stage.xn--billig-forbruksln-orb.no Open in urlscan Pro Puny
stage.billig-forbrukslån.no IDN
207.154.234.245 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stage.xn--billig-forbruksln-orb.no/
Submission: On September 30 via automatic, source certstream-suspicious (September 30th 2022, 1:40:30 pm UTC) — Scanned from NO

Summary HTTP 39 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 39 HTTP transactions. The main IP is 207.154.234.245, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is stage.xn--billig-forbruksln-orb.no.
TLS certificate: Issued by R3 on September 30th 2022. Valid for: 3 months.

This is the only time stage.xn--billig-forbruksln-orb.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 21	207.154.234.245 207.154.234.245	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	13.53.145.29 13.53.145.29	16509 (AMAZON-02) (AMAZON-02)
8	142.250.180.206 142.250.180.206	15169 (GOOGLE) (GOOGLE)
2	142.250.201.195 142.250.201.195	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
4	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
1	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
1	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
1	216.58.212.150 216.58.212.150	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
39	12

21 207.154.234.245 (Frankfurt am Main, Germany) 6 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

stage.xn--billig-forbruksln-orb.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.53.145.29 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-53-145-29.eu-north-1.compute.amazonaws.com

xn--billig-forbruksln-orb.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.180.206 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.150 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f150.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	xn--billig-forbruksln-orb.no 6 redirects stage.xn--billig-forbruksln-orb.no xn--billig-forbruksln-orb.no	428 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 95	798 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 275	30 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 static.doubleclick.net — Cisco Umbrella Rank: 342	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 118	6 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 228	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
39	8

	Domain	Requested by
21	stage.xn--billig-forbruksln-orb.no	6 redirects stage.xn--billig-forbruksln-orb.no
8	www.youtube.com	stage.xn--billig-forbruksln-orb.no www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	xn--billig-forbruksln-orb.no	stage.xn--billig-forbruksln-orb.no
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
39	11

This site contains links to these domains. Also see Links.

Domain
www.xn--forbruksln-95a.co
www.nettavisen.no
xn--billig-forbruksln-orb.no
xn--lne-penger-15a.com
debiter.no

Subject Issuer	Validity	Valid
stage.xn--billig-forbruksln-orb.no R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
www.xn--billig-forbruksln-orb.no Sectigo RSA Domain Validation Secure Server CA	`2022-06-22` - `2023-07-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://stage.xn--billig-forbruksln-orb.no/
Frame ID: 8DAB04E276EB76CF03045B98542E78A8
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/aZBMS5OoM3Y
Frame ID: 56719F5CF3C40745C6948A7F39031727
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Liste over Billig forbrukslån - Rente fra 5.95% - Oppdatert September 2022

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

39
Requests

79 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

1326 kB
Transfer

3876 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xn--forbruksln-95a.co/
Title: Lånetilbydere

Search URL Search Domain Scan URL

URL: https://www.nettavisen.no/forbruksl%C3%A5n
Title: forbrukslån

Search URL Search Domain Scan URL

URL: https://xn--billig-forbruksln-orb.no/refinansiering/
Title: refinansiere

Search URL Search Domain Scan URL

URL: https://xn--billig-forbruksln-orb.no/sm%C3%A5l%C3%A5n/
Title: Smålån

Search URL Search Domain Scan URL

URL: http://xn--lne-penger-15a.com/
Title: låne penger

Search URL Search Domain Scan URL

URL: https://xn--billig-forbruksln-orb.no/forbrukslan/redd-for-a-ta-forbrukslan/
Title: alltid en bakside

Search URL Search Domain Scan URL

URL: https://debiter.no/
Title: nedbetalingskalkulator

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2022/06/logo.png HTTP 301
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2022/06/logo.png

Request Chain 9

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/lendo-300x100-300x100-1.png HTTP 301
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/lendo-300x100-300x100-1.png

Request Chain 10

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/Klikklan-300x91.png HTTP 301
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/Klikklan-300x91.png

Request Chain 11

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/fokusla%CC%8An-300x95.jpg HTTP 301
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/fokusla%CC%8An-300x95.jpg

Request Chain 12

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/folkia-logo-300x75.png HTTP 301
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/folkia-logo-300x75.png

Request Chain 13

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/thorn-trans-300x97.png HTTP 301
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/thorn-trans-300x97.png

