMT etag W/"5763da80-379" age 585149 x-powered-by Siemens Step7 x-cache HIT content-length 889 x-served-by oslvarnish03 x-ttl 3600.000 last-modified Fri, 17 Jun 2016 11:09:52 GMT server NCSA HTTPd/1.4.7a x-todo Keep on smiling vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes
GET H2	200	wind_small_dark.svg www.tv2.no/s/pages/storm/assets/icons/	2 KB 2 KB	62ms 30ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/wind_small_dark.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software ALynx/1.29 / Linksys EA6900EJ Resource Hash 210bb88980c4183912198a7afed20b2cbf4fad0a1d694535f69d4ef977135866 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 07 Mar 2021 02:44:48 GMT last-modified Wed, 15 Jun 2016 08:46:13 GMT x-ttl 3600.000 x-todo Keep on smiling age 408059 x-powered-by Linksys EA6900EJ etag W/"576115d5-6ae" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1710 server ALynx/1.29 x-served-by oslvarnish04
GET H2	200	wind_small_light.svg www.tv2.no/s/pages/storm/assets/icons/	2 KB 2 KB	64ms 33ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/wind_small_light.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Oracle Web Server/8i / Panasonic KX-FL421 Resource Hash fbb1464581913667c80d34ef8091863c6bb31bf6bee1afd045e4c16717d904a2 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 17:50:22 GMT last-modified Wed, 15 Jun 2016 08:46:13 GMT x-ttl 3600.000 x-todo Keep on smiling age 8125 x-powered-by Panasonic KX-FL421 etag W/"576115d5-6e6" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1766 server Oracle Web Server/8i x-served-by oslvarnish01
GET H2	200	1.gif www.tv2.no/s/pages/storm/assets/	1 KB 1 KB	63ms 31ms	Image image/gif	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/1.gif Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Generic Web Server / 100% Recycled Electrons Resource Hash aba0e0da6cbd0537de1b919921a13b67fad07a2e7a5dc663dde128db209a9730 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 07 Mar 2021 02:39:50 GMT last-modified Sun, 01 Mar 2015 19:59:41 GMT x-ttl 3600.000 x-todo Keep on smiling age 408357 x-powered-by 100% Recycled Electrons etag "54f36fad-44d" x-cache HIT content-type image/gif access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1101 server Generic Web Server x-served-by oslvarnish04
GET H2	200	nr_ansvarsmerke.svg www.tv2.no/s/img/logo/	8 KB 8 KB	80ms 49ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/img/logo/nr_ansvarsmerke.svg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software BMW M4 CSL / IBM System/38 Resource Hash 8f550f16ebbbf0f27aed8865a89101baf9a2e52c2395c6f71bc16d01f80e35da Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 17:49:50 GMT last-modified Wed, 04 Dec 2019 09:13:06 GMT x-ttl 3600.000 x-todo Keep on smiling age 8156 x-powered-by IBM System/38 etag W/"5de778a2-1ebf" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 7871 server BMW M4 CSL x-served-by oslvarnish01
GET H/1.1	200 OK	vendor.bundle.js Show response www.cdn.tv2.no/s/pages/storm/assets/backup/	719 KB 234 KB	67ms 67ms	Script application/x-javascript	104.83.177.52 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.cdn.tv2.no/s/pages/storm/assets/backup/vendor.bundle.js Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.83.177.52 Madrid, Spain, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-83-177-52.deploy.static.akamaitechnologies.com Software Boa/0.94.13 / CRAY X-MP Resource Hash b9fdf623885f436a83f6111bddbd56e1ac0db5ec2a392799e651aa45bf7f1e9d Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:47 GMT Content-Encoding gzip ETag W/"5f85976b-b3aeb" X-Powered-By CRAY X-MP Connection keep-alive Content-Length 239506 X-Served-By oslvarnish01 x-ttl 604800.000 Last-Modified Tue, 13 Oct 2020 12:02:51 GMT Server Boa/0.94.13 X-Todo Keep on smiling Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public, max-age=571604 Accept-Ranges bytes
GET H/1.1	200 OK	bundle.js Show response www.cdn.tv2.no/s/pages/storm/assets/backup/	652 KB 190 KB	199ms 77ms	Script application/x-javascript	104.83.177.52 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.cdn.tv2.no/s/pages/storm/assets/backup/bundle.js Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.83.177.52 Madrid, Spain, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-83-177-52.deploy.static.akamaitechnologies.com Software Boa/0.94.13 / Sinclair ZX81 Resource Hash f2937750d27038a8bdafa915a5655c7fe6f996d9b5229dfda05d2f50767838b8 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:47 GMT Content-Encoding gzip ETag W/"5f85976e-a2f3e" X-Powered-By Sinclair ZX81 Connection keep-alive Content-Length 194360 X-Served-By oslvarnish01 x-ttl 604800.000 Last-Modified Tue, 13 Oct 2020 12:02:54 GMT Server Boa/0.94.13 X-Todo Keep on smiling Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public, max-age=82798 Accept-Ranges bytes
GET H2	200	css fonts.googleapis.com/	4 KB 726 B	26ms 25ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700 Requested by Host: www.cdn.tv2.no URL: https://www.cdn.tv2.no/s/pages/storm/assets/backup/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 54cf1b815896196459b541b68f06b911ab0f9bcb51c42e57419d49174dc5e68d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.cdn.tv2.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Mar 2021 20:00:45 GMT server ESF date Thu, 11 Mar 2021 20:05:47 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Mar 2021 20:05:47 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	85 KB 33 KB	21ms 20ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TGLRQM Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fa57d602829852c92ecb65718ede06d06d14de892d4a5af5ce2bffc85e71d81a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33667 x-xss-protection 0 last-modified Thu, 11 Mar 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 11 Mar 2021 20:05:47 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	58 KB 20 KB	120ms 42ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 6ee13de0bcf1c6160818926ce83a1fa9033cd6926a4219b5688286f4cf01cdea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:47 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "809 / 316 of 1000 / last-modified: 1615490185" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19685 x-xss-protection 0 expires Thu, 11 Mar 2021 20:05:47 GMT
GET H2	200	/ Show response contentbox.tv2.no/v2/lab25/valutakurs/	64 B 328 B	342ms 29ms	XHR application/json	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://contentbox.tv2.no/v2/lab25/valutakurs/ Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software CERN httpd/3.0A / 100% Recycled Electrons Resource Hash 6135ac0c341b9ab816cf659dc3889e5b0e243bd8b67b0a456bc7d02efc2be1a7 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 11 Mar 2021 19:49:42 GMT x-ttl 3600.000 x-todo Keep on smiling age 965 x-powered-by 100% Recycled Electrons vary Accept-Encoding x-cache HIT content-type application/json access-control-allow-origin * cache-control no-transform, max-age=3600, s-maxage=3600 accept-ranges bytes tv2-cache-channel cms-ad-admin-currency content-length 64 server CERN httpd/3.0A x-served-by oslvarnish01
GET DATA	200 OK	truncated /	190 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ec35db8469f6fdf51dc0606b9d4c339832e8a773a15aec24e7ecd7daa2ce8201 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	camera.svg www.tv2.no/s/pages/storm/assets/icons/	931 B 1 KB	46ms 29ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/pages/storm/assets/icons/camera.svg Requested by Host: www.cdn.tv2.no URL: https://www.cdn.tv2.no/s/pages/storm/assets/backup/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software CERN httpd/3.0A / BMW M4 GTS Resource Hash 005a75ef19ca8e3bd98bcb88eae9e08882a7bb08f7491f20720e11658bad9d8a Request headers Referer https://www.cdn.tv2.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 14:14:31 GMT etag W/"54f36fad-3a3" age 193876 x-powered-by BMW M4 GTS x-cache HIT content-length 931 x-served-by oslvarnish02 x-ttl 3600.000 last-modified Sun, 01 Mar 2015 19:59:41 GMT server CERN httpd/3.0A x-todo Keep on smiling vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes
GET H2	200	tv2-logo-90.svg www.tv2.no/s/img/logo/	2 KB 2 KB	44ms 30ms	Image image/svg+xml	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Show image Full URL https://www.tv2.no/s/img/logo/tv2-logo-90.svg Requested by Host: www.tv2.no URL: https://www.tv2.no/s/stylesheets/tv2interface.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Xitami/2.5c2 / UNIVAC ERA 1103 Resource Hash 94ddff062d1e442af1b967b9c3df61ca5e5d073d51f79b4326abe1d4a76e5281 Request headers Referer https://www.tv2.no/s/stylesheets/tv2interface.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 17:49:57 GMT last-modified Mon, 01 Jun 2015 13:12:40 GMT x-ttl 3600.000 x-todo Keep on smiling age 8149 x-powered-by UNIVAC ERA 1103 etag W/"556c5a48-628" x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 1576 server Xitami/2.5c2 x-served-by oslvarnish01
GET H2	200	flama_book-webfont.woff www.tv2.no/s/fonts/flama/	30 KB 31 KB	89ms 29ms	Font application/font-woff	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/fonts/flama/flama_book-webfont.woff Requested by Host: www.tv2.no URL: https://www.tv2.no/s/stylesheets/tv2interface.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Generic Web Server / IBM System/38 Resource Hash d64f655466c9d96c030a15df9080ab0116380a4ca00e9606cd4ac748f90af4da Request headers Origin https://www.storm.no Referer https://www.tv2.no/s/stylesheets/tv2interface.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 07 Mar 2021 02:38:23 GMT last-modified Mon, 01 Jun 2015 13:12:40 GMT x-ttl 3600.000 x-todo Keep on smiling age 408444 x-powered-by IBM System/38 etag "556c5a48-7990" x-cache HIT content-type application/font-woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 31120 server Generic Web Server x-served-by oslvarnish04
GET H2	200	flama_light-webfont.woff www.tv2.no/s/fonts/flama/	25 KB 26 KB	109ms 49ms	Font application/font-woff	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/fonts/flama/flama_light-webfont.woff Requested by Host: www.cdn.tv2.no URL: https://www.cdn.tv2.no/s/pages/storm/assets/backup/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software BMW M4 CSL / M-power Resource Hash cc6dac17531cc7eb4bd7bf65a7ea6431c0d10563eb78d8e5d93a8150eb42ce6e Request headers Origin https://www.storm.no Referer https://www.cdn.tv2.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 01:23:42 GMT last-modified Mon, 01 Jun 2015 13:12:40 GMT x-ttl 3600.000 x-todo Keep on smiling age 585725 x-powered-by M-power etag "556c5a48-64d4" x-cache HIT content-type application/font-woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 25812 server BMW M4 CSL x-served-by oslvarnish03
GET H2	200	flamasemicondensed_light-webfont.woff www.tv2.no/s/fonts/flamasemicondensed/	27 KB 27 KB	106ms 47ms	Font application/font-woff	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/fonts/flamasemicondensed/flamasemicondensed_light-webfont.woff Requested by Host: www.cdn.tv2.no URL: https://www.cdn.tv2.no/s/pages/storm/assets/backup/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Xitami/2.5c2 / Sinclair ZX81 Resource Hash 30a3c0ad066f45505a6a8a79aa09e4cb3c5f5864851dc64c377989b5ff65eb12 Request headers Origin https://www.storm.no Referer https://www.cdn.tv2.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 14:14:04 GMT last-modified Mon, 01 Jun 2015 13:12:40 GMT x-ttl 3600.000 x-todo Keep on smiling age 193902 x-powered-by Sinclair ZX81 etag "556c5a48-6c58" x-cache HIT content-type application/font-woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 27736 server Xitami/2.5c2 x-served-by oslvarnish02
GET H2	200	flamasemicondensed_medium-webfont.woff www.tv2.no/s/fonts/flamasemicondensed/	25 KB 25 KB	109ms 50ms	Font application/font-woff	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/fonts/flamasemicondensed/flamasemicondensed_medium-webfont.woff Requested by Host: www.cdn.tv2.no URL: https://www.cdn.tv2.no/s/pages/storm/assets/backup/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software thttpd/2.25b / Sinclair ZX81 Resource Hash 8936d7046c3016bf152f9791c56aac55f98e600af72cce9b0f3df0709c0a7243 Request headers Origin https://www.storm.no Referer https://www.cdn.tv2.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 14:14:29 GMT last-modified Mon, 01 Jun 2015 13:12:40 GMT x-ttl 3600.000 x-todo Keep on smiling age 193877 x-powered-by Sinclair ZX81 etag "556c5a48-635c" x-cache HIT content-type application/font-woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 25436 server thttpd/2.25b x-served-by oslvarnish02
GET H2	200	flama_basic-webfont.woff www.tv2.no/s/fonts/flama/	25 KB 25 KB	101ms 46ms	Font application/font-woff	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/fonts/flama/flama_basic-webfont.woff Requested by Host: www.cdn.tv2.no URL: https://www.cdn.tv2.no/s/pages/storm/assets/backup/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Xitami/2.5c2 / BMW M4 GTS Resource Hash ccf93e91d86f90371e24f9ca04848f0c2a86af207b3a3c12c58f8856b23f138a Request headers Origin https://www.storm.no Referer https://www.cdn.tv2.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 07 Mar 2021 02:39:24 GMT last-modified Mon, 01 Jun 2015 13:12:40 GMT x-ttl 3600.000 x-todo Keep on smiling age 408382 x-powered-by BMW M4 GTS etag "556c5a48-63c8" x-cache HIT content-type application/font-woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 25544 server Xitami/2.5c2 x-served-by oslvarnish04