Request Chain 23

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
stage.xn--billig-forbruksln-orb.no/ 89 KB
18 KB 426ms
296ms Document
text/html 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3224ec3cc982140cb3a05292a336b6978fb4892c2739755325fcc5576656843e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 30 Sep 2022 13:40:25 GMT
link: <https://stage.xn--billig-forbruksln-orb.no/wp-json/>; rel="https://api.w.org/" <https://stage.xn--billig-forbruksln-orb.no/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://stage.xn--billig-forbruksln-orb.no/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://stage.xn--billig-forbruksln-orb.no/wp/xmlrpc.php
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
stage.xn--billig-forbruksln-orb.no/wp/wp-includes/css/dist/block-library/ 87 KB
12 KB 61ms
59ms Stylesheet
text/css 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
etag: W/"62c2d8bd-15b64"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
stage.xn--billig-forbruksln-orb.no//app/plugins/contact-form-7/includes/css/ 3 KB
1 KB 61ms
60ms Stylesheet
text/css 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no//app/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Oct 2021 09:40:30 GMT
server: nginx
etag: W/"6164068e-aab"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 style.css
stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/ 112 KB
15 KB 66ms
65ms Stylesheet
text/css 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/style.css?ver=6.0.1

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

28a6604199354a75c9b88ad0a9ddf9e4a34b07423b37f7f8e3e6e806d607f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 13:27:22 GMT
server: nginx
etag: W/"6336eeba-1c14f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.min.css
stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/fonts/font-awesome-4.6.3/css/ 28 KB
7 KB 117ms
116ms Stylesheet
text/css 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/fonts/font-awesome-4.6.3/css/font-awesome.min.css?ver=6.0.1

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 13:27:22 GMT
server: nginx
etag: W/"6336eeba-7187"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
stage.xn--billig-forbruksln-orb.no/wp/wp-includes/js/jquery/ 87 KB
31 KB 117ms
117ms Script
application/javascript 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no/wp/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 jquery-migrate.min.js Show response
stage.xn--billig-forbruksln-orb.no/wp/wp-includes/js/jquery/ 11 KB
4 KB 123ms
122ms Script
application/javascript 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 wp-emoji-release.min.js Show response
stage.xn--billig-forbruksln-orb.no/wp/wp-includes/js/ 18 KB
5 KB 59ms
59ms Script
application/javascript 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no/wp/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: nginx
etag: W/"62551487-48b9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff2
stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/fonts/font-awesome-4.6.3/fonts/ 70 KB
70 KB 61ms
60ms Font
font/woff2 207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/fonts/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/fonts/font-awesome-4.6.3/css/font-awesome.min.css?ver=6.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stage.xn--billig-forbruksln-orb.no//app/themes/lanepenger/fonts/font-awesome-4.6.3/css/font-awesome.min.css?ver=6.0.1
Origin: https://stage.xn--billig-forbruksln-orb.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 13:27:22 GMT
server: nginx
etag: "6336eeba-118d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 71896
x-xss-protection: 1; mode=block

GET
H2

404

logo.png
stage.xn--billig-forbruksln-orb.no/app/uploads/2022/06/
Redirect Chain

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2022/06/logo.png
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2022/06/logo.png

25 KB
25 KB

157ms
157ms

Image
text/html

207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2022/06/logo.png
Requested by: Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/
Protocol: H2
Server: 207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 71838eb6562cdce412588c7dc76814e90dceb6c8a38c6503c7dd533fd3548911

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://stage.xn--billig-forbruksln-orb.no/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 13:40:25 GMT
x-content-type-options: nosniff
server: nginx
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2022/06/logo.png
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

lendo-300x100-300x100-1.png
stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/
Redirect Chain

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/lendo-300x100-300x100-1.png
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/lendo-300x100-300x100-1.png

25 KB
25 KB

197ms
197ms

Image
text/html

207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/lendo-300x100-300x100-1.png
Requested by: Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/
Protocol: H2
Server: 207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cd2178880519fd78be228e7f9eea4e05d4cfcad3a8a6e743392257092b5d848

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://stage.xn--billig-forbruksln-orb.no/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 13:40:25 GMT
x-content-type-options: nosniff
server: nginx
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/lendo-300x100-300x100-1.png
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

Klikklan-300x91.png
stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/
Redirect Chain

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/Klikklan-300x91.png
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/Klikklan-300x91.png

25 KB
25 KB

137ms
137ms

Image
text/html

207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/Klikklan-300x91.png
Requested by: Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/
Protocol: H2
Server: 207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 56c64a6aeb5a7e5b0c242cc795a08133653db6d6fdc4e792b128bf87c75696a1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://stage.xn--billig-forbruksln-orb.no/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 13:40:25 GMT
x-content-type-options: nosniff
server: nginx
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/Klikklan-300x91.png
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

fokusla%CC%8An-300x95.jpg
stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/
Redirect Chain