GET H2	200	flamasemicondensed_bold-webfont.woff www.tv2.no/s/fonts/flamasemicondensed/	24 KB 24 KB	101ms 46ms	Font application/font-woff	5.44.65.150 TV2-NORWAY
General Check archive.org Show headers Download Go to Full URL https://www.tv2.no/s/fonts/flamasemicondensed/flamasemicondensed_bold-webfont.woff Requested by Host: www.tv2.no URL: https://www.tv2.no/s/stylesheets/tv2interface.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.44.65.150 , Norway, ASN39787 (TV2-NORWAY, NO), Reverse DNS Software Xitami/2.5c2 / AEG ProTex L75480FL Resource Hash ec4895ba11804175e91cc957da54dd924cbad01673dc601e508bb202fd7ad9b6 Request headers Origin https://www.storm.no Referer https://www.tv2.no/s/stylesheets/tv2interface.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 17:49:58 GMT last-modified Mon, 01 Jun 2015 13:12:40 GMT x-ttl 3600.000 x-todo Keep on smiling age 8148 x-powered-by AEG ProTex L75480FL etag "556c5a48-5e7c" x-cache HIT content-type application/font-woff access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-length 24188 server Xitami/2.5c2 x-served-by oslvarnish01
GET H/1.1	200 OK	places Show response rest.tv2.no/weather-dw-rest/forecast/	2 B 548 B	156ms 36ms	XHR application/json	77.75.209.65 NO-TV2-AS
General Check archive.org Show headers Download Go to Full URL https://rest.tv2.no/weather-dw-rest/forecast/places?place=&days=3 Requested by Host: www.cdn.tv2.no URL: https://www.cdn.tv2.no/s/pages/storm/assets/backup/vendor.bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 77.75.209.65 Drobak, Norway, ASN35703 (NO-TV2-AS, NO), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:42 GMT Age 5 X-Cache hit cached Connection keep-alive Content-Length 2 X-Served-By varnish12 X-Todo Keep on smiling - rest Vary Accept-Encoding,X-Platform Access-Control-Allow-Methods OPTIONS,GET Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers Cache-Control no-transform, max-age=60, s-maxage=60 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers Content-Type,Cache-Control
GET H3-Q050	200	pubads_impl_2021030801.js Show response securepubads.g.doubleclick.net/gpt/	283 KB 100 KB	97ms 57ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 4967624b996e927f25c959c7d920f99f8544c7b2b17b1b55683d304250aa8de3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:48 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 08 Mar 2021 09:38:26 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 101868 x-xss-protection 0 expires Thu, 11 Mar 2021 20:05:48 GMT
GET H/1.1	200 OK	dsc_3243_3.jpg dinebilder.tv2.no/uploaded/27/preview/	10 KB 10 KB	197ms 40ms	Image image/jpeg	77.75.209.73 NO-TV2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dinebilder.tv2.no/uploaded/27/preview/dsc_3243_3.jpg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 77.75.209.73 Drobak, Norway, ASN35703 (NO-TV2-AS, NO), Reverse DNS Software / Resource Hash f1171deaec3606de25f91d2c11c78d9a285e3319d0e7b6fae6ed15d97036eab1 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 10:50:46 GMT Last-Modified Tue, 09 Mar 2021 20:55:51 GMT Age 33302 ETag "2668-5bd20c689a5d3" Vary Accept-Encoding,X-Platform X-Cache hit cached Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 9832 X-Served-By varnish12
GET H/1.1	200 OK	psx_20210113_184543.jpg dinebilder.tv2.no/uploaded/27/preview/	20 KB 20 KB	196ms 39ms	Image image/jpeg	77.75.209.73 NO-TV2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dinebilder.tv2.no/uploaded/27/preview/psx_20210113_184543.jpg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 77.75.209.73 Drobak, Norway, ASN35703 (NO-TV2-AS, NO), Reverse DNS Software / Resource Hash 08dd6c6de60049d9ae55ede00b40554b80519dc3ef356575f1289a7b4e08c37e Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 10:50:46 GMT Last-Modified Tue, 09 Mar 2021 10:39:19 GMT Age 33301 ETag "4ed8-5bd1829aee886" Vary Accept-Encoding,X-Platform X-Cache hit cached Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 20184 X-Served-By varnish12
GET H/1.1	200 OK	1_1250087.jpg dinebilder.tv2.no/uploaded/27/preview/	12 KB 12 KB	215ms 58ms	Image image/jpeg	77.75.209.73 NO-TV2-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dinebilder.tv2.no/uploaded/27/preview/1_1250087.jpg Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 77.75.209.73 Drobak, Norway, ASN35703 (NO-TV2-AS, NO), Reverse DNS Software / Resource Hash 5897ffca8bd848e6c433fb1f902d9ca73a1f5a25d1c1663d196791b66f238fca Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 10:50:45 GMT Last-Modified Mon, 08 Mar 2021 10:46:59 GMT Age 33303 ETag "2feb-5bd04273c273d" Vary Accept-Encoding,X-Platform X-Cache hit cached Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 12267 X-Served-By varnish12
GET H2	200	57306f79e45a1d202c35d076.js Show response pp.lp4.io/app/57/30/6f/	140 KB 38 KB	128ms 49ms	Script application/javascript	136.243.95.176 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pp.lp4.io/app/57/30/6f/57306f79e45a1d202c35d076.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGLRQM Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.95.176 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.176.95.243.136.clients.your-server.de Software Apache/2.4.29 (Ubuntu) / Resource Hash c318d9bb6d8df81fdb36227f4b1fbc74538f33cc22d26babe1c7e6c9b363fe88 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:48 GMT content-encoding gzip last-modified Mon, 15 Feb 2021 09:15:05 GMT server Apache/2.4.29 (Ubuntu) etag "230d7-5bb5c6bed6646-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 accept-ranges bytes content-length 38486 expires Thu, 11 Mar 2021 20:35:48 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGLRQM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 193 date Thu, 11 Mar 2021 20:02:35 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Thu, 11 Mar 2021 22:02:35 GMT
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=24504393&ns__t=1615493148235&ns_c=UTF-8&c8=storm.no&c7=https%3A%2F%2Fwww.storm.no%2F&c9= https://sb.scorecardresearch.com/b2?c1=2&c2=24504393&ns__t=1615493148235&ns_c=UTF-8&c8=storm.no&c7=https%3A%2F%2Fwww.storm.no%2F&c9=&cs_ak_ss=1	0 528 B	43ms 43ms	Image text/plain	23.37.53.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=24504393&ns__t=1615493148235&ns_c=UTF-8&c8=storm.no&c7=https%3A%2F%2Fwww.storm.no%2F&c9=&cs_ak_ss=1 Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-53-17.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Mar 2021 20:05:48 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=2&c2=24504393&ns__t=1615493148235&ns_c=UTF-8&c8=storm.no&c7=https%3A%2F%2Fwww.storm.no%2F&c9=&cs_ak_ss=1 Pragma no-cache Date Thu, 11 Mar 2021 20:05:48 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 386 B	45ms 13ms	XHR text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2050782982&t=pageview&_s=1&dl=https%3A%2F%2Fwww.storm.no%2F&ul=en-us&de=UTF-8&dt=storm.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=450298219&gjid=84344012&cid=549096324.1615493148&tid=UA-8408970-5&_gid=1505354095.1615493148&_r=1&gtm=2wg330TGLRQM&cd1=Oslo&cd2=chart&z=1026550386 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 11 Mar 2021 20:05:48 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.storm.no cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 86 B	15ms 15ms	XHR text/plain	2a00:1450:400c:c1b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-8408970-5&cid=549096324.1615493148&jid=450298219&gjid=84344012&_gid=1505354095.1615493148&_u=YEBAAEAAAAAAAC~&z=1011546439 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 11 Mar 2021 20:05:48 GMT content-type text/plain access-control-allow-origin https://www.storm.no cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 108 B	29ms 29ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-8408970-5&cid=549096324.1615493148&jid=450298219&_u=YEBAAEAAAAAAAC~&z=1473020436 Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 11 Mar 2021 20:05:48 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	30ms 29ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-8408970-5&cid=549096324.1615493148&jid=450298219&_u=YEBAAEAAAAAAAC~&z=1473020436 Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 11 Mar 2021 20:05:48 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	show_companion_ad.js Show response pagead2.googlesyndication.com/pagead/	14 KB 6 KB	27ms 7ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_companion_ad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a83692d83e4955d4924ee859f00444c747f68ebf567c9bee8c2fe44705eeaa34 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:02:31 GMT content-encoding gzip x-content-type-options nosniff age 197 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5865 x-xss-protection 0 server cafe etag 7928926792788742870 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Thu, 11 Mar 2021 21:02:31 GMT
GET H2	200	/ Show response adx.adform.net/adx/	5 B 447 B	184ms 132ms	XHR application/json	37.157.4.28 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&cHJpY2VUeXBlPW5ldCZtaWQ9NjExOTUzJnRyYW5zYWN0aW9uSWQ9NWI4ZDcwMzctYTA1Ni00ZTM3LWJiNWItZGFhNjI3NTdkNTVmJnJjdXI9Tk9L&pt=net&stid=d887a122-647f-4ec7-81c2-8a1a5f146b69&fd=1 Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 11 Mar 2021 20:05:48 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://www.storm.no cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type application/json; charset=utf-8 access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With content-length 5 expires -1
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 114 B	162ms 74ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.storm.no date Thu, 11 Mar 2021 20:05:47 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 707 B	125ms 45ms	XHR application/json	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 11 Mar 2021 20:05:48 GMT X-Proxy-Origin 82.102.20.235; 82.102.20.235; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.28:80 AN-X-Request-Uuid f1c14251-4a2e-4ef8-9b2c-4d0dea27acb8 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.storm.no Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	hb Show response ice.360yield.com/	98 B 514 B	210ms 127ms	XHR application/json	52.58.177.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2212a8844f786d5a4%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.storm.no%2F%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22978bce597f6d41%22%2C%22currency%22%3A%22NOK%22%2C%22pid%22%3A%2222120040%22%2C%22tid%22%3A%225b8d7037-a056-4e37-bb5b-daa62757d55f%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.177.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-177-93.eu-central-1.compute.amazonaws.com Software / Resource Hash 40480950d2a4aac25da724620dd117371df5568d80489b1fdfdb50845894db34 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.storm.no date Thu, 11 Mar 2021 20:05:48 GMT access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 98 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	270 B 2 KB	424ms 289ms	XHR application/json	213.19.162.31 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17312&site_id=171624&zone_id=1103968&size_id=2&alt_size_ids=31%2C38%2C57%2C79%2C113%2C145%2C221&rf=https%3A%2F%2Fwww.storm.no%2F&tk_flint=pbjs_lite_v4.17.0&x_source.tid=5b8d7037-a056-4e37-bb5b-daa62757d55f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.921892553339499 Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 84a82ff7270d122b4b766d50231ded61798193b2c6e682ed2b947b1f0a87d2a7 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 11 Mar 2021 20:05:48 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.storm.no Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 270 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	204	p pp.lp4.io/	0 69 B	42ms 42ms	Image text/plain	136.243.95.176 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pp.lp4.io/p?i=57306f79e45a1d202c35d076&r=&sr=&mt=storm.no&ma=-1&tg=-1&ctg=-1&mp=-1&mu=-1&mi=https%3A%2F%2Fwww.tv2.no%2Fs%2Fpages%2Fstorm%2Fassets%2Fios%2Fapple-touch-icon-152x152.png&md=Storm.no%20gir%20deg%20v%C3%A6ret%20for%208%20millioner%20steder%20i%20verden&or=-1&wc=-1&pw=&pwu=0&co=0&il=&hv=&sc=-1&p=https%3A%2F%2Fwww.storm.no%2F&c=desktop&t=&s=&_r=1615493148423:4.7.21:20210215-101458 Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.95.176 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.176.95.243.136.clients.your-server.de Software Apache/2.4.29 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:48 GMT server Apache/2.4.29 (Ubuntu)
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	cs.js Show response sb.scorecardresearch.com/c2/24504393/	0 400 B	42ms 42ms	Script application/x-javascript	23.37.53.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/c2/24504393/cs.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGLRQM Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-53-17.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:48 GMT Content-Encoding gzip Last-Modified Fri, 08 Apr 2011 23:11:26 GMT ETag "d41d8cd98f00b204e9800998ecf8427e:1349196464" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=259200 Connection keep-alive Content-Length 20 Expires Sun, 14 Mar 2021 20:05:48 GMT