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/fokusla%CC%8An-300x95.jpg
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/fokusla%CC%8An-300x95.jpg

25 KB
25 KB

214ms
214ms

Image
text/html

207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/fokusla%CC%8An-300x95.jpg
Requested by: Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/
Protocol: H2
Server: 207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ada6a51e4e70b2a89ff9dff1252b845c45bf7a79d525b7482ec2ee462bb2306c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://stage.xn--billig-forbruksln-orb.no/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 13:40:25 GMT
x-content-type-options: nosniff
server: nginx
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/fokusla%CC%8An-300x95.jpg
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

folkia-logo-300x75.png
stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/
Redirect Chain

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/folkia-logo-300x75.png
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/folkia-logo-300x75.png

25 KB
25 KB

192ms
192ms

Image
text/html

207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/folkia-logo-300x75.png
Requested by: Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/
Protocol: H2
Server: 207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e892ae3343fa2c042fec7db4b563a8ac9c85b13780f4792eef69a3d9d11f229

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://stage.xn--billig-forbruksln-orb.no/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 13:40:25 GMT
x-content-type-options: nosniff
server: nginx
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/folkia-logo-300x75.png
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

thorn-trans-300x97.png
stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/
Redirect Chain

https://stage.xn--billig-forbruksln-orb.no//app/uploads/2016/10/thorn-trans-300x97.png
https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/thorn-trans-300x97.png

25 KB
25 KB

182ms
181ms

Image
text/html

207.154.234.245
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/thorn-trans-300x97.png
Requested by: Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/
Protocol: H2
Server: 207.154.234.245 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 49f1f1400187a4d9e1806c9bea7ccfbda3fac8208660d481997a50d6c810043b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://stage.xn--billig-forbruksln-orb.no/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 13:40:25 GMT
x-content-type-options: nosniff
server: nginx
x-redirect-by: WordPress
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/thorn-trans-300x97.png
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 beste-tilbud-forbrukslan.jpg
xn--billig-forbruksln-orb.no/wp-content/uploads/2016/11/ 54 KB
54 KB 149ms
46ms Image
image/jpeg 13.53.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--billig-forbruksln-orb.no/wp-content/uploads/2016/11/beste-tilbud-forbrukslan.jpg

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.53.145.29 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-53-145-29.eu-north-1.compute.amazonaws.com

Software

Resource Hash

4c9f6af0c0ac2af7ca44679b704f60d5c9deea792fc6e955c8cf98da277df101

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 20 Jun 2018 12:12:50 GMT
etag: "5b2a44c2-d6bc"
access-control-max-age: 1728000
access-control-allow-methods: PUT, GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Auth-Token,Referer,Origin,Host,Accept-Language,Authorization,Keep-Alive,User-Agent,X-Csrf-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 54972
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Billig-forbruksl%C3%A5n-til-refinansiering-av-kredittkortgjeld.jpg
xn--billig-forbruksln-orb.no/wp-content/uploads/2016/11/ 59 KB
59 KB 226ms
124ms Image
image/jpeg 13.53.145.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--billig-forbruksln-orb.no/wp-content/uploads/2016/11/Billig-forbruksl%C3%A5n-til-refinansiering-av-kredittkortgjeld.jpg

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.53.145.29 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-53-145-29.eu-north-1.compute.amazonaws.com

Software

Resource Hash

1021ed34238ea650e638936b232000e10dc2e70ceecb4ca594a7184fecdc0b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://stage.xn--billig-forbruksln-orb.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 28 Jun 2018 09:37:02 GMT
etag: "5b34ac3e-eb4c"
access-control-max-age: 1728000
access-control-allow-methods: PUT, GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Auth-Token,Referer,Origin,Host,Accept-Language,Authorization,Keep-Alive,User-Agent,X-Csrf-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 60236
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aZBMS5OoM3Y Show response
www.youtube.com/embed/ Frame 5671 67 KB
28 KB 649ms
169ms Document
text/html 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/aZBMS5OoM3Y

Requested by

Host: stage.xn--billig-forbruksln-orb.no
URL: https://stage.xn--billig-forbruksln-orb.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f14.1e100.net

Software

ESF /

Resource Hash

fdbd700237789ec800c6f2699f5744292a73e0bee15948b71f0c6c6a90ef48ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stage.xn--billig-forbruksln-orb.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 30 Sep 2022 13:40:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=no for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/a336babc/ Frame 5671 360 KB
49 KB 75ms
74ms Stylesheet
text/css 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f14.1e100.net