GET H2	200	integrator.js Show response adservice.google.dk/adsid/	107 B 799 B	37ms 15ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.dk/adsid/integrator.js?domain=www.storm.no Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Mar 2021 20:05:48 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	34ms 14ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.storm.no Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Mar 2021 20:05:48 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	75 KB 16 KB	705ms 704ms	XHR text/plain	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1619523049841043&correlator=453488536467024&output=ldjh&impl=fifs&hxva=1&scor=3431183004184207&eid=31060422&vrg=2021030801&ptt=17&sc=1&sfv=1-0-37&ecs=20210311&iu_parts=5374%2CTV2no%2Cvaerportal&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90%7C970x250%7C980x120%7C980x150%7C980x300%7C1000x150%7C1000x300%7C930x180&prev_scp=pos%3Dtopbanner%26location%3DOslo%26sponsorship%3Dtrue%26hb_ttr%3D400-600&eri=1&cust_params=sectionPaths%3Dstorm%26baseUrl%3Dwww.storm.no%26isApp%3Dfalse%26mode%3Dweb%26frontId%3Dstorm.no%26front%3Dfalse%26visibilityState%3Dvisible%26beta%3Dfalse%26domain%3Dtv2.no%26subdomain%3Dwww%26inventory%3D3&cookie_enabled=1&bc=31&abxe=1&lmt=1615493148&dt=1615493148854&dlt=1615493147203&idt=1187&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=60&adks=263221864&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.no%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x2608&msz=1000x300&ga_vid=549096324.1615493148&ga_sid=1615493149&ga_hid=2050782982&ga_fc=false&fws=4&ohw=1000 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 5472982cdc4e4b6510c652de91e79f447a4a5dcfb7a31f334d7eb03d5296d4a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:49 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16182 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.storm.no cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	29ms 14ms	Other text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	27ms 7ms	Other text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	204	pl pp.lp4.io/	0 69 B	36ms 36ms	Image text/plain	136.243.95.176 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pp.lp4.io/pl?i=57306f79e45a1d202c35d076&ct=1.185&rt=0.311&pt=1.496&pvr=&lp=1.262&ab=&p=https%3A%2F%2Fwww.storm.no%2F&c=desktop&t=&s=&tg=-1&ctg=-1&_r=1615493148971:4.7.21:20210215-101458 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.95.176 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.176.95.243.136.clients.your-server.de Software Apache/2.4.29 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:48 GMT server Apache/2.4.29 (Ubuntu)
GET H3-Q050	200	container.html Show response 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 980F	6 KB 3 KB	35ms 21ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.storm.no/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.storm.no/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 2973 date Thu, 11 Mar 2021 20:05:48 GMT expires Fri, 11 Mar 2022 20:05:48 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	35ms 15ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1615378846156468" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28222 x-xss-protection 0 expires Thu, 11 Mar 2021 20:05:49 GMT
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	46ms 32ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030801&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2607fdce296eb50e31d57e4749528c755ba7c90779590c335ddbf3efd1f16bf1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 11 Mar 2021 20:05:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6470 x-xss-protection 0
GET H3-Q050	200	css fonts.googleapis.com/ Frame 980F	2 KB 969 B	46ms 31ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 11 Mar 2021 19:58:01 GMT server ESF date Thu, 11 Mar 2021 20:05:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Mar 2021 20:05:49 GMT
GET H3-Q050	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 980F	2 KB 991 B	40ms 25ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:23 GMT content-encoding gzip x-content-type-options nosniff age 26 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 896 x-xss-protection 0 server cafe etag 948078048762640732 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Mar 2021 20:05:23 GMT
GET H3-Q050	200	adview securepubads.g.doubleclick.net/pagead/ Frame 980F	0 0	70ms 69ms	Fetch text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CXQL1HHhKYJ_HN_-KjuwP7_St4AjY1LfkYauxw9rOCrj_nrGJGBABIPHM2hhg0YG5gtAHoAGm6Lj0A8gBCakCnDhNBtSWhT7gAgCoAwHIA5sEqgTHAU_Q_TrSdrVIHkQmawdRkIHIHt691P_T-k-2MoS9CO-y5SXI-GCWH_cMYyE2GbrR-AT1RBDjpkytLCib4ePQmdZa5DJ-hx3fPguANKTCe2efVtvK94KyBG2K1Srf-uh8P-D9u1oX6OxiKLq2rYTfMtQkRKssfM5hpQ95hfLluPXjcUQsyy4i8g8hEuwYcwudLR4CHQAMOt6xgAQevBbUdT6fPcrR933JXgVj3lngHC0-Tlgr4nSdipCql1XabjGQMPUYelM96mLABNuy4_WrAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfCl8cLqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD8q0bSCAkIgOGAUBABGB2ACgPICwHYEw7QFQGAFwGyFxoKGAgAEhRwdWItOTQ4OTgyNDUyNjY2OTc1Mg&sigh=AU6uNnRbzUY&template_id=494&tpd=AGWhJmsYAlhHOmB_DgEG_aGlEC_H3FLwnWEAd4lpWptv9J_noA Requested by Host: www.storm.no URL: https://www.storm.no/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software / Resource Hash Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 980F	17 KB 7 KB	39ms 25ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:41 GMT content-encoding gzip x-content-type-options nosniff age 8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7138 x-xss-protection 0 server cafe etag 7904608329869157807 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Mar 2021 20:05:41 GMT
GET H3-Q050	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 980F	2 KB 1 KB	38ms 25ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:03:21 GMT content-encoding gzip x-content-type-options nosniff age 148 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 6751271179024913178 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Mar 2021 20:03:21 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 980F	112 KB 34 KB	43ms 29ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1615378840307797" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34576 x-xss-protection 0 expires Thu, 11 Mar 2021 20:05:49 GMT
GET H3-Q050	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 980F	13 KB 6 KB	34ms 22ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:47 GMT content-encoding gzip x-content-type-options nosniff age 2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5996 x-xss-protection 0 server cafe etag 15528521553155206461 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 25 Mar 2021 20:05:47 GMT
GET H2	200	1e8eaeef6431cb6de349a68674062a29.js Show response www.gstatic.com/mysidia/ Frame 980F	26 KB 11 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 10 Mar 2021 21:17:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Mar 2021 03:08:06 GMT server sffe age 82122 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10971 x-xss-protection 0 expires Tue, 08 Jun 2021 21:17:07 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 980F	5 KB 5 KB	28ms 6ms	Image image/jpeg	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQhm_VS8lljnCOrVBAZrTj17PyGj_RSNwvPvCNnsX1CN1RUu6o&usqp=CAI Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdb78cf79a3e7991db4aae321fc24002d920aad927b9f7e527ead3bc70435642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 08:37:27 GMT x-content-type-options nosniff last-modified Fri, 29 Nov 2019 11:44:06 GMT server sffe age 214102 content-type image/jpeg cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5226 x-xss-protection 0 expires Wed, 09 Mar 2022 08:37:27 GMT
GET H2	200	shopping encrypted-tbn1.gstatic.com/ Frame 980F	20 KB 20 KB	28ms 6ms	Image image/jpeg	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQq7LmKx1wNrrjS2cK6Pd4-X5KB99o0Ewx-cZosgFOKcWBHxlvFaESLr3GtFA&usqp=CAI Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 72aaa22014c2f1ea894e6740d803c52bd3f5913ab6b00c3eaea5fc99f6201e9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 08:36:13 GMT x-content-type-options nosniff last-modified Sun, 24 Nov 2019 04:16:34 GMT server sffe age 214176 content-type image/jpeg cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20193 x-xss-protection 0 expires Wed, 09 Mar 2022 08:36:13 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 980F	8 KB 8 KB	34ms 13ms	Image image/jpeg	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRKzRIby7K0iWc1zg9sNXbXO0ZyiAmmlJxeprNJNzhYgkZ2-Gw&usqp=CAI Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 592fae763ccbdc1fdef7a3f919b3867955acd341faecaf7ff57e2064b4b8f7a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 08:37:27 GMT x-content-type-options nosniff last-modified Fri, 21 Feb 2020 03:17:30 GMT server sffe age 214102 content-type image/jpeg cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8041 x-xss-protection 0 expires Wed, 09 Mar 2022 08:37:27 GMT
GET H2	200	shopping encrypted-tbn1.gstatic.com/ Frame 980F	11 KB 11 KB	33ms 12ms	Image image/jpeg	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQjV8YrAwoHn4cmr9BfjgavsikXJrMF9jltnPo6wp3gxJV7zJvtItOtfV_C1QI&usqp=CAI Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7040732e0a9d5cccc24fec24b673924f39e23891ae05dec5972ef88f81b3ae0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 10 Mar 2021 08:45:54 GMT x-content-type-options nosniff last-modified Fri, 26 Feb 2021 23:15:57 GMT server sffe age 127195 content-type image/jpeg cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11498 x-xss-protection 0 expires Thu, 10 Mar 2022 08:45:54 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 980F	9 KB 9 KB	28ms 7ms	Image image/png	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRZ-IfEhF1wFa7x78-bjMoCBMt6YHeDCZzq5IEDhKGkOIHLPK8z&usqp=CAI Requested by Host: 919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com URL: https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash baec894e16282269c648b7363da19c37c0390740ac91642a8af3b8ed8d42ca62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 15:42:02 GMT x-content-type-options nosniff last-modified Thu, 12 Mar 2020 13:32:26 GMT server sffe age 188627 content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8806 x-xss-protection 0 expires Wed, 09 Mar 2022 15:42:02 GMT
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	48ms 47ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js?31060422 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1611170586013198" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6403 x-xss-protection 0 expires Thu, 11 Mar 2021 20:05:49 GMT
GET DATA	200 OK	truncated / Frame 980F	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4b7e6c3bf9c6713fc4d4cfe22518fae2c21e4b7028d55d617bd682ab8833455e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 980F	20 KB 21 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 19:41:26 GMT x-content-type-options nosniff last-modified Wed, 04 Dec 2019 18:44:32 GMT server sffe age 1463 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20900 x-xss-protection 0 expires Fri, 11 Mar 2022 19:41:26 GMT
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/221/ Frame 99EF	12 KB 5 KB	7ms 7ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/221/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.storm.no/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.storm.no/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4984 date Thu, 11 Mar 2021 17:44:04 GMT expires Fri, 11 Mar 2022 17:44:04 GMT last-modified Tue, 08 Dec 2020 21:41:15 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 8505 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Show response pagead2.googlesyndication.com/bg/ Frame 99EF	14 KB 6 KB	36ms 22ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 15:02:55 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 08 Mar 2021 17:45:00 GMT server sffe age 18174 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5656 x-xss-protection 0 expires Fri, 11 Mar 2022 15:02:55 GMT
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 224 B	41ms 40ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030801&jk=1619523049841043&bg=!Dg2lDU7NAAUO7zDoDjsAKQB2-DxaXvFQL_suiSBsUOoTIIHHlI5NUUTK4VKvlDcMbZjNpLDe57mRAgAAAGNSAAAACWgBBwoAvX4TqIWFsE0b1DwnJ71HeC0m8tyyRPvC8BQ89Vk7UiHN1l_NlwR4Fmdw5YLirHi7rlJ0eKkVqccF3PFWe0IPmF07LR0-fzOVJQIZU9VG1R2EfAl8gQGXKxJp9f56jZ_p061wn0GV4orVceIe9Zez0CGazyNzxeCw4Z0k-5ewv74xj5CVdNFo0y9nkCaDJ9OksCRisC6uerMDRDlgyMTgT9hBcQ0Mk_Y6Z_S2gByYLi2kBEa3Zl-_23uMUtj9BJkCE-LMapMYOpRiDEiaS8pL1HG4hXfblO7gCdjCazSn-lZWFcfnslakR_j5vGSFkfpuTV1blpGlmbGumn5txBJkd-RmV0XvdRIMz7PD2eYaiIUEriQTzXIU7Y7jJ9uyXt_ShGprxLGtduJJ5lSIlO41jHUiOYP6slYHoBKHfOSb8vhkvuj0C3sv1qaPYBC-Bb25Iw9cTUpBNkN4BR8M6-0c0BQqByYhYteMtNzQY3EXAsemyeVocLNFRSZuUZRmx1zdnzxTiZlUTMhyT3Vr5nI93KHjrePFJzfgGXoEQIUjyH1XPHm_R-ujNNjHKcCJZHuOHKUdERuRN8irqpD4AxRzMmSDf6Xmf9kg2ZP83poSU7JnWv2-V7Y2PQ5v9zp8gNYUfQdwtIJi-dI84F6pRnRml6MB2Hh68ZEoMllzkat484lt9cVhsXhK2WuhhdisIkxICbnhxZvV6NaNIh7Tbf8NwEBh3t0EsKnAVl1Vae7cMBomt9sfjVABU7ASBUqB-k3b5J10StQ_z_4DJmSmwL3syfgqc6jrgbKnY-4LPNP74ipzG-9pxMixEwVoVADx7fqzoJMCO3L-RuI1INRnoy0pOBmGYAd48XSKd5_i-CnQNDP-xPXCIaz6hK0xBVfivYnHl3l5ya6vkQHgIKsbJKR1eLpVQzFSDIrluuAe2pJa3sfiSwTILTT_Xo1duPwCKeZcwo_WkQ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.storm.