Software

sffe /

Resource Hash

015bfbbcb959c4b17e2f284dae3c5f9a43a0211e5b8831034200117e4c50e6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/aZBMS5OoM3Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 14:56:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49958
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Sep 2023 14:56:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5671 15 KB
16 KB 545ms
74ms Font
font/woff2 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 21:19:52 GMT
x-content-type-options: nosniff
age: 58834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 21:19:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5671 15 KB
15 KB 560ms
89ms Font
font/woff2 142.250.201.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:57:25 GMT
x-content-type-options: nosniff
age: 243781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 17:57:25 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/a336babc/www-embed-player.vflset/ Frame 5671 305 KB
95 KB 124ms
123ms Script
text/javascript 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f14.1e100.net

Software

sffe /

Resource Hash

1233bf552d2d4f2d61bd479b44c6f11670bb0af3c292bb79703f9d06810504a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/aZBMS5OoM3Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 14:56:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97177
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Sep 2023 14:56:22 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/ Frame 5671 2 MB
579 KB 214ms
213ms Script
text/javascript 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f14.1e100.net

Software

sffe /

Resource Hash

b2258186cbea6bba2e25d04d480dd117c9715f6fe2ff0aa38c14b35e8572466d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/aZBMS5OoM3Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 592194
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Sep 2023 18:12:36 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/ Frame 5671 9 KB
3 KB 210ms
209ms Script
text/javascript 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f14.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/aZBMS5OoM3Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 14:56:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Sep 2023 14:56:22 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5671
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

81ms
75ms

XHR
application/json

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

27a44a07d2c52307e4ef5e93bd78c9d91a83b6d429b7dc9dd6ee0555fff5b25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 13:40:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5671 29 B
587 B 538ms
81ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:39:54 GMT
x-content-type-options: nosniff
age: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Sep 2022 13:54:54 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 583ms
77ms Preflight
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 30 Sep 2022 13:40:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5671 65 KB
30 KB 87ms
86ms XHR
application/json+protobuf 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

85a37c6bf5214a95ba10ba3a198f0bb96cf48b91903e48a6d92fc4db2d8e8879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 30 Sep 2022 13:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30689
x-xss-protection: 0

GET
H2 200 remote.js Show response
www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/ Frame 5671 118 KB
36 KB 88ms
88ms Script
text/javascript 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f14.1e100.net

Software

sffe /

Resource Hash

0aba69e16db84d05e5c80a75f9479002662c7a0dae9dce9b5a69e4e14b491e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/aZBMS5OoM3Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37103
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Sep 2023 18:48:12 GMT

GET
H2 200 gJfj2lBrymlHLmhPScFZFm4D3a7BBd9OMx4--DsdpK8.js Show response
www.google.com/js/th/ Frame 5671 36 KB
14 KB 543ms
71ms Script
text/javascript 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/gJfj2lBrymlHLmhPScFZFm4D3a7BBd9OMx4--DsdpK8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

sffe /

Resource Hash

8097e3da506bca69472e684f49c159166e03ddaec105df4e331e3ef83b1da4af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:59:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14192
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 18:59:34 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/ Frame 5671 25 KB
8 KB 79ms
74ms Script
text/javascript 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f14.1e100.net

Software

sffe /

Resource Hash

4722d4f0844e9da7ed43bc3bd507bebf3947328d74d48ad29b09160649d0aa1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/aZBMS5OoM3Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 18:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8093
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Sep 2023 18:23:06 GMT

GET
DATA 200
OK truncated
/ Frame 5671 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-G-AjALTmyPC34IcWkAmuSghEotv7_JqKrQpSC=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5671 1 KB
2 KB 1164ms
690ms Image
image/jpeg 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-G-AjALTmyPC34IcWkAmuSghEotv7_JqKrQpSC=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

fife /

Resource Hash

1ba710e1acae0b5bfd3b9f747a6aa99f0bcfbfe25450ea59d516512676837228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:27 GMT
x-content-type-options: nosniff
server: fife
etag: "ve"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1530
x-xss-protection: 0
expires: Sat, 01 Oct 2022 13:40:27 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/aZBMS5OoM3Y/ Frame 5671 5 KB
6 KB 598ms
120ms Image
image/webp 216.58.212.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/aZBMS5OoM3Y/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f150.1e100.net

Software

sffe /

Resource Hash

f54e3dfe7c19ccbde50e57e9b619c50258ddc84d446fbc04c958cac9676613d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:27 GMT
x-content-type-options: nosniff
server: sffe
etag: "1499869865"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5558
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 15:40:27 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5671 4 KB
3 KB 541ms
76ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 13:40:27 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 5671 0
40 B 74ms
74ms Image
text/plain 142.250.180.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?VwG7Ow
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/aZBMS5OoM3Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/embed/aZBMS5OoM3Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:40:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/106/ Frame 5671 52 KB
15 KB 68ms
66ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/106/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 22:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 15:10:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Sep 2022 22:55:27 GMT

POST
H2 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5671 90 B
181 B 80ms
80ms XHR
application/json+protobuf 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/nb_NO/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

391c7c7a167907acdcfd653069d187647f168b1c23f33775d3a3b200a4e5a0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 30 Sep 2022 13:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H2 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 76ms
76ms Preflight
text/html 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 30 Sep 2022 13:40:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log_event
www.youtube.com/youtubei/v1/ Frame 5671 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: umWcYWPNw04
			.youtube.com/	1970-01-20 10:41:37	Name: VISITOR_INFO1_LIVE Value: UOFMz6tnhNI

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2022/06/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/Klikklan-300x91.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/lendo-300x100-300x100-1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/fokusla%CC%8An-300x95.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/folkia-logo-300x75.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://stage.xn--billig-forbruksln-orb.no/app/uploads/2016/10/thorn-trans-300x97.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
stage.xn--billig-forbruksln-orb.no
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
xn--billig-forbruksln-orb.no
yt3.ggpht.com
www.youtube.com
13.53.145.29
142.250.180.206
142.250.184.227
142.250.184.230
142.250.185.65
142.250.185.74
142.250.186.132
142.250.201.195
172.217.16.130
207.154.234.245
216.58.212.150
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
015bfbbcb959c4b17e2f284dae3c5f9a43a0211e5b8831034200117e4c50e6e6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0aba69e16db84d05e5c80a75f9479002662c7a0dae9dce9b5a69e4e14b491e4c
1021ed34238ea650e638936b232000e10dc2e70ceecb4ca594a7184fecdc0b7c
1233bf552d2d4f2d61bd479b44c6f11670bb0af3c292bb79703f9d06810504a5
1ba710e1acae0b5bfd3b9f747a6aa99f0bcfbfe25450ea59d516512676837228
27a44a07d2c52307e4ef5e93bd78c9d91a83b6d429b7dc9dd6ee0555fff5b25d
28a6604199354a75c9b88ad0a9ddf9e4a34b07423b37f7f8e3e6e806d607f9c5
2cd2178880519fd78be228e7f9eea4e05d4cfcad3a8a6e743392257092b5d848
3224ec3cc982140cb3a05292a336b6978fb4892c2739755325fcc5576656843e
391c7c7a167907acdcfd653069d187647f168b1c23f33775d3a3b200a4e5a0f1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4722d4f0844e9da7ed43bc3bd507bebf3947328d74d48ad29b09160649d0aa1c
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49f1f1400187a4d9e1806c9bea7ccfbda3fac8208660d481997a50d6c810043b
4c9f6af0c0ac2af7ca44679b704f60d5c9deea792fc6e955c8cf98da277df101
56c64a6aeb5a7e5b0c242cc795a08133653db6d6fdc4e792b128bf87c75696a1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
71838eb6562cdce412588c7dc76814e90dceb6c8a38c6503c7dd533fd3548911
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e892ae3343fa2c042fec7db4b563a8ac9c85b13780f4792eef69a3d9d11f229
8097e3da506bca69472e684f49c159166e03ddaec105df4e331e3ef83b1da4af
85a37c6bf5214a95ba10ba3a198f0bb96cf48b91903e48a6d92fc4db2d8e8879
ada6a51e4e70b2a89ff9dff1252b845c45bf7a79d525b7482ec2ee462bb2306c
b2258186cbea6bba2e25d04d480dd117c9715f6fe2ff0aa38c14b35e8572466d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f54e3dfe7c19ccbde50e57e9b619c50258ddc84d446fbc04c958cac9676613d6
fdbd700237789ec800c6f2699f5744292a73e0bee15948b71f0c6c6a90ef48ad

stage.xn--billig-forbruksln-orb.no Open in urlscan Pro Puny stage.billig-forbrukslån.no IDN 207.154.234.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

79 %HTTPS

0 %IPv6

8 Domains

11 Subdomains

12 IPs

3 Countries

1326 kBTransfer

3876 kBSize

2 Cookies

7 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

stage.xn--billig-forbruksln-orb.no Open in urlscan Pro Puny
stage.billig-forbrukslån.no IDN
207.154.234.245 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

79 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

1326 kB
Transfer

3876 kB
Size

2
Cookies

39 HTTP transactions
1 data transactions