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 11 Mar 2021 20:05:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 980F	42 B 155 B	41ms 41ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufBvRcPB8qZNBRq6r6wqwmHfm7n-uHuyIfm7WVC3WKyuniXQtUCN7g2s3gQ1Gd8-OS0WODtXduTBfUDmq8PkXfjnn3y2BNIJSw-3QW0HVVabMl5imMZJGz3i2FsQ&sai=AMfl-YTvNfUQNCrIQ8Yumv9Fcd_U6q44s-8nE7ZJsFXwjggSDxl9HP_ePHXC5dh9AInKwibYBRjY9zyFVuQUXocG30CNeOGqXHcSzK2UMRk-a7BykwKcKtNVKVP_mvIaz-S7&sig=Cg0ArKJSzO4XXvUhVah-EAE&cid=CAASPeRoeM4qq4HE6bmp1FhQopL6zaNBN8-Zz4UMwq9bLqv-3-PwMYQTe-ZLapaMa5TCw5PXx-VFy249dP_uIg0&id=osdim&mcvt=1000&p=60,300,360,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210310&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=263221864&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1615493149584&dlt=35&rpt=158&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://919965ce3b1ffdeab29d376745fcccb0.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 11 Mar 2021 20:05:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	showad.js Show response ads.pubmatic.com/AdServer/js/ Frame 7B23	37 KB 14 KB	149ms 61ms	Document text/html	104.108.144.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-144-214.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e Request headers Host ads.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.storm.no/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.storm.no/ Response headers Last-Modified Wed, 21 Oct 2020 18:57:52 GMT ETag "13006b6-94f8-5b232eca8cf5e" Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Content-Encoding gzip P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 13837 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=169710 Expires Sat, 13 Mar 2021 19:14:21 GMT Date Thu, 11 Mar 2021 20:05:51 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 0E8D	52 KB 17 KB	142ms 51ms	Document text/html	104.108.144.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: www.tv2.no URL: https://www.tv2.no/s/gcp/adhub/tv2/prod/tv2.all.js?uv=130 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-144-200.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.storm.no/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.storm.no/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Vary Accept-Encoding Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Fri, 12 Mar 2021 20:05:53 GMT Date Thu, 11 Mar 2021 20:05:51 GMT Connection keep-alive
GET H/1.1	200 OK	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 7B23	3 KB 3 KB	175ms 42ms	Script text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39737100&p=158567&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 329fb701f67dd3aa0020eb0409fe36133e6dbfe8b2a0d295abef448bc81e890c Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:51 GMT P3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bounce Show response ib.adnxs.com/ Frame 0E8D Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 816 B	31ms 31ms	Script text/html	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Mar 2021 20:05:52 GMT X-Proxy-Origin 82.102.20.235; 82.102.20.235; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.87:80 AN-X-Request-Uuid e60e5b8d-d2e0-48d3-a0e6-d49cee2759fc Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Thu, 11 Mar 2021 20:05:52 GMT X-Proxy-Origin 82.102.20.235; 82.102.20.235; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.70:80 AN-X-Request-Uuid 63177ac7-e5d5-4775-b7ba-a5e5aef367f7 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame B00C	43 B 326 B	105ms 36ms	Document image/gif	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: image6.pubmatic.com URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39737100&p=158567&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers :method GET :authority dis.criteo.com :scheme https :path /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers cache-control no-cache pragma no-cache content-type image/gif expires Thu, 11 Mar 2021 00:00:00 GMT server Microsoft-IIS/10.0 x-errorlevel 0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" server-processing-duration-in-ticks 1210 x-powered-by ASP.NET date Thu, 11 Mar 2021 20:05:52 GMT content-length 43
GET H/1.1	200 OK	Cookie set Pug Show response image2.pubmatic.com/AdServer/ Frame 1523 Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3210118519972284388	42 B 769 B	109ms 45ms	Document image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3210118519972284388 Requested by Host: image6.pubmatic.com URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39737100&p=158567&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers Host image2.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ads.pubmatic.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie KTPCACOOKIE=YES; pi=158567:2; KADUSERCOOKIE=B544F360-AA7F-4425-80AD-180EDC44D6A6; chkChromeAb67Sec=1; DPSync3=1616630400%3A226_219; SyncRTB3=1616630400%3A161_56_3_21_54_7_81_220%7C1616716800%3A35 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers Server nginx Date Thu, 11 Mar 2021 20:05:52 GMT Content-Type image/gif; charset=utf-8 Content-Length 42 Connection keep-alive Set-Cookie KRTBCOOKIE_336=5844-3210118519972284388; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Apr-2021 20:05:52 GMT; path=/ PugT=1615493152; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Apr-2021 20:05:52 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 09-Jun-2021 20:05:52 GMT; path=/ X-lat lhrpug017:0:503 P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3210118519972284388 content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H/1.1	200 OK	info2 uipglob.semasio.net/pubmatic/1/ Frame 7B23 Redirect Chain https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B544F360-AA7F-4425-80AD-180EDC44D6A6&sInitiator=external&gdpr=0&gdpr_consent= https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B544F360-AA7F-4425-80AD-180EDC44D6A6&sInitiator=external&gdpr=0&gdpr_consent=	42 B 603 B	43ms 43ms	Image image/gif	77.243.60.138 NETIC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B544F360-AA7F-4425-80AD-180EDC44D6A6&sInitiator=external&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK), Reverse DNS Software / Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 11 Mar 2021 20:05:49 GMT frontend-id 1 p3p policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT" access-control-allow-origin * uip-response-status Ok cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 42 routing-server-id -1 expires Sat, 01 Jan 2011 12:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Mar 2021 20:05:49 GMT frontend-id 4 location /pubmatic/1/info2?sType=sync&sExtCookieId=B544F360-AA7F-4425-80AD-180EDC44D6A6&sInitiator=external&gdpr=0&gdpr_consent= p3p policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT" access-control-allow-origin * uip-response-status Ok cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 0 routing-server-id -1 expires Sat, 01 Jan 2011 12:00:00 GMT
GET H2	200	mw mwzeom.zeotap.com/ Frame 7B23 Redirect Chain https://pixel.onaudience.com/?partner=214&mapped=B544F360-AA7F-4425-80AD-180EDC44D6A6 https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 https://pixel.onaudience.com/?partner=147&mapped=ab62c255-928b-4431-baa1-4f8ad90dac7d&icm https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e60da4d7493d30cfae740d84929c1d16 https://spl.zeotap.com/?zdid=1332&zcluid=6ed1ce55a8507053 https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85097673-7f53-40e1-4d21-bfee17126872&reqId=466220f8-5b8e-4ccd-7cfa-0691d99f06d2&zclui... https://mwzeom.zeotap.com/mw?google_gid=CAESEOLdiIO8JoduK_5GlO9beE0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85097673-7f53-40e1-4d21-bfee17126872&reqId=466220f8-5b8e-4ccd-7cfa-069...	95 B 213 B	3133ms 3131ms	Image image/png	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?google_gid=CAESEOLdiIO8JoduK_5GlO9beE0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85097673-7f53-40e1-4d21-bfee17126872&reqId=466220f8-5b8e-4ccd-7cfa-0691d99f06d2&zcluid=6ed1ce55a8507053&zdid=1332 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 20:05:56 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://ads.pubmatic.com access-control-allow-credentials true cf-ray 62e7666d89c1178e-FRA access-control-allow-headers * content-length 95 cf-request-id 08c47e58750000178ec286a000000001 Redirect headers pragma no-cache date Thu, 11 Mar 2021 20:05:52 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://mwzeom.zeotap.com/mw?google_gid=CAESEOLdiIO8JoduK_5GlO9beE0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85097673-7f53-40e1-4d21-bfee17126872&reqId=466220f8-5b8e-4ccd-7cfa-0691d99f06d2&zcluid=6ed1ce55a8507053&zdid=1332 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 469 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Pug image2.pubmatic.com/AdServer/ Frame 7B23 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU0NEYzNjAtQUE3Ri00NDI1LTgwQUQtMTgwRURDNDRENkE2&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 505 B	177ms 46ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:52 GMT X-lat lhrpug009:0:588 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42 Redirect headers pragma no-cache date Thu, 11 Mar 2021 20:05:52 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Pug image2.pubmatic.com/AdServer/ Frame 7B23 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC0XysiSDyp3gfdZXVUjnHI&google_cver=1	42 B 855 B	176ms 48ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC0XysiSDyp3gfdZXVUjnHI&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:52 GMT X-lat lhrpug010:0:394 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42 Redirect headers pragma no-cache date Thu, 11 Mar 2021 20:05:52 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC0XysiSDyp3gfdZXVUjnHI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Frame 7B23 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e174015-6ac0-40b3-ba4f-360a241ea952	42 B 882 B	112ms 43ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e174015-6ac0-40b3-ba4f-360a241ea952 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:52 GMT X-lat lhrpug003:0:727 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42 Redirect headers pragma no-cache date Thu, 11 Mar 2021 20:05:52 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e174015-6ac0-40b3-ba4f-360a241ea952 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Frame 7B23 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d321604a-7820-4a00-832f-45462789c0bf&gdpr=0&gdpr_consent=	42 B 946 B	178ms 52ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d321604a-7820-4a00-832f-45462789c0bf&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:52 GMT X-lat lhrpug014:0:418 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42 Redirect headers Date Thu, 11 Mar 2021 20:05:24 GMT Server MT3 3611 f10363c master cdg-pixel-x26 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d321604a-7820-4a00-832f-45462789c0bf&gdpr=0&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 11 Mar 2021 20:05:23 GMT
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Frame 7B23 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8988044859591072289	42 B 801 B	180ms 53ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8988044859591072289 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:52 GMT X-lat lhrpug005:0:840 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42 Redirect headers pragma no-cache date Thu, 11 Mar 2021 20:05:52 GMT server nginx location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8988044859591072289 strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform content-length 0 expires -1
GET H/1.1	200 OK	Pug image2.pubmatic.com/AdServer/ Frame 7B23 Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2181412944167057445&gdpr=0&gdpr_consent=	42 B 769 B	235ms 53ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2181412944167057445&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:52 GMT X-lat lhrpug011:0:410 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42 Redirect headers Pragma no-cache Date Thu, 11 Mar 2021 20:05:52 GMT X-Proxy-Origin 82.102.20.235; 82.102.20.235; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.30:80 AN-X-Request-Uuid 398c9da9-38fe-4422-a81d-2545e166feaf Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2181412944167057445&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Frame 7B23 Redirect Chain https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:811f52c7-ebc8-4768-9b28-d0ce17471ef5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw	42 B 505 B	182ms 48ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:811f52c7-ebc8-4768-9b28-d0ce17471ef5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 11 Mar 2021 20:05:52 GMT X-lat lhrpug004:0:367 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42 Redirect headers Location https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:811f52c7-ebc8-4768-9b28-d0ce17471ef5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw Date Thu, 11 Mar 2021 20:05:52 GMT Server Apache/2.4.41 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=3000 Content-Length 0 P3P policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 0E8D	0 744 B	54ms 54ms	Script text/html	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Mar 2021 20:05:53 GMT X-Proxy-Origin 82.102.20.235; 82.102.20.235; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.43:80 AN-X-Request-Uuid e506fa03-9378-4193-998c-454f6b00fda6 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT