omni.se Open in urlscan Pro
199.232.198.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://omni.se/a/0GbO2M
Effective URL:
https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Submission: On December 09 via manual (December 9th 2021, 12:28:56 pm UTC) from SE — Scanned from DE

Summary HTTP 209 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 25 domains to perform 209 HTTP transactions. The main IP is 199.232.198.49, located in United States and belongs to FASTLY, US. The main domain is omni.se.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on May 3rd 2021. Valid for: a year.

This is the only time omni.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	13.224.189.64 13.224.189.64	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2 4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2001:67c:21e0::c 2001:67c:21e0::c	2116 (ASN-CATCHCOM) (ASN-CATCHCOM)
1	2600:9000:206... 2600:9000:206f:de00:d:f5ec:44c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::ac43:4724	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.212.52.84 52.212.52.84	16509 (AMAZON-02) (AMAZON-02)
3	54.73.26.109 54.73.26.109	16509 (AMAZON-02) (AMAZON-02)
5	54.220.192.176 54.220.192.176	16509 (AMAZON-02) (AMAZON-02)
2	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
1	54.75.86.116 54.75.86.116	16509 (AMAZON-02) (AMAZON-02)
2	143.204.209.48 143.204.209.48	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	65.9.68.2 65.9.68.2	16509 (AMAZON-02) (AMAZON-02)
2	51.138.29.56 51.138.29.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	13.49.191.63 13.49.191.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	65.9.68.15 65.9.68.15	16509 (AMAZON-02) (AMAZON-02)
8	192.0.78.192 192.0.78.192	2635 (AUTOMATTIC) (AUTOMATTIC)
2	13.53.178.57 13.53.178.57	16509 (AMAZON-02) (AMAZON-02)
4	99.86.3.230 99.86.3.230	16509 (AMAZON-02) (AMAZON-02)
1	23.100.50.51 23.100.50.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
8	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	13.48.72.109 13.48.72.109	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	104.102.28.239 104.102.28.239	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
4	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
14	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
2	5.9.119.17 5.9.119.17	24940 (HETZNER-AS) (HETZNER-AS)
2	5.9.82.212 5.9.82.212	24940 (HETZNER-AS) (HETZNER-AS)
4	136.243.2.28 136.243.2.28	24940 (HETZNER-AS) (HETZNER-AS)
4	136.243.33.209 136.243.33.209	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
209	46

30 199.232.198.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

omni.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.224.189.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-64.fra2.r.cloudfront.net

cmp.omni.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:67c:21e0::c (Norway)

ASN2116 (ASN-CATCHCOM, NO)

gfx.omni.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:de00:d:f5ec:44c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.pulse.schibsted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4724 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.codigo.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.52.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com

omni-variants.omni.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.73.26.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

settings.omni.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.220.192.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com

omni-ad-blocket.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

omni-content.omni.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.86.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-86-116.eu-west-1.compute.amazonaws.com

id.omni.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-48.fra53.r.cloudfront.net

region-api.inventory.schibsted.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.68.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-2.fra56.r.cloudfront.net

jobb.blocket.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.138.29.56 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

trafficgateway.research-int.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.49.191.63 (Stockholm, Sweden) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-49-191-63.eu-north-1.compute.amazonaws.com

cis.schibsted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.68.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-15.fra56.r.cloudfront.net

static.privacy.schibsted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.78.192 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

info.privacy.schibsted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.53.178.57 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-53-178-57.eu-north-1.compute.amazonaws.com

cis.omni.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.3.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-230.fra6.r.cloudfront.net

d3iwtia3ndepsv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.100.50.51 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-db3-013.cloudapp.net

sch-map.norstatsurveys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

38e30e7c291d29145ae6c9a780ced256.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c43a55be1943afa4f87ec8c90de49e5c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.48.72.109 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-72-109.eu-north-1.compute.amazonaws.com

collector.schibsted.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.28.239 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-239.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s372.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.119.17 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h361.meetrics.de

stat.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.82.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h524.meetrics.de

s372.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.2.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h525.meetrics.de

b137.s372.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.33.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h377.meetrics.de

b151.s372.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	omni.se 1 redirects omni.se cmp.omni.se gfx.omni.se settings.omni.se id.omni.se cis.omni.se	1 MB
25	adnxs.com 2 redirects secure.adnxs.com acdn.adnxs.com ib.adnxs.com fra1-ib.adnxs.com cdn.adnxs.com	123 KB
22	adform.net track.adform.net s1.adform.net	319 KB
16	schibsted.com 1 redirects sdk.pulse.schibsted.com cis.schibsted.com static.privacy.schibsted.com info.privacy.schibsted.com	209 KB
14	googlesyndication.com pagead2.googlesyndication.com 38e30e7c291d29145ae6c9a780ced256.safeframe.googlesyndication.com c43a55be1943afa4f87ec8c90de49e5c.safeframe.googlesyndication.com tpc.googlesyndication.com	74 KB
12	meetrics.net stat.meetrics.net s372.meetrics.net b137.s372.meetrics.net b151.s372.meetrics.net	3 KB
9	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	303 KB
6	adnxs-simple.com acdn.adnxs-simple.com	41 KB
5	herokuapp.com omni-ad-blocket.herokuapp.com Failed	173 KB
4	gstatic.com fonts.gstatic.com	72 KB
4	mxcdn.net s372.mxcdn.net	226 KB
4	google.com adservice.google.com www.google.com	3 KB
4	cloudfront.net d3iwtia3ndepsv.cloudfront.net	87 KB
4	blocket.se jobb.blocket.se	12 KB
3	schibsted.io region-api.inventory.schibsted.io collector.schibsted.io	2 KB
3	omni.news omni-content.omni.news Failed omni-variants.omni.news	2 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	google.de adservice.google.de	957 B
2	research-int.se trafficgateway.research-int.se	503 B
2	google-analytics.com www.google-analytics.com	20 KB
2	unpkg.com 1 redirects unpkg.com	1 KB
1	norstatsurveys.com sch-map.norstatsurveys.com	264 B
1	codigo.se analytics.codigo.se	4 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
0	googletagservices.com Failed www.googletagservices.com Failed
209	25

	Domain	Requested by
30	omni.se	1 redirects omni.se
15	cmp.omni.se	omni.se cmp.omni.se
14	s1.adform.net	track.adform.net s1.adform.net omni.se
14	fra1-ib.adnxs.com	acdn.adnxs-simple.com cdn.adnxs.com
10	gfx.omni.se	omni.se
8	track.adform.net	omni.se s1.adform.net
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	acdn.adnxs-simple.com securepubads.g.doubleclick.net omni.se
8	info.privacy.schibsted.com	omni.se cmp.omni.se
6	acdn.adnxs-simple.com	acdn.adnxs.com acdn.adnxs-simple.com
5	cis.schibsted.com	1 redirects sdk.pulse.schibsted.com
5	omni-ad-blocket.herokuapp.com	omni.se omni-ad-blocket.herokuapp.com
4	fonts.gstatic.com	fonts.googleapis.com
4	b151.s372.meetrics.net
4	b137.s372.meetrics.net
4	s372.mxcdn.net	acdn.adnxs-simple.com s372.mxcdn.net
4	cdn.adnxs.com	securepubads.g.doubleclick.net acdn.adnxs-simple.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	d3iwtia3ndepsv.cloudfront.net	omni.se
4	jobb.blocket.se	omni-ad-blocket.herokuapp.com
4	secure.adnxs.com	2 redirects omni.se sdk.pulse.schibsted.com
3	settings.omni.se	omni.se
2	fonts.googleapis.com	s1.adform.net
2	s372.meetrics.net	s372.mxcdn.net
2	stat.meetrics.net	s372.mxcdn.net
2	www.google.com	tpc.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	cis.omni.se	sdk.pulse.schibsted.com
2	static.privacy.schibsted.com	omni.se cmp.omni.se
2	ib.adnxs.com	acdn.adnxs.com
2	trafficgateway.research-int.se	analytics.codigo.se omni.se
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region-api.inventory.schibsted.io	omni.se
2	omni-content.omni.news	omni.se
2	unpkg.com	1 redirects omni.se
1	c43a55be1943afa4f87ec8c90de49e5c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	collector.schibsted.io	sdk.pulse.schibsted.com
1	38e30e7c291d29145ae6c9a780ced256.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	sch-map.norstatsurveys.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	id.omni.se	omni.se
1	omni-variants.omni.news	omni.se
1	analytics.codigo.se	omni.se
1	acdn.adnxs.com	omni.se
1	sdk.pulse.schibsted.com	omni.se
1	www.googletagmanager.com	omni.se
0	www.googletagservices.com Failed	securepubads.g.doubleclick.net
209	48

This site contains links to these domains. Also see Links.

Domain
info.privacy.schibsted.com
www.thenationalnews.com
tt.omni.se
om.omniekonomi.se
www.facebook.com
twitter.com
www.linkedin.com
kundo.se

Subject Issuer	Validity	Valid
omni.se GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
cmp.aftenbladet.no R3	`2021-10-20` - `2022-01-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sdk.pulse.schibsted.com Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
omni-variants.omni.news R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh
settings.omni.se R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.omni.news GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
id.omni.se R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
*.inventory.schibsted.io Amazon	`2021-08-21` - `2022-09-19`	a year	crt.sh
jobb.blocket.se Amazon	`2021-04-08` - `2022-05-07`	a year	crt.sh
trafficgateway.research-int.se GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-30` - `2022-05-29`	6 months	crt.sh
cis.schibsted.com Amazon	`2021-07-09` - `2022-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
privacy.schibsted.com Amazon	`2021-10-30` - `2022-11-27`	a year	crt.sh
tls.automattic.com R3	`2021-11-06` - `2022-02-04`	3 months	crt.sh
cis.omni.se Amazon	`2021-07-14` - `2022-08-12`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
collector.schibsted.io Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2021-10-16` - `2022-10-18`	a year	crt.sh
meetrics.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Frame ID: E55AC3B25F640EB74DEE414EB70D379E
Requests: 74 HTTP requests in this frame

Frame: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Frame ID: 0A409D0152995E0C2539792C074E924C
Requests: 1 HTTP requests in this frame

Frame: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Frame ID: 9E6BD90C538337663471A3186D42A219
Requests: 9 HTTP requests in this frame

Frame: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Frame ID: B10BDCCF518E16907067EF8873ED682A
Requests: 11 HTTP requests in this frame

Frame: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Frame ID: C82C04B1FD89B62C5E5FFD21E584ADFA
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
Frame ID: 3060A0B9838A41B90D4D45119A67DC80
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
Frame ID: EDF212B499FF65D5C7CCF7D3D29437A5
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CD47866ACE2B772D96268C879543F513
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: FDD8ADEEA76C2C550614B55DB144CABA
Requests: 8 HTTP requests in this frame

Frame: https://38e30e7c291d29145ae6c9a780ced256.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 0FD3F51088A1989BB68924AB11DBA248
Requests: 1 HTTP requests in this frame

Frame: https://c43a55be1943afa4f87ec8c90de49e5c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 75D09BF2554F452F23F943CFA5C3E7B9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A16970CB8DDAF16411AEE0723593E0A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3309F619139B4F4E93833D3F26AC64F1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5968D8CB8A76AB80877778D264148D1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4345B158C4DABF89F36084C0A1CEC68A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudHeZOC9gONDG33A8y9Fo1x4NwiXGBuWSRy02NyqgVhfFNwLN308BBJvX6fX1SHlg54rAPpXXcbhH2uqa8W2x7HYyB2YE5dWhdKiB-HsQZmlDVQVE8DqlryUq4SCXE9MG_MnNYJDAPXlXQIR5P2dxYr3iMR4THHKgcvu7GDM4v88EcyAFDVBJu34x9pf07wdCpesmgxRM4_gmy-plpQMcylfISowBPlxZZ27QbDbQJDFb2_3SN4SyOwQercs-id9HpCAfqK2YUCw5eKcEBF_CLshgdCvI5nI2fQkMZutCh3uWgZUAJeQbe4FQkHK_oNiB9qocyTIXqtKqAe_wdPkcUSkjgp2ndEQ&sig=Cg0ArKJSzOm3UvWpW6avEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D6D0BAD7C9DCF0B232F2D45EBF8228CD
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdIOmf0EvzkAmwEyjMrkIDuWdJrfYVwR07Z12xiRagXmd9rfEp5Q7j3tyHm6QSWifPOTRqOiZ39xCXxkCPu70IKotB6ih8X2HcBkIWfrSWPXdOOpjrYPYt05tSLRsZU0upoafNKa7M3ALQs0drO2qutrnzGDJ1gUIPEdC-oow4NF5Y42WhKbdYRQ3GljOKeThlaAtHDtguFBcCFcmciPSh2xf2kwBXRcmQXB4GV5UThHXo-0RB8YyNZFvj2Xho6WC0jUHafUscj59u-IzX_drfx1F-pO6V1ftjQ2wvvl58vfY6R9Wc8y4XxtTBwH--B-JNGJmNQkJPSAT4sNkFWmAyXEYr_RZi&sig=Cg0ArKJSzPxwKinFTFL3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C828581F7F499BA2A7B0B7B3C5EDFCA9
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=9742422;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAAAAAACRAOIQqNXugNT84hCo1e6A1PyhINycQzmA8kZ1UbQ9ZBWWE9rFhAAAAAEeKKQHXJgAA1yYAAAIAAACu3CIJNnYaAAAAAABVU0QAU0VLANQD8ACp4QAAtSoGAQQCAAAAAMAA4B4NwgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lRSAOQjlrswNEK65i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc0QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzQ=/bn=76469/clickenc=;ord=1909503495;
Frame ID: E86D2068623A75391B71ACF5BB3D2BE4
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=9741260;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAACCF6x1AOIQqNXugNT84hCo1e6A1P1CTarClVStxkZ1UbQ9ZBWWE9rFhAAAAAEKKKQHXJgAA1yYAAAIAAACk2iIJNnYaAAAAAABVU0QAU0VLACwB4AGlnAAAumwGAQQCAAAAANYA_iBzvgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iRSKNAjlrswNEKS1i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc2QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzY=/bn=93370/clickenc=;ord=826704769;
Frame ID: 2FB50CF1DC5376995597457421032CB1
Requests: 12 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/21219/9631052/9631052.js?ADFassetID=9631052&bv=257
Frame ID: FDF67DEEB093D626B781B312D6751777
Requests: 8 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/21219/9630955/9630955.js?ADFassetID=9630955&bv=257
Frame ID: 49E0E4C320C0B76B59DACA0861AD6544
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Omfattande botoxfusk i skönhetstävling för kamelerSchibsted

Page URL History Show full URLs

https://omni.se/a/0GbO2M HTTP 302
https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M Page URL

Page Statistics

209
Requests

96 %
HTTPS

33 %
IPv6

25
Domains

48
Subdomains

46
IPs

9
Countries

3055 kB
Transfer

6252 kB
Size

24
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://info.privacy.schibsted.com/se/schibsted-sverige-personuppgiftspolicy/
Title: Läs mer här

Search URL Search Domain Scan URL

URL: https://www.thenationalnews.com/gulf-news/2021/12/08/botox-injected-camels-barred-from-saudi-arabia-beauty-contest/
Title: Juryn utser kamelvinnaren utifrån form på huvud, hals och pucklar, samt kläder och hållningwww.thenationalnews.com

Search URL Search Domain Scan URL

URL: https://tt.omni.se/tillslag-mot-botoxfusk-i-kamelskonhetstavling/a/x87y5p
Title: Årets tillslag mot kameler beskrivs som det största hittillsTT

Search URL Search Domain Scan URL

URL: https://www.thenationalnews.com/gulf-news/saudi-arabia/2021/12/08/camels-in-saudi-arabia-in-pictures/
Title: Bildextra: Kameler i Saudiarabienwww.thenationalnews.com

Search URL Search Domain Scan URL

URL: https://om.omniekonomi.se/7563rt561287hj-testa?utm_source=CORE&utm_medium=adon-article&utm_campaign=summer_core
Title: Klicka här för att ta del av erbjudandet från Omni Ekonomiom.omniekonomi.se

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Omfattande%20botoxfusk%20i%20sk%C3%B6nhetst%C3%A4vling%20f%C3%B6r%20kameler&url=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&via=omni_red&original_referer=omni.se
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&title=Omfattande%20botoxfusk%20i%20sk%C3%B6nhetst%C3%A4vling%20f%C3%B6r%20kameler&summary=Omfattande%20botoxfusk%20i%20sk%C3%B6nhetst%C3%A4vling%20f%C3%B6r%20kameler&source=LinkedIn
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://kundo.se/org/omni/
Title: Lämna feedback

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://omni.se/a/0GbO2M HTTP 302
https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/@schibsted/data-controller/dist/styles.css HTTP 302
https://unpkg.com/@schibsted/data-controller@3.4.0/dist/styles.css

Request Chain 9

https://secure.adnxs.com/seg?add=22418055&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22418055%26t%3D1

Request Chain 107

https://secure.adnxs.com/getuid?https://cis.schibsted.com/api/v1/sync?ANID=$UID HTTP 302
https://cis.schibsted.com/api/v1/sync?ANID=7279322295507918225 HTTP 302
https://sch-map.norstatsurveys.com/api/nids/schibstedse/map/7279322295507918225?alias=61697b15-91c6-416b-ace7-903728c28971

209 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 0GbO2M Show response
omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/
Redirect Chain

https://omni.se/a/0GbO2M
https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

46 KB
10 KB

77ms
76ms

Document
text/html

199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy / Next.js

Resource Hash

566a684209ec604344f96d952439f638b5546bea9e6c7ade5b4ef293428eea57

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Cowboy
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=30758400
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-powered-by: Next.js
etag: "b960-3l3+d6kwhJX9fizBSvj6sVHqLu4"
content-type: text/html; charset=utf-8
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Dec 2021 12:28:51 GMT
age: 0
x-served-by: cache-fra19150-FRA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
content-length: 10405

Redirect headers

server: Cowboy
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=30758400
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
location: /omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Dec 2021 12:28:51 GMT
age: 0
x-served-by: cache-fra19150-FRA
x-cache: MISS
x-cache-hits: 0
content-length: 0

GET
H2 200 BentonSansForOmni-Medium.otf
omni.se/fonts/omni/ 45 KB
27 KB 59ms
58ms Font
font/otf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omni/BentonSansForOmni-Medium.otf

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

2cf8fbb41feaf9b48014f620285d896ce6221dd627ff84f90a58ded87ceea81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 27152
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/otf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"b20c-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 BentonSansForOmni-Regular.otf
omni.se/fonts/omni/ 44 KB
26 KB 65ms
64ms Font
font/otf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omni/BentonSansForOmni-Regular.otf

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

41c0f2059b744d5b14271b42ae9aa390849d37182f28388caf7d4e7ceb1b7bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 27004
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/otf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"afc8-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 BentonSansForOmni-Bold.otf
omni.se/fonts/omni/ 44 KB
27 KB 66ms
65ms Font
font/otf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omni/BentonSansForOmni-Bold.otf

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

6940f8f7ddd796f44d72d03db38292c9b49bbb8a34f626417414317461935d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 27242
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/otf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"b12c-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 BentonSansForOmniDisplay-Medium.otf
omni.se/fonts/omni/ 45 KB
27 KB 64ms
62ms Font
font/otf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omni/BentonSansForOmniDisplay-Medium.otf

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

bd79f612bffb0efed79a1077669bd5465d8fe4953d96108566027f946fe478ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 27215
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/otf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"b2fc-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 TiemposText-Regular.otf
omni.se/fonts/omni/ 91 KB
46 KB 59ms
58ms Font
font/otf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omni/TiemposText-Regular.otf

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

1ddbe0e89dcbc08f63e308188a4005c2bcaf02083ef93e622bf1deaa41b17875

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 46956
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/otf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"16aa4-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

styles.css
unpkg.com/@schibsted/data-controller@3.4.0/dist/
Redirect Chain

https://unpkg.com/@schibsted/data-controller/dist/styles.css
https://unpkg.com/@schibsted/data-controller@3.4.0/dist/styles.css

1 KB
662 B

15ms
15ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@schibsted/data-controller@3.4.0/dist/styles.css

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9e6b5ac701dc058a3177563360967bf04eda34af459c216a12802e773841622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9856392
fly-request-id: 01FD9TWNMY66AJ3AS8XVS405CT
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"51a-KitztEA0f7WwsUy28uf5kxWLrDk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6bae3c571bcf1f55-FRA

Redirect headers

date: Thu, 09 Dec 2021 12:28:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FPFJD1DDACTRK144MJGVZD2K
server: cloudflare
age: 290
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@schibsted/data-controller@3.4.0/dist/styles.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6bae3c56fbb51f55-FRA
access-control-allow-origin: *

GET
H2 200 messagingNoTcfApi.js Show response
cmp.omni.se/ 79 KB
25 KB 68ms
9ms Script
application/javascript 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/messagingNoTcfApi.js
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 822fa6bcd41ae4699f7666b4eb093dbb2080c69ccf88e70e4e1d9645641cd23b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 11:42:03 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 18:52:27 GMT
server: AmazonS3
age: 2808
etag: W/"8987d23d110a1ae3e470cc17b5edfad3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1vzbgWc-t9SImWHahWG_JXYvUeY5BOCTj_AlEharjSkrxWWnpBClyg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 42ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60888687-5

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0955fe2bc150e9003a5b918cf41e802615d57a81fe5eec51eb74c07d9921bf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36211
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Dec 2021 12:28:51 GMT

GET
H2 200 apntag.js Show response
omni.se/js/ 409 B
341 B 65ms
63ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/js/apntag.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

8b55278e028e0dc5c401fae38f6e6c8b4c78f49facf34ce6dae77dd5e1015102

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-encoding: gzip
content-length: 276
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
etag: W/"199-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=22418055&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22418055%26t%3D1

0
1005 B

17ms
17ms

Script
application/javascript

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22418055%26t%3D1

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:51 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d7dbbda0-a342-4634-a984-10fe6015bd8c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:51 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ea9d1da7-b514-4077-9812-e4aff8dec569
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22418055%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cef32116.7ecc78bf.chunk.css
omni.se/_next/static/css/ 165 KB
31 KB 12ms
11ms Stylesheet
text/css 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/css/cef32116.7ecc78bf.chunk.css

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

395526886b143a9e643e2ca52fb6d9304f84764ed40cf1127ba3f69b52aefba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874360
x-dns-prefetch-control: off
x-cache: HIT
content-length: 31350
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"29578-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 _app.js Show response
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/ 68 KB
20 KB 12ms
11ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/_app.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

745df439f9fcdd1d9512bc9f3cbaeca5f5cca4ccbcdd26758fb101cdbe7bc8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874361
x-dns-prefetch-control: off
x-cache: HIT
content-length: 19925
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"10e4a-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 article.js Show response
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/ 8 KB
3 KB 12ms
10ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/article.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

3cd7258a7ec7a7aa4ff70225f58839fc9670380f3cb1813cffcba5381b87f2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874360
x-dns-prefetch-control: off
x-cache: HIT
content-length: 3064
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"1edd-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 webpack-2111dbb00989180f77d8.js Show response
omni.se/_next/static/runtime/ 3 KB
2 KB 11ms
10ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/runtime/webpack-2111dbb00989180f77d8.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

bcf463ef6cf37b4e02c723d4881712add1539179161c165569a3ad9cee392764

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874472
x-dns-prefetch-control: off
x-cache: HIT
content-length: 1752
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Tue, 09 Nov 2021 11:58:02 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"c66-17d048ff110"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 framework.d5e65fa17b5c4e5a5559.js Show response
omni.se/_next/static/chunks/ 127 KB
40 KB 21ms
20ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/chunks/framework.d5e65fa17b5c4e5a5559.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

b57e663e0c3aa60b9eabe7aa85080dd3293b1a1d4b049c12ef233708aab032c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874473
x-dns-prefetch-control: off
x-cache: HIT
content-length: 40554
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Tue, 09 Nov 2021 11:58:02 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"1fbd7-17d048ff110"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cef32116.4c419f4b16a96bca7647.js Show response
omni.se/_next/static/chunks/ 61 B
130 B 21ms
20ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/chunks/cef32116.4c419f4b16a96bca7647.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

11f491eae43e43dd9760fb6da4962ef3c92171ae07f1ca06f0526de5089bfd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
age: 199858
x-dns-prefetch-control: off
x-cache: HIT
content-encoding: gzip
content-length: 64
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
etag: W/"3d-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 commons.0e851c238ba160691de2.js Show response
omni.se/_next/static/chunks/ 19 KB
7 KB 24ms
23ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/chunks/commons.0e851c238ba160691de2.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

b5c0ee1f43277301ce3de3b16216185dfc7489fbfdc639f0e7fb8f9120d836ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874473
x-dns-prefetch-control: off
x-cache: HIT
content-length: 7387
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Tue, 09 Nov 2021 11:58:02 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"4ced-17d048ff110"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js Show response
omni.se/_next/static/chunks/ 444 KB
115 KB 24ms
24ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

d39c3a28aae5db465af582bfa840be82c187f3c50af81718e4310ab5e9d12da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874360
x-dns-prefetch-control: off
x-cache: HIT
content-length: 117547
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"6eeec-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 styles.00316565298fbdcb6ee8.js Show response
omni.se/_next/static/chunks/ 84 B
153 B 23ms
22ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/chunks/styles.00316565298fbdcb6ee8.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

fc22b10c9cd2d152a4200412f39986d2cbfe9494679870133d9dbc56e847f50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
age: 644697
x-dns-prefetch-control: off
x-cache: HIT
content-encoding: gzip
content-length: 87
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
etag: W/"54-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 main-52765417d22aac9161ef.js Show response
omni.se/_next/static/runtime/ 15 KB
6 KB 23ms
22ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/runtime/main-52765417d22aac9161ef.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

4dc991cdf566c840a9b55da8459bceae93d720e7bfc629d28263dbb7a82eda6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874473
x-dns-prefetch-control: off
x-cache: HIT
content-length: 5764
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Tue, 09 Nov 2021 11:58:02 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"3c4f-17d048ff110"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 b748fb1e-9f4d-4e42-8dd6-eb2dea960ea4
gfx.omni.se/images/ 35 KB
35 KB 319ms
28ms Image
image/jpeg 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/b748fb1e-9f4d-4e42-8dd6-eb2dea960ea4?h=320&tight=false&w=640
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: fa47e015a483fe62ba3272b248fdee90efacfa6c0a0a9839668927b2318f7f14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: ZKKNVm6V8uaEeY9
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:2666
content-type: image/jpeg
cache-control: public, max-age=315360000
x-vg-webcache: oa68-varnish-02
x-age: 16785
accept-ranges: bytes
content-length: 35614
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 5bb2305c-0172-4061-8341-71597d643541
gfx.omni.se/images/ 533 KB
534 KB 341ms
50ms Image
image/png 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/5bb2305c-0172-4061-8341-71597d643541?h=320&tight=false&w=640
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: 2f73bacb7db5c60ff0acbb4be2afa668f087acec662c054b203f28a35af6123c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: rOOKmmGjlFwlznD0
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:150605
content-type: image/png
cache-control: public, max-age=315360000
x-vg-webcache: u89-varnish-03
x-age: 5020768
accept-ranges: bytes
content-length: 545529
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 _buildManifest.js Show response
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/ 146 B
208 B 7ms
6ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/_buildManifest.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

4d913681e7432eef0421cd842c0652046c39f8097142b60440e86726d5b75b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
age: 1773265
x-dns-prefetch-control: off
x-cache: HIT
content-encoding: gzip
content-length: 122
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
etag: W/"92-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 _ssgManifest.js Show response
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/ 76 B
197 B 7ms
7ms Script
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/_ssgManifest.js

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
age: 1773265
x-dns-prefetch-control: off
x-cache: HIT
content-encoding: gzip
content-length: 60
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
etag: W/"4c-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK pulse.min.js Show response
sdk.pulse.schibsted.com/ 87 KB
30 KB 46ms
8ms Script
application/javascript 2600:9000:206f:de00:d:f5ec:44c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.pulse.schibsted.com/pulse.min.js
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:d:f5ec:44c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65701367f7e07f0ba0baaec7280052db9f82de14a707fdd704020096b3f2855a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 17:59:55 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 29 Nov 2021 08:51:41 GMT
Server: AmazonS3
Age: 66536
ETag: W/"0bd262955ba83f1aaea2caec3e56f1f6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Cache-Control: max-age=86400,public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: tn6cm7C2PFLsvNyEQ8Y8vQ0p9HN60uNIpFJ7PI_ojQrHctMscmVqew==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 90 KB
32 KB 31ms
6ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: omni.se
URL: https://omni.se/js/apntag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:51 GMT
Content-Encoding: gzip
Age: 74740
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 32042
X-Served-By: cache-lga21940-LGA, cache-fra19165-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 08 Dec 2021 15:43:06 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1639052932.759368,VS0,VE0
ETag: W/"61b0d28a-169ff"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 09 Dec 2021 15:43:11 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 28905

GET ads
omni-ad-blocket.herokuapp.com/ Frame 0A40 0
0

GET
H2 200 omni-icons.ttf
omni.se/fonts/ 10 KB
6 KB 60ms
59ms Font
font/ttf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omni-icons.ttf?edyj38

Requested by

Host: omni.se
URL: https://omni.se/_next/static/css/cef32116.7ecc78bf.chunk.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

ced30ca5b3de42b8577c216a57e22ec3421b8aa1381d54b8b251b6f688bde4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/_next/static/css/cef32116.7ecc78bf.chunk.css
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 5837
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"2618-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 PublicoText-Roman.ttf
omni.se/fonts/omnieko/ 238 KB
71 KB 110ms
109ms Font
font/ttf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omnieko/PublicoText-Roman.ttf

Requested by

Host: omni.se
URL: https://omni.se/_next/static/css/cef32116.7ecc78bf.chunk.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

d1db332b365bfe71b4fa362bb422687ff3c66bc41f4e7e301738650ec8d93303

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/_next/static/css/cef32116.7ecc78bf.chunk.css
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 72927
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"3b900-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 PublicoHeadline-Italic.ttf
omni.se/fonts/omnieko/ 209 KB
70 KB 61ms
61ms Font
font/ttf 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/fonts/omnieko/PublicoHeadline-Italic.ttf

Requested by

Host: omni.se
URL: https://omni.se/_next/static/css/cef32116.7ecc78bf.chunk.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

159e38a571ceafe0b08d5804e8c061b652db20640e65bbc81787b34e636c978c

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/_next/static/css/cef32116.7ecc78bf.chunk.css
Origin: https://omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
x-cache: MISS
content-length: 71188
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:43:59 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=0
etag: W/"3426c-17d2f6d6818"
accept-ranges: bytes
x-cache-hits: 0

GET topics
omni-content.omni.news/ 0
0

GET
H2 200 60ec57e9249148dfb60c5245c31db82e.js Show response
analytics.codigo.se/j/ 11 KB
4 KB 53ms
25ms Script
text/javascript 2606:4700:20::ac43:4724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.codigo.se/j/60ec57e9249148dfb60c5245c31db82e.js
Requested by: Host: omni.se
URL: https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/_app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4d00fb23a565e4913bda748264219b5ef2a3a3b2cc96d386e8beb65912b9fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 12034
arr-disable-session-affinity: true
x-aspnetmvc-version: 5.2
last-modified: Thu, 09 Dec 2021 09:08:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtUX0CMjDnKqZVTRXfpAwFThVWDDfDlW9FrxUNQI2QIK2%2BqtqnUXPQw1nOqWYljC1wxnNxvoup1O70WKSFCtRJ3ydNzxemyzVUM3lBn%2FL9oD8Hc11%2BUb88rfvbK8ZPRoPy1cMEurdMM4Zo7ny2ZWMsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=432000
cf-ray: 6bae3c582bbd5bf5-FRA
expires: Thu, 09 Dec 2021 10:08:16 GMT

GET
H/1.1 200
OK variants Show response
omni-variants.omni.news/ 2 B
304 B 126ms
36ms Fetch
application/json 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://omni-variants.omni.news/variants
Requested by: Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:51 GMT
Via: 1.1 vegur
Etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Server: Cowboy
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://omni.se
Connection: keep-alive
Content-Length: 2

GET
H/1.1 401
Unauthorized me Show response
settings.omni.se/spid/ 38 B
949 B 131ms
36ms Fetch
application/json 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.omni.se/spid/me

Requested by

Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

76519d67e7f5a7eeaba80ce133fb7a53d0337f63e11a84cf9ccf221c9149b373

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Connection: keep-alive
Vary: Origin
Content-Length: 38
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 09 Dec 2021 12:28:51 GMT
Expect-Ct: max-age=0
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://omni.se
Access-Control-Allow-Credentials: true
Etag: W/"26-uHddBQsPjuQDL/09+mAacbXgQ34"

GET
H/1.1 401
Unauthorized all Show response
settings.omni.se/ 38 B
949 B 130ms
35ms Fetch
application/json 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.omni.se/all

Requested by

Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

76519d67e7f5a7eeaba80ce133fb7a53d0337f63e11a84cf9ccf221c9149b373

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Connection: keep-alive
Vary: Origin
Content-Length: 38
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 09 Dec 2021 12:28:51 GMT
Expect-Ct: max-age=0
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://omni.se
Access-Control-Allow-Credentials: true
Etag: W/"26-uHddBQsPjuQDL/09+mAacbXgQ34"

GET
H/1.1 403
Forbidden exchange-token Show response
settings.omni.se/ 76 B
984 B 140ms
39ms Fetch
application/json 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.omni.se/exchange-token

Requested by

Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

6abd427094dafe1165aa75548060f69444762b92fce9d02f8ad50c4eec1f9bc0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Connection: keep-alive
Vary: Origin
Content-Length: 76
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Thu, 09 Dec 2021 12:28:51 GMT
Expect-Ct: max-age=0
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://omni.se
Access-Control-Allow-Credentials: true
Etag: W/"4c-TJFQ3FiReb5Xhomn2mdVKOb+WYQ"

GET
H/1.1 200
OK ads Show response
omni-ad-blocket.herokuapp.com/ Frame 9E6B 3 KB
3 KB 35ms
34ms Document
text/html 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Requested by: Host: omni.se
URL: https://omni.se/_next/static/chunks/framework.d5e65fa17b5c4e5a5559.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 1bbe1308af9e8bf4f4a530c12a67129d26d1634033f50acae3eb5ad781099bd3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/

Response headers

Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Content-Type: text/html; charset=utf-8
Content-Length: 3182
Etag: W/"c6e-BsmhmRuc9yL5v+PCUetqkcgazYk"
Date: Thu, 09 Dec 2021 12:28:51 GMT
Via: 1.1 vegur

GET
H2 200 topics Show response
omni-content.omni.news/ 2 KB
1 KB 25ms
7ms Fetch
application/json 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://omni-content.omni.news/topics?offset=0&limit=5&sort=current
Requested by: Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy / Express
Resource Hash: 50b2e6a8a31ca4172da83c29a62e4826a4445cd2b65d537ef5c98af7aca625ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
content-encoding: gzip
age: 42
x-powered-by: Express
x-cache: HIT
content-length: 958
x-served-by: cache-fra19136-FRA
access-control-allow-origin: *
server: Cowboy
x-timer: S1639052932.870466,VS0,VE0
etag: W/"81b-t8wgJOOxq+J+8aT795OFGRra6Ts"
vary: x-omni-verify-premium, x-omni-premium, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 vegur, 1.1 varnish
cache-control: max-age=20, stale-while-revalidate=60, stale-if-error=1800
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 topics Show response
omni-content.omni.news/ 2 KB
1 KB 25ms
7ms Fetch
application/json 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://omni-content.omni.news/topics?offset=0&limit=5&sort=popular
Requested by: Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy / Express
Resource Hash: 57a3f8ade42776b7552f601ac317c314406652165293c11da36192040b52ae1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
content-encoding: gzip
age: 42
x-powered-by: Express
x-cache: HIT
content-length: 995
x-served-by: cache-fra19136-FRA
access-control-allow-origin: *
server: Cowboy
x-timer: S1639052932.870537,VS0,VE0
etag: W/"8aa-viATnVCGGR/2MYownzPtjgUbeQw"
vary: x-omni-verify-premium, x-omni-premium, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 vegur, 1.1 varnish
cache-control: max-age=20, stale-while-revalidate=60, stale-if-error=1800
accept-ranges: bytes
x-cache-hits: 3

GET
H/1.1 400
Bad Request session Show response
id.omni.se/ 101 B
601 B 118ms
32ms Fetch
application/json 54.75.86.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://id.omni.se/session?client_sdrn=sdrn%3Aschibsted.com%3Aclient%3A52454d279eaf7ced5d000000&redirect_uri=https%3A%2F%2Fsettings.omni.se%2Fsessions

Requested by

Host: omni.se
URL: https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/_app.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.75.86.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-86-116.eu-west-1.compute.amazonaws.com

Software

Finatra /

Resource Hash

7f6f85b2474239f232c24918e2ac4a56a838bc64a9e872a62b89152e569602ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:51 GMT
content-encoding: gzip
Vary: Origin
Server: Finatra
X-Frame-Options: deny
X-Kong-Proxy-Latency: 0
Strict-Transport-Security: max-age=63072000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://omni.se
X-Kong-Upstream-Latency: 1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 113
Via: kong/2.4.1
X-Request-Id: 0f4a5f9f-0ef2-4aa6-91ed-a9fd23c9c5bd

POST
H2 200 anon-permissions Show response
omni.se/ 85 B
277 B 149ms
149ms Fetch
application/json 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/anon-permissions

Requested by

Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

7047362d785bcdb21e7eb6f16f8645bf09263612759ce536b1db401736c747b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

strict-transport-security: max-age=30758400
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-cache: MISS
content-length: 85
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:52 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
etag: W/"55-uKgelMB35K93B+cnS2wbnXD35Ok"
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 anon-permissions Show response
omni.se/ 85 B
187 B 132ms
132ms Fetch
application/json 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/anon-permissions

Requested by

Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

7047362d785bcdb21e7eb6f16f8645bf09263612759ce536b1db401736c747b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

strict-transport-security: max-age=30758400
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-cache: MISS
content-length: 85
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
etag: W/"55-uKgelMB35K93B+cnS2wbnXD35Ok"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 locationKeyWordsByIp Show response
region-api.inventory.schibsted.io/search/ 15 B
767 B 109ms
69ms Fetch
application/json 143.204.209.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://region-api.inventory.schibsted.io/search/locationKeyWordsByIp
Requested by: Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-48.fra53.r.cloudfront.net
Software: /
Resource Hash: 5d284e3035c9b28dc6239c2a070f590bbac6fe2f94bab831efe29dd3995bea48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
via: 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: x-forwarded-for
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omni.se
access-control-max-age: 600
cache-control: max-age=86400
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, Content-Type
content-length: 15
x-amz-cf-id: niQn1SacYDt22TWrLWKkfFQOJ6yvv71g31_1Ww4WjrC9xe1H8nHFFA==
access-control-expose-headers: Vary

GET
H2 200 locationKeyWordsByIp Show response
region-api.inventory.schibsted.io/search/ 15 B
768 B 109ms
70ms Fetch
application/json 143.204.209.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://region-api.inventory.schibsted.io/search/locationKeyWordsByIp
Requested by: Host: omni.se
URL: https://omni.se/_next/static/chunks/04fb071b42eb0f8c7047cca004efe32f80946f7b.ecd36c1e52359efb95a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-48.fra53.r.cloudfront.net
Software: /
Resource Hash: 5d284e3035c9b28dc6239c2a070f590bbac6fe2f94bab831efe29dd3995bea48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
via: 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: x-forwarded-for
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omni.se
access-control-max-age: 600
cache-control: max-age=86400
x-cache: Hit from cloudfront
access-control-allow-headers: Authorization, Content-Type
content-length: 15
x-amz-cf-id: qZf0WzXmROkJEFVFqDQivTyfP2qVYmZj7qNdCrMQ2sbFZ3plMe33BA==
access-control-expose-headers: Vary

GET
H2 200 category.js
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/ 0
2 KB 7ms
7ms Other
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/category.js

Requested by

Host: omni.se
URL: https://omni.se/_next/static/runtime/main-52765417d22aac9161ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1848727
x-dns-prefetch-control: off
x-cache: HIT
content-length: 2043
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"1313-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 topic.js
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/ 0
2 KB 7ms
7ms Other
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/topic.js

Requested by

Host: omni.se
URL: https://omni.se/_next/static/runtime/main-52765417d22aac9161ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874234
x-dns-prefetch-control: off
x-cache: HIT
content-length: 1934
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"11f6-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 index.js
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/ 0
2 KB 7ms
7ms Other
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/index.js

Requested by

Host: omni.se
URL: https://omni.se/_next/static/runtime/main-52765417d22aac9161ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 766830
x-dns-prefetch-control: off
x-cache: HIT
content-length: 1922
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"11e5-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 latest.js
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/ 0
2 KB 7ms
6ms Other
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/latest.js

Requested by

Host: omni.se
URL: https://omni.se/_next/static/runtime/main-52765417d22aac9161ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1863723
x-dns-prefetch-control: off
x-cache: HIT
content-length: 1919
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"11f2-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 subscriptions.js
omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/ 0
1 KB 7ms
6ms Other
application/javascript 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://omni.se/_next/static/TSBpE6BupvL_khMpmfVEV/pages/subscriptions.js

Requested by

Host: omni.se
URL: https://omni.se/_next/static/runtime/main-52765417d22aac9161ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=30758400
content-encoding: gzip
x-content-type-options: nosniff
age: 1874234
x-dns-prefetch-control: off
x-cache: HIT
content-length: 1059
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Wed, 17 Nov 2021 19:45:11 GMT
server: Cowboy
x-frame-options: SAMEORIGIN
date: Thu, 09 Dec 2021 12:28:51 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 varnish
cache-control: public, max-age=31536000, immutable
etag: W/"967-17d2f6e8158"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60888687-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5264
date: Thu, 09 Dec 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 13:01:07 GMT

GET
H2 200 native-message Show response
cmp.omni.se/wrapper/tcfv2/v1/gdpr/ 38 KB
7 KB 66ms
65ms XHR
application/json 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.omni.se/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=b2304fab-963d-41cb-89c7-cdc4c11a236f&hasCsp=true&env=prod&consentLanguage=sv&body=%7B%22propertyId%22%3A14105%2C%22accountId%22%3A1047%2C%22requestUUID%22%3A%22b2304fab-963d-41cb-89c7-cdc4c11a236f%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.omni.se%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D&scriptVersion=2.0.10

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/messagingNoTcfApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-64.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

84ef77e7f07d344b4f64743b6a300ef46a7fbed504ac6792d07dbc7e26d6e1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omni.se
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: uY4CIS5g_S2vxN1SIdAOVDT_4UPsuybXyKYXIJF5I-ecJn5UjZ2jtQ==
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)

OPTIONS
H2 200 native-message
cmp.omni.se/wrapper/tcfv2/v1/gdpr/ Frame 0
0 30ms
13ms Preflight
text/plain 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-64.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://omni.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Thu, 09 Dec 2021 12:28:51 GMT
x-powered-by: Express
access-control-allow-origin: https://omni.se
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: eVgTJ08Y8M8I9oAHDTr1MRwmFVEE2O2eI4BD3G4-w-uCfPNUZAYVBw==

OPTIONS
H2 200 native-message
cmp.omni.se/wrapper/tcfv2/v1/gdpr/ Frame 0
0 23ms
14ms Preflight
text/plain 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.omni.se/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&hasCsp=true&env=prod&consentLanguage=sv&body=%7B%22propertyId%22%3A14105%2C%22accountId%22%3A1047%2C%22requestUUID%22%3A%22225eaf19-ca01-4c9b-b7d7-3f19731ded3b%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.omni.se%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D&scriptVersion=2.0.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-64.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://omni.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Thu, 09 Dec 2021 12:28:51 GMT
x-powered-by: Express
access-control-allow-origin: https://omni.se
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8GTAyhLyM_Q88CHJ6-xza9JIm2oe0Pizq07jF-YVuZL6tkGsZP_VdA==

GET
H2 200 native-message Show response
cmp.omni.se/wrapper/tcfv2/v1/gdpr/ 38 KB
7 KB 25ms
25ms XHR
application/json 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/messagingNoTcfApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-64.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

4763fba9d2af6216cc912fa828b138e9847e16954f764bfa61bb1ab3a7d1ca68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Dec 2021 12:28:51 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omni.se
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: LxLSH970-2Q3whhjDxMB1SVflDJbUWeEvwEPJ-Wd-nZ66gFvCpcctA==
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)

GET
H/1.1 200
OK stylesheet.css
omni-ad-blocket.herokuapp.com/css/ Frame 9E6B 3 KB
3 KB 35ms
34ms Stylesheet
text/css 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://omni-ad-blocket.herokuapp.com/css/stylesheet.css
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 56c00f3d1962edeb01ba56b6bfbfbe7771fb6dafcf38ed9df6c3283525e86dab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:51 GMT
Via: 1.1 vegur
Etag: W/"c2d-17d132f3668"
Last-Modified: Fri, 12 Nov 2021 08:06:41 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3117

GET
H/1.1 200
OK Blocket_logo.svg
omni-ad-blocket.herokuapp.com/images/ Frame 9E6B 4 KB
5 KB 70ms
34ms Image
image/svg+xml 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omni-ad-blocket.herokuapp.com/images/Blocket_logo.svg
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: c726a4f8e2fe43c148f7f6a96cf204f7fbe7beaacb1af67d3e152258de689916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Via: 1.1 vegur
Etag: W/"115b-17d132f3668"
Last-Modified: Fri, 12 Nov 2021 08:06:41 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4443

GET
H2 200 6721396374.jpg
jobb.blocket.se/i/bannerboy_big/67/ Frame 9E6B 5 KB
6 KB 37ms
9ms Image
image/jpeg 65.9.68.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jobb.blocket.se/i/bannerboy_big/67/6721396374.jpg
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-2.fra56.r.cloudfront.net
Software: mod_image /
Resource Hash: a8c2fc3d00ccaf492e1c0a28963fb3e48dafc317379666d12fb241ab616b8a37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni-ad-blocket.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 11:38:30 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Mon, 06 Dec 2021 00:00:00 GMT
server: mod_image
age: 3707
etag: 91-37-67/6721396374-jpg
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
content-length: 5473
x-amz-cf-id: IpSpts4waIBc5VImZK94VkpCFH1DQ-y_CCFPyogB_aAcBG6taFuN-g==

GET
H2 200 6117816309.jpg
jobb.blocket.se/i/bannerboy_big/61/ Frame 9E6B 2 KB
3 KB 37ms
9ms Image
image/jpeg 65.9.68.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jobb.blocket.se/i/bannerboy_big/61/6117816309.jpg
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-2.fra56.r.cloudfront.net
Software: mod_image /
Resource Hash: d8d0d13cd85e81f01bb7933e3fe6059fce0cf82869ab16a47abaf7458896e1fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni-ad-blocket.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 13:11:19 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 00:00:00 GMT
server: mod_image
age: 83852
etag: 91-37-61/6117816309-jpg
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
content-length: 2456
x-amz-cf-id: AdnyuJfZUOihBd4vjO-UpiPhy3rb9pqGV9_n6PXC57rbkK1cRukQYg==

GET
H2 404 .jpg
jobb.blocket.se/i/bannerboy_big// Frame 9E6B 0
0 40ms
13ms Image
text/html 65.9.68.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jobb.blocket.se/i/bannerboy_big//.jpg
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-2.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni-ad-blocket.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 4600687226.jpg
jobb.blocket.se/i/bannerboy_big/46/ Frame 9E6B 4 KB
4 KB 36ms
9ms Image
image/jpeg 65.9.68.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jobb.blocket.se/i/bannerboy_big/46/4600687226.jpg
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-2.fra56.r.cloudfront.net
Software: mod_image /
Resource Hash: 2fc09218bf5b208b23ad0c42a9e014e789aa4f43ec1083eb9ffe74d93230b230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni-ad-blocket.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 09:12:15 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 00:00:00 GMT
server: mod_image
age: 11796
etag: 91-37-46/4600687226-jpg
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
content-length: 3895
x-amz-cf-id: B_jMWVHOaDN6Y-TA51ghQ0114NAyeIXtjMCwKnT2eXvhpXNLkm3bxQ==

GET
H/1.1 200
OK OiPnl Show response
trafficgateway.research-int.se/PanelInfo/ 44 B
255 B 168ms
17ms Script
text/javascript 51.138.29.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficgateway.research-int.se/PanelInfo/OiPnl
Requested by: Host: analytics.codigo.se
URL: https://analytics.codigo.se/j/60ec57e9249148dfb60c5245c31db82e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.138.29.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ca8b17872bcdea25b8b18b6b3821ee422578f1948cfa951a108af2df671226bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:51 GMT
Arr-Disable-Session-Affinity: True
Request-Context: appId=cid-v1:dd5fe45f-f3e6-454f-8a90-9cd35e95a22a
Content-Length: 44
Content-Type: text/javascript

GET
H/1.1 200
OK TrafficCollector
trafficgateway.research-int.se/ 43 B
248 B 175ms
17ms Image
image/gif 51.138.29.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trafficgateway.research-int.se/TrafficCollector?rnr=6629920&siteId=60ec57e9-2491-48df-b60c-5245c31db82e&clientId=94e1882e-1af1-4ae4-965f-c9671bde1aae&cp=Ekonomi%2FOmfattande%20botoxfusk%20i%20sk%C3%B6nhetst%C3%A4vling%20f%C3%B6r%20kameler&mst=3&topLoc=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&wh=1200&ww=1600
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.138.29.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:51 GMT
Arr-Disable-Session-Affinity: True
Request-Context: appId=cid-v1:dd5fe45f-f3e6-454f-8a90-9cd35e95a22a
Content-Length: 43
Content-Type: image/gif

POST
H2 200 identify Show response
cis.schibsted.com/api/v1/ 896 B
1 KB 83ms
27ms Fetch
application/json 13.49.191.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cis.schibsted.com/api/v1/identify

Requested by

Host: sdk.pulse.schibsted.com
URL: https://sdk.pulse.schibsted.com/pulse.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.49.191.63 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-49-191-63.eu-north-1.compute.amazonaws.com

Software

Finatra /

Resource Hash

43a0ec387e59fc21d3d028fe6bc696726fbae99bc7e1f7453df8e38866f97f89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Finatra
x-frame-options: DENY
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omni.se
access-control-max-age: 86400
cache-control: private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'none'
access-control-allow-headers: X-Requested-With,content-type,content-length
content-length: 662

OPTIONS
H2 200 identify
cis.schibsted.com/api/v1/ Frame 0
0 91ms
28ms Preflight
application/json 13.49.191.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cis.schibsted.com/api/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.49.191.63 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-49-191-63.eu-north-1.compute.amazonaws.com

Software

Finatra /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://omni.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-type: application/json; charset=utf-8
content-length: 28
server: Finatra
cache-control: private, no-cache, proxy-revalidate, max-age=0
x-frame-options: DENY
access-control-max-age: 86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
access-control-allow-origin: https://omni.se
access-control-allow-headers: X-Requested-With,content-type,content-length
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 4b342571-b89d-4d1e-aa1b-ff867aac541b
gfx.omni.se/images/ 17 KB
18 KB 132ms
93ms Image
image/png 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/4b342571-b89d-4d1e-aa1b-ff867aac541b?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: 70ef965afb676c3691e70251705297dd73e3312f683e2215fe524f4b6b3740df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: YDDL5OBkDToO41Yn
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:6088
content-type: image/png
cache-control: public, max-age=315360000
x-vg-webcache: u89-varnish-02
x-age: 13048
accept-ranges: bytes
content-length: 17829
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 661b8f38-c208-4efe-b9c2-fbd4f6796326
gfx.omni.se/images/ 18 KB
18 KB 153ms
115ms Image
image/png 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/661b8f38-c208-4efe-b9c2-fbd4f6796326?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: e5b8b654af7815a8758491fde66b1b3a65ea8a53a4654491c92b97c4203725f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: oWWA7AAxGhVwaK5L
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:3570
content-type: image/png
cache-control: public, max-age=315360000
x-vg-webcache: u89-varnish-03
x-age: 7240
accept-ranges: bytes
content-length: 18581
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 b382a310-79ed-4257-9c36-a27723074f8c
gfx.omni.se/images/ 2 KB
2 KB 70ms
32ms Image
image/jpeg 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/b382a310-79ed-4257-9c36-a27723074f8c?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: 2d314930f130ce8c3afda986c912ee508ffc18ecba2a3681fbf17711430329df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: rOO7gO81bTwNO9Xy
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:4782
content-type: image/jpeg
cache-control: public, max-age=315360000
x-vg-webcache: oa68-varnish-03
x-age: 10083
accept-ranges: bytes
content-length: 2045
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 8bc6301e-3028-430b-8dc1-8f8ce3674101
gfx.omni.se/images/ 15 KB
15 KB 152ms
114ms Image
image/png 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/8bc6301e-3028-430b-8dc1-8f8ce3674101?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: 5dbbaa6243a1cf3035db355b99719282864a2600fcb790a65746f7e314dd835d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: vZZBykXlnHMjzQkL
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:7180
content-type: image/png
cache-control: public, max-age=315360000
x-vg-webcache: oa68-varnish-02
x-age: 16297
accept-ranges: bytes
content-length: 15355
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 b6525680-4606-44cb-8be5-35f7e88db13b
gfx.omni.se/images/ 2 KB
2 KB 154ms
153ms Image
image/jpeg 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/b6525680-4606-44cb-8be5-35f7e88db13b?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: 749453e9401ec6fbb395f992901e60c1a11070f33a137939dde6fefdb0f804a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: jwwjOoozVIVm1rA6
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:651
content-type: image/jpeg
cache-control: public, max-age=315360000
x-vg-webcache: oa68-varnish-03
x-age: 1136
accept-ranges: bytes
content-length: 1704
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 df07a9e6-ff7a-4d20-90da-76ba82640232
gfx.omni.se/images/ 2 KB
3 KB 154ms
154ms Image
image/jpeg 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/df07a9e6-ff7a-4d20-90da-76ba82640232?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: 315975e7a7a666b96d4d52a9c108b59677324296f82b0baeb22263cacb1c79aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: RRR9vgbzYCoDoRML
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:911
content-type: image/jpeg
cache-control: public, max-age=315360000
x-vg-webcache: u89-varnish-02
x-age: 1603
accept-ranges: bytes
content-length: 2539
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 20f381eb-2347-4070-a6e1-14e07fcaf969
gfx.omni.se/images/ 2 KB
2 KB 154ms
154ms Image
image/jpeg 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/20f381eb-2347-4070-a6e1-14e07fcaf969?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: d2fb7ff4da3ddc4b8eac36ca196e8873c1f1ca9d00030d934ead28b20987a712

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: d00r8drxgf909aVg
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:3056
content-type: image/jpeg
cache-control: public, max-age=315360000
x-vg-webcache: oa68-varnish-02
x-age: 6131
accept-ranges: bytes
content-length: 1982
x-varnish-director: imagesomni_plan3_prod

GET
H2 200 fd683d18-f746-48ad-8d53-c885927ed815
gfx.omni.se/images/ 2 KB
2 KB 155ms
154ms Image
image/jpeg 2001:67c:21e0::c
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfx.omni.se/images/fd683d18-f746-48ad-8d53-c885927ed815?h=80&tight=true&w=80
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:21e0::c , Norway, ASN2116 (ASN-CATCHCOM, NO),
Reverse DNS
Software: /
Resource Hash: 5f575d63d46dd7d057417446ac6249dbd0f909cd1b8f2db2e4b658e635a97791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
age: 0
x-plan3-correlation-id: lAAp7MeYGc0AdkMb
x-vg-tlsproxy: u89-tlsproxy-02.int.vgnett.no
x-cache: HIT:4454
content-type: image/jpeg
cache-control: public, max-age=315360000
x-vg-webcache: u89-varnish-03
x-age: 9497
accept-ranges: bytes
content-length: 2134
x-varnish-director: imagesomni_plan3_prod

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1007092773&t=pageview&_s=1&dl=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&ul=en-us&de=UTF-8&dt=Omfattande%20botoxfusk%20i%20sk%C3%B6nhetst%C3%A4vling%20f%C3%B6r%20kameler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=32169709&gjid=1561943745&cid=1864928921.1639052932&tid=UA-60888687-5&_gid=1103065839.1639052932&_r=1&gtm=2ouc10&z=2101141656

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://omni.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 set_consent_cookies Show response
cmp.omni.se/mms/ 0
438 B 11ms
11ms XHR
text/plain 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.omni.se/mms/set_consent_cookies?consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&consentUUID_maxAge=31536000&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&hasCsp=true

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/messagingNoTcfApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-64.fra2.r.cloudfront.net

Software

Jetty(9.4.2.v20170220) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=15552000; includeSubdomains
access-control-allow-methods: *
access-control-allow-origin: https://omni.se
access-control-allow-credentials: true
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: o6Tz-gfplZ-lX4Ph4_WowWFKGWhYxk_sMF4olqQBbPOVOfZqk3Dg5g==

GET
H/1.1 200
OK BentonSansForOmni-Bold.otf
omni-ad-blocket.herokuapp.com/fonts/ Frame 9E6B 44 KB
45 KB 39ms
38ms Font
font/otf 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://omni-ad-blocket.herokuapp.com/fonts/BentonSansForOmni-Bold.otf
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/css/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6940f8f7ddd796f44d72d03db38292c9b49bbb8a34f626417414317461935d7f

Request headers

Referer: https://omni-ad-blocket.herokuapp.com/css/stylesheet.css
Origin: https://omni-ad-blocket.herokuapp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Via: 1.1 vegur
Etag: W/"b12c-17d132f3668"
Last-Modified: Fri, 12 Nov 2021 08:06:41 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: font/otf
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45356

GET
H/1.1 200
OK BentonSans-Regular.ttf
omni-ad-blocket.herokuapp.com/fonts/ Frame 9E6B 117 KB
117 KB 35ms
34ms Font
font/ttf 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://omni-ad-blocket.herokuapp.com/fonts/BentonSans-Regular.ttf
Requested by: Host: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/css/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 324fcc32409fed30518fee030010c95e585c2fde1322a53ee5ebe36091d85074

Request headers

Referer: https://omni-ad-blocket.herokuapp.com/css/stylesheet.css
Origin: https://omni-ad-blocket.herokuapp.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Via: 1.1 vegur
Etag: W/"1d3d0-17d132f3668"
Last-Modified: Fri, 12 Nov 2021 08:06:41 GMT
Server: Cowboy
X-Powered-By: Express
Content-Type: font/ttf
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119760

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 44ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60888687-5&cid=1864928921.1639052932&jid=32169709&gjid=1561943745&_gid=1103065839.1639052932&_u=YEBAAUAAAAAAAC~&z=1646128765

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Dec 2021 12:28:52 GMT
content-type: text/plain
access-control-allow-origin: https://omni.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
cmp.omni.se/ Frame B10B 4 KB
2 KB 8ms
7ms Document
text/html 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/messagingNoTcfApi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/

Response headers

content-type: text/html
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 09 Dec 2021 11:55:52 GMT
etag: W/"89b8a4c9183b2e83d76d4204d34d51f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: BD-C3HdRAkouu1MbORfPogLZD38QeLdaB6_hzuQ1cMf4MxKFozNdKw==
age: 4022

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 28 KB
9 KB 216ms
202ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7397d62b2caaa322f30d72c921628591a13fe9cbc8f42b1498bb65d0bc9fbb3e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 07b6d071-342f-4ae7-abb6-c94392e81f80
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://omni.se
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 28 KB
9 KB 248ms
234ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1e7da97539be1fbca435b917b319bfb5b991540993430c4f3a52aad07f663139

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 81834631-71f7-4d67-bf85-7b216843fe9f
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://omni.se
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 set_consent_cookies Show response
cmp.omni.se/mms/ 0
437 B 12ms
11ms XHR
text/plain 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.omni.se/mms/set_consent_cookies?consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&consentUUID_maxAge=31536000&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&hasCsp=true

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/messagingNoTcfApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-64.fra2.r.cloudfront.net

Software

Jetty(9.4.2.v20170220) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=15552000; includeSubdomains
access-control-allow-methods: *
access-control-allow-origin: https://omni.se
access-control-allow-credentials: true
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 2_OyVoHJ2qPo0lZx9EdG-Hs_0IKkLBTpgbE5_Av75gun4-ZTp70zKA==

GET
H2 200 index.html Show response
cmp.omni.se/ Frame C82C 4 KB
2 KB 9ms
7ms Document
text/html 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/messagingNoTcfApi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/

Response headers

content-type: text/html
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 09 Dec 2021 11:55:52 GMT
etag: W/"89b8a4c9183b2e83d76d4204d34d51f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4zAavCn8qLCJfi57mUZNvc5vB3GEfc6W_30gIbM7axaQk434mvwBEw==
age: 4022

GET
H2 200 Notice.03819.css
cmp.omni.se/ Frame B10B 32 KB
6 KB 10ms
7ms Stylesheet
text/css 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/Notice.03819.css
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:13:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 2409
etag: W/"894f01a34ee58f1147257366e6a6bde7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wYgM7dN4nVnsW4iG_2gx8OvH_Qt-p5gFkJ64Vpu0VWXR60nrSHvv_g==

GET
H2 200 polyfills.d36c5.js Show response
cmp.omni.se/ Frame B10B 5 KB
2 KB 9ms
7ms Script
application/javascript 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/polyfills.d36c5.js
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:13:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 2419
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gWAyasyG8Pvk-ESb2DH9-KJMEKUtrjihnoFLrhSjtaKy_MsZ4e60qg==

GET
H2 200 Notice.70828.js Show response
cmp.omni.se/ Frame B10B 209 KB
52 KB 10ms
8ms Script
application/javascript 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/Notice.70828.js
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/index.html?message_id=490321&consentUUID=bdb24a18-f87d-4f69-a5e9-0760cd1f0567&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 11:42:08 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 3997
etag: W/"3f789fabb7890dc26d3914692795ffb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: EPt1W0aE9729XpGl9YhLfJDgqDIja6C-_kbLVJ6ZQiCEhI8eAVX3Xw==

GET
H2 200 Notice.03819.css
cmp.omni.se/ Frame C82C 32 KB
6 KB 8ms
7ms Stylesheet
text/css 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/Notice.03819.css
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:13:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 2409
etag: W/"894f01a34ee58f1147257366e6a6bde7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: -kAvkIoY3aJwDpPDJeQCqeOgayVe_36Nwq_b7CZGVHPElmbClS3xFw==

GET
H2 200 polyfills.d36c5.js Show response
cmp.omni.se/ Frame C82C 5 KB
2 KB 8ms
8ms Script
application/javascript 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/polyfills.d36c5.js
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:13:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 2419
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: smjldS17Wu63ejl8Bl_-l7z9GZ6GUE_8tgwOKyllpYEgPFs3gKwXSA==

GET
H2 200 Notice.70828.js Show response
cmp.omni.se/ Frame C82C 209 KB
52 KB 8ms
8ms Script
application/javascript 13.224.189.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.omni.se/Notice.70828.js
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/index.html?message_id=490321&consentUUID=23a85ca6-0054-47e3-a720-d6f90ffc4c5a&requestUUID=225eaf19-ca01-4c9b-b7d7-3f19731ded3b&preload_message=true&consentLanguage=sv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 11:42:08 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 3997
etag: W/"3f789fabb7890dc26d3914692795ffb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ZTDD9TwF4nBJKRdKmy_4kbCDavH9inVZ84MHdEc_VvkOM5wMGo6Vqw==

GET
H2 200 schibsted.20210305.svg
static.privacy.schibsted.com/cmp/ Frame B10B 16 KB
6 KB 38ms
6ms Image
image/svg+xml 65.9.68.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.privacy.schibsted.com/cmp/schibsted.20210305.svg
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a17dbe0c9d25187a9ef656698d4a70e9144f61258f7b4211d5403548b8b6a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:03:32 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 19:04:39 GMT
server: AmazonS3
age: 23121
etag: W/"54024cc6ee81422a4228402ce3ea0139"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 2TziwfBJkfw7DCfuqeHgRxF_VkKbIu5XEtvtWlO9HbD6Q3s_9oEt9w==

GET
H2 200 P001_EUchange.png
info.privacy.schibsted.com/wp-content/uploads/2018/04/ Frame B10B 21 KB
21 KB 31ms
7ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2018/04/P001_EUchange.png

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a7c42779dfcf24d34cc624d9fdb1b30e8adea6e6e1d1b45a08cbfc75c24497e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 13 Aug 2020 07:01:26 GMT
server: nginx
etag: "5f34e546-544f"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21583
expires: Fri, 20 Aug 2021 22:35:27 GMT

GET
H2 200 p001_post_positive.png
info.privacy.schibsted.com/wp-content/uploads/2018/04/ Frame B10B 24 KB
24 KB 31ms
7ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2018/04/p001_post_positive.png

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18c43d517550dd0d7abca0d7f395ac554ff661032f9f81154811166c724c8ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 13 Aug 2020 07:00:58 GMT
server: nginx
etag: "5f34e52a-5e7f"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 24191
expires: Fri, 20 Aug 2021 22:35:27 GMT

GET
H2 200 s008_post_understand.png
info.privacy.schibsted.com/wp-content/uploads/2018/05/ Frame B10B 23 KB
23 KB 31ms
7ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2018/05/s008_post_understand.png

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe9c00b39aa997d1efe1f793dd8d68517005e27f2057f011c6007e313aae32ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 13 Aug 2020 06:48:04 GMT
server: nginx
etag: "5f34e224-5d48"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 23880
expires: Fri, 20 Aug 2021 22:35:27 GMT

GET
H2 200 p005_featured-1.png
info.privacy.schibsted.com/wp-content/uploads/2020/09/ Frame B10B 13 KB
13 KB 32ms
8ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2020/09/p005_featured-1.png

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fb06beff3b52ed00a1a147f87a577f9997347e9360ed04f0ef5add191979a1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Wed, 23 Sep 2020 12:00:54 GMT
server: nginx
etag: "5f6b38f6-3387"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13191
expires: Fri, 20 Aug 2021 22:35:27 GMT

POST
H2 200 identify Show response
cis.omni.se/api/v1/ 858 B
1 KB 80ms
26ms Fetch
application/json 13.53.178.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cis.omni.se/api/v1/identify

Requested by

Host: sdk.pulse.schibsted.com
URL: https://sdk.pulse.schibsted.com/pulse.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.53.178.57 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-53-178-57.eu-north-1.compute.amazonaws.com

Software

Finatra /

Resource Hash

f4afa97c613f4f803bb546fbcc0e8a6c76de58d2625273770749736123bf8d5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Finatra
x-frame-options: DENY
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omni.se
access-control-max-age: 86400
cache-control: private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'none'
access-control-allow-headers: X-Requested-With,content-type,content-length
content-length: 643

OPTIONS
H2 200 identify
cis.omni.se/api/v1/ Frame 0
0 105ms
26ms Preflight
application/json 13.53.178.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cis.omni.se/api/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.53.178.57 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-53-178-57.eu-north-1.compute.amazonaws.com

Software

Finatra /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://omni.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-type: application/json; charset=utf-8
content-length: 28
server: Finatra
cache-control: private, no-cache, proxy-revalidate, max-age=0
x-frame-options: DENY
access-control-max-age: 86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
access-control-allow-origin: https://omni.se
access-control-allow-headers: X-Requested-With,content-type,content-length
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 FGrotesk-Book.woff2
d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/ Frame B10B 23 KB
24 KB 36ms
8ms Font
font/woff2 99.86.3.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/FGrotesk-Book.woff2
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-230.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe6494bba16b715e5c81b1506a56cefb3472ac2e91a072a0b6a46ff65690c4a0

Request headers

Referer: https://cmp.omni.se/
Origin: https://cmp.omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 13:28:59 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
age: 23237994
x-cache: Hit from cloudfront
content-length: 23776
last-modified: Wed, 09 Sep 2020 11:47:51 GMT
server: AmazonS3
etag: "ebdac35919f67402c9cd56d96eaba892"
vary: Origin
access-control-allow-methods: GET, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: no-transform,public,max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: twYjU2De8NROPctQ-zSH7YXk8XbWsSImxFh4UMvxpss6URlnl6CfPQ==

GET
H2 200 FGroteskDemi-Regular.woff2
d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/ Frame B10B 19 KB
20 KB 36ms
8ms Font
font/woff2 99.86.3.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/FGroteskDemi-Regular.woff2
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-230.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1555705a6bb02ae2759a5559c5f6ba10c4f9bf90f8daa5c9eca33962e9d3d4b3

Request headers

Referer: https://cmp.omni.se/
Origin: https://cmp.omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:28:18 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
age: 18918035
x-cache: Hit from cloudfront
content-length: 19752
last-modified: Wed, 09 Sep 2020 11:47:51 GMT
server: AmazonS3
etag: "8959b66f98b0f6c96d2e98322da09845"
vary: Origin
access-control-allow-methods: GET, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: no-transform,public,max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: 6QmQiBODcPVAyn2SOcgZcwO7QmtGDeDR11fhc1sBjgiOfDSHPyRpBw==

GET
H2 200 schibsted.20210305.svg
static.privacy.schibsted.com/cmp/ Frame C82C 16 KB
6 KB 7ms
6ms Image
image/svg+xml 65.9.68.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.privacy.schibsted.com/cmp/schibsted.20210305.svg
Requested by: Host: cmp.omni.se
URL: https://cmp.omni.se/Notice.70828.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-68-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a17dbe0c9d25187a9ef656698d4a70e9144f61258f7b4211d5403548b8b6a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:03:32 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 19:04:39 GMT
server: AmazonS3
age: 23121
etag: W/"54024cc6ee81422a4228402ce3ea0139"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JGF1GVJ3JSsyBJBfGLjMnzHiy2og42BikPTMCWqndLjpICwPaBGYEA==

GET
H2 200 P001_EUchange.png
info.privacy.schibsted.com/wp-content/uploads/2018/04/ Frame C82C 21 KB
21 KB 6ms
6ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2018/04/P001_EUchange.png

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/Notice.70828.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a7c42779dfcf24d34cc624d9fdb1b30e8adea6e6e1d1b45a08cbfc75c24497e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 13 Aug 2020 07:01:26 GMT
server: nginx
etag: "5f34e546-544f"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21583
expires: Fri, 20 Aug 2021 22:35:27 GMT

GET
H2 200 p001_post_positive.png
info.privacy.schibsted.com/wp-content/uploads/2018/04/ Frame C82C 24 KB
24 KB 6ms
6ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2018/04/p001_post_positive.png

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/Notice.70828.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18c43d517550dd0d7abca0d7f395ac554ff661032f9f81154811166c724c8ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 13 Aug 2020 07:00:58 GMT
server: nginx
etag: "5f34e52a-5e7f"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 24191
expires: Fri, 20 Aug 2021 22:35:27 GMT

GET
H2 200 s008_post_understand.png
info.privacy.schibsted.com/wp-content/uploads/2018/05/ Frame C82C 23 KB
23 KB 6ms
6ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2018/05/s008_post_understand.png

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/Notice.70828.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe9c00b39aa997d1efe1f793dd8d68517005e27f2057f011c6007e313aae32ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 13 Aug 2020 06:48:04 GMT
server: nginx
etag: "5f34e224-5d48"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 23880
expires: Fri, 20 Aug 2021 22:35:27 GMT

GET
H2 200 p005_featured-1.png
info.privacy.schibsted.com/wp-content/uploads/2020/09/ Frame C82C 13 KB
13 KB 7ms
7ms Image
image/png 192.0.78.192
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.privacy.schibsted.com/wp-content/uploads/2020/09/p005_featured-1.png

Requested by

Host: cmp.omni.se
URL: https://cmp.omni.se/Notice.70828.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.192 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fb06beff3b52ed00a1a147f87a577f9997347e9360ed04f0ef5add191979a1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Wed, 23 Sep 2020 12:00:54 GMT
server: nginx
etag: "5f6b38f6-3387"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13191
expires: Fri, 20 Aug 2021 22:35:27 GMT

GET
H2 200 FGrotesk-Book.woff2
d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/ Frame C82C 23 KB
24 KB 9ms
8ms Font
font/woff2 99.86.3.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/FGrotesk-Book.woff2
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-230.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe6494bba16b715e5c81b1506a56cefb3472ac2e91a072a0b6a46ff65690c4a0

Request headers

Referer: https://cmp.omni.se/
Origin: https://cmp.omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 13:28:59 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
age: 23237994
x-cache: Hit from cloudfront
content-length: 23776
last-modified: Wed, 09 Sep 2020 11:47:51 GMT
server: AmazonS3
etag: "ebdac35919f67402c9cd56d96eaba892"
vary: Origin
access-control-allow-methods: GET, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: no-transform,public,max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: UqUGUvZhGyMyraa2vfQz9VFxRm3fWLmVBFueHRhxU1NvSjhppsgO3g==

GET
H2 200 FGroteskDemi-Regular.woff2
d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/ Frame C82C 19 KB
20 KB 12ms
12ms Font
font/woff2 99.86.3.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3iwtia3ndepsv.cloudfront.net/web/v1.5.4/fonts/FGroteskDemi-Regular.woff2
Requested by: Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-230.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1555705a6bb02ae2759a5559c5f6ba10c4f9bf90f8daa5c9eca33962e9d3d4b3

Request headers

Referer: https://cmp.omni.se/
Origin: https://cmp.omni.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:28:18 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
age: 18918035
x-cache: Hit from cloudfront
content-length: 19752
last-modified: Wed, 09 Sep 2020 11:47:51 GMT
server: AmazonS3
etag: "8959b66f98b0f6c96d2e98322da09845"
vary: Origin
access-control-allow-methods: GET, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: no-transform,public,max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: nfYrXTgckqcgDoXb-WpC1H5MFdXkaHmqM55TLKHEiu3rxAb_DAIbeA==

GET
H/1.1 200
OK safeframe-v2.html Show response
acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/ Frame 3060 222 B
747 B 51ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a6c8392de0df9b8f5d29e45c6d841f51f7ca6d9bad2754d207ee2148e22527e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/

Response headers

Connection: keep-alive
Content-Length: 178
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 08 Dec 2021 15:43:04 GMT
ETag: "61b0d288-de"
Expires: Thu, 09 Dec 2021 15:43:12 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 09 Dec 2021 12:28:52 GMT
Age: 74742
X-Served-By: cache-lga21945-LGA, cache-fra19121-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 236
X-Timer: S1639052932.354234,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK safeframe-v2.html Show response
acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/ Frame EDF2 222 B
747 B 21ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a6c8392de0df9b8f5d29e45c6d841f51f7ca6d9bad2754d207ee2148e22527e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/

Response headers

Connection: keep-alive
Content-Length: 178
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 08 Dec 2021 15:43:04 GMT
ETag: "61b0d288-de"
Expires: Thu, 09 Dec 2021 15:43:12 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 09 Dec 2021 12:28:52 GMT
Age: 74741
X-Served-By: cache-lga21945-LGA, cache-fra19147-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 254
X-Timer: S1639052932.355718,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

7279322295507918225
sch-map.norstatsurveys.com/api/nids/schibstedse/map/
Redirect Chain

https://secure.adnxs.com/getuid?https://cis.schibsted.com/api/v1/sync?ANID=$UID
https://cis.schibsted.com/api/v1/sync?ANID=7279322295507918225
https://sch-map.norstatsurveys.com/api/nids/schibstedse/map/7279322295507918225?alias=61697b15-91c6-416b-ace7-903728c28971

43 B
264 B

246ms
36ms

Image
image/gif

23.100.50.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sch-map.norstatsurveys.com/api/nids/schibstedse/map/7279322295507918225?alias=61697b15-91c6-416b-ace7-903728c28971
Protocol: HTTP/1.1
Server: 23.100.50.51 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-db3-013.cloudapp.net
Software: Microsoft-IIS/10.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:52 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/gif
Arr-Disable-Session-Affinity: True
Cache-Control: no-cache
Content-Length: 43
Expires: -1

Redirect headers

location: https://sch-map.norstatsurveys.com/api/nids/schibstedse/map/7279322295507918225?alias=61697b15-91c6-416b-ace7-903728c28971
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
server: Finatra
content-length: 128
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK sf-ext.js Show response
acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/js/ Frame 3060 30 KB
13 KB 6ms
6ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/js/sf-ext.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 220dc8475b418bc753d3ac52081f1a3606a70e41f20fdb530a25334a2d375b06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Age: 74742
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 12234
X-Served-By: cache-lga21923-LGA, cache-fra19147-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 08 Dec 2021 15:43:04 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1639052932.379586,VS0,VE0
ETag: W/"61b0d288-7911"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 09 Dec 2021 15:43:12 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 3, 132

GET
H/1.1 200
OK sf-ext.js Show response
acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/js/ Frame EDF2 30 KB
13 KB 7ms
6ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/js/sf-ext.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 220dc8475b418bc753d3ac52081f1a3606a70e41f20fdb530a25334a2d375b06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Age: 74742
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 12234
X-Served-By: cache-lga21923-LGA, cache-fra19121-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 08 Dec 2021 15:43:04 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1639052932.380019,VS0,VE0
ETag: W/"61b0d288-7911"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 09 Dec 2021 15:43:12 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 3, 154

GET
H/1.1 200
OK mediation.js Show response
acdn.adnxs-simple.com/ast/mediation/0.44.0/ Frame 3060 20 KB
7 KB 6ms
6ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/js/sf-ext.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e86f2b031fa9641018b76da62bc6776066cce6c84af7b5db0fb974ddbe0e427c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Age: 74742
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 6884
X-Served-By: cache-lga21939-LGA, cache-fra19121-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 08 Dec 2021 15:43:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1639052932.391616,VS0,VE0
ETag: W/"61b0d284-5092"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 09 Dec 2021 15:43:12 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 4054

GET
H/1.1 200
OK mediation.js Show response
acdn.adnxs-simple.com/ast/mediation/0.44.0/ Frame EDF2 20 KB
7 KB 10ms
10ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/js/sf-ext.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e86f2b031fa9641018b76da62bc6776066cce6c84af7b5db0fb974ddbe0e427c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Age: 74742
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 6884
X-Served-By: cache-lga21939-LGA, cache-fra19147-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 08 Dec 2021 15:43:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1639052932.396011,VS0,VE0
ETag: W/"61b0d284-5092"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 09 Dec 2021 15:43:12 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 3942

GET
H/1.1 200
OK log_req
fra1-ib.adnxs.com/mediation/v2/ Frame 3060 0
803 B 60ms
6ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/mediation/v2/log_req?info=MQAAAAMABQEFAQiE7ceNBhCokN25gsKzsDwY100hCAPPvYdLGEAowd3yVDBWOABAAA..&s=7f098713316f61ee57c1a290cf779f053a3ecbfd

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:52 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 65f3b0d9-9185-4f4c-aaf9-db2ee234bb28
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CD47 80 KB
27 KB 64ms
17ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

6bbe35b0bca75513f8aed7d00f1dce8c22678a4da874c2e9d4bf3b0f4248e5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 907 of 1000 / last-modified: 1639051552"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27034
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H/1.1 200
OK log_req
fra1-ib.adnxs.com/mediation/v2/ Frame EDF2 0
803 B 63ms
21ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/mediation/v2/log_req?info=MQAAAAMABQEFAQiE7ceNBhDQpqqD27TVlXEY100hCAPPvYdLGEAoxqKObzBWOABAAA..&s=e4c6fbcb2eabe9881307e16fdd39a90d18968834

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:52 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3c8c3c0e-9e2a-4a5e-bf2f-9f405f764c13
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FDD8 80 KB
27 KB 64ms
29ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

6bbe35b0bca75513f8aed7d00f1dce8c22678a4da874c2e9d4bf3b0f4248e5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 453 of 1000 / last-modified: 1639051552"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27034
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CD47 348 KB
117 KB 46ms
32ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FDD8 348 KB
117 KB 23ms
19ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame FDD8 107 B
792 B 41ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=acdn.adnxs-simple.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FDD8 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=acdn.adnxs-simple.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FDD8 18 KB
8 KB 751ms
751ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2099018879945224&correlator=2439322421544273&output=ldjh&impl=fif&eid=31063246&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211209&iu_parts=21832178469%2Cse-sms-omni%2Cdesktop_web%2Cse-sms-omni-wde-insider&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x480%7C300x250%7C5x5&prev_scp=second_price%3D1&eri=4&cdm=acdn.adnxs-simple.com&bc=31&abxe=1&dt=1639052932576&dlt=1639052932412&idt=149&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=1210884620&ucis=b71kykqc72us&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&loc=https%3A%2F%2Facdn.adnxs-simple.com%2Fast%2Fsafeframe%2Fstatic%2F0.44.0%2Fhtml%2Fsafeframe-v2.html&top=omni.se&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=168845093.1639052933&ga_sid=1639052933&ga_hid=1758961084&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

42e15c4e2f9c2cdfc395f40e949ac851321114e0f695c81827bdda9c06087a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
google-lineitem-id: 5158520827
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138301815795
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://acdn.adnxs-simple.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FDD8 11 KB
9 KB 56ms
33ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c8c8076c8921430b02285f42eeeb7c8a794e59c2854e04b7a0747bcf35df621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8559
x-xss-protection: 0

GET
H2 200 container.html Show response
38e30e7c291d29145ae6c9a780ced256.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0FD3 6 KB
4 KB 58ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38e30e7c291d29145ae6c9a780ced256.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 09 Dec 2021 12:28:52 GMT
expires: Fri, 09 Dec 2022 12:28:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 sdrn:schibsted:client:omnise Show response
collector.schibsted.io/api/v1/track/ 79 B
228 B 212ms
28ms Fetch
text/plain 13.48.72.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.schibsted.io/api/v1/track/sdrn:schibsted:client:omnise
Requested by: Host: sdk.pulse.schibsted.com
URL: https://sdk.pulse.schibsted.com/pulse.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.72.109 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-72-109.eu-north-1.compute.amazonaws.com
Software: Finatra /
Resource Hash: 90687150c18ec51580a40877532d01b82c479d207966f5b51972f0efee916f18

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://omni.se
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
server: Finatra
content-length: 88
content-type: text/plain; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame CD47 107 B
165 B 20ms
20ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=acdn.adnxs-simple.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CD47 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=acdn.adnxs-simple.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CD47 18 KB
8 KB 716ms
716ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2757690959125383&correlator=2575710020743690&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211209&iu_parts=21832178469%2Cse-sms-omni%2Cdesktop_web%2Cse-sms-omni-wde-panorama&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=980x240&prev_scp=second_price%3D1&eri=4&cdm=acdn.adnxs-simple.com&bc=31&abxe=1&lmt=1639052932&dt=1639052932606&dlt=1639052932401&idt=194&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=980&ish=240&oid=2&adxs=0&adys=0&adks=4039681556&ucis=ngx0dnddqvoi&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&loc=https%3A%2F%2Facdn.adnxs-simple.com%2Fast%2Fsafeframe%2Fstatic%2F0.44.0%2Fhtml%2Fsafeframe-v2.html&top=omni.se&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=980x0&msz=980x0&ga_vid=1900633589.1639052933&ga_sid=1639052933&ga_hid=1716151434&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

fd85510c24b169104f0e7bb3b8552f9c2efcb4cf54c3870adb275474204cad52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8217
x-xss-protection: 0
google-lineitem-id: 5158520827
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138301815795
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://acdn.adnxs-simple.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CD47 11 KB
9 KB 29ms
29ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bde0824233edf0081233d0a1622261a223456138c25874c1b806b746a815ae0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8699
x-xss-protection: 0

GET
H2 200 container.html Show response
c43a55be1943afa4f87ec8c90de49e5c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 75D0 6 KB
3 KB 74ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c43a55be1943afa4f87ec8c90de49e5c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 09 Dec 2021 12:28:52 GMT
expires: Fri, 09 Dec 2022 12:28:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FDD8 17 KB
7 KB 148ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CD47 17 KB
6 KB 170ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A16 13 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 09 Dec 2021 11:53:22 GMT
expires: Fri, 09 Dec 2022 11:53:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3309 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b24bafea56724cdc9a1244a48abd1e5d1c4a45f728be5de9aa844d9b9116eb06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HwFHwDkSOoRLbW/bNg+ElQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 09 Dec 2021 12:28:52 GMT
date: Thu, 09 Dec 2021 12:28:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-HwFHwDkSOoRLbW/bNg+ElQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F596 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 09 Dec 2021 11:53:22 GMT
expires: Fri, 09 Dec 2022 11:53:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4345 783 B
737 B 25ms
18ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af97b332450c6dc9371fc9fc8326175dc381983ffce3f93f0d1e1f3b209c2640

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X7AGoVvAxhrQcHZcofxDLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 09 Dec 2021 12:28:52 GMT
date: Thu, 09 Dec 2021 12:28:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-X7AGoVvAxhrQcHZcofxDLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A16 35 KB
13 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 08:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 08:08:39 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame F596 35 KB
13 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 08:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 08:08:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3309 0
0 67ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2099018879945224&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4345 0
0 59ms
49ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2757690959125383&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD47 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2757690959125383&bg=!WFulWx_NAAZKWFskSlg7ACkAdvg8WsKIqkkMNEOsQlCXNNFSDMk1zpVOJ7ypnPBCJrd-5s8aLZStkgIAAABsUgAAAAtoAQcKAATcQjiwmQLgU9qfDNPo_vO3tnNUbvvYcq7GGE7MTgVAk33f_65hqFQi0y1XOfMDZRO3RYB4nkBatFHr8hn_oLrn2VXZM-RoBpvt39iGrKPaUCrGktOqQquYeMRlCFffH4lbYPiIdJsbM0ZEOGLtUHpXmjTWQDzawwBbTM3k2A1sMfu-Jnje4ItwByViiveTtDDGRv7G01DpDAGhzgGglGXITxTkLxIVut-nKLYkHmt9AEMH9MKV93EB6I4J-PfDf4r8uCSiIjUa9_S77G7TlsWaXBHU0WnrZxx8bD6jyrC69aW4B3CFs7pN9N0OyC9GxomsHzDyTKnwW-MgYiNnzPlrh6dDtj_LkUhmPEYWz4nHrS5p0HASw-AyN-vT6Yp6kChnkppDa-EJjY2uPW3gTdpbg1j3TfisQu6GNUNo4uukVPvNFwBQCpXC_8ai003D-forXgE0LHQCVfnmnbLpnNmLQzMXBMQWcp0F9BTZ1HiBFfS4_G7VAx5nyZusTNe2QZI2rH7P0_RXZ47UhV19mOmV7TbX7wmzr-0RpGOOs_w40bucq1NnqP9Ns4ienu_sJMx8CEfvS6pfYrgzo7NqpOoUbx6wK9GC7ix0hqqXxT86CrGLWHFpy9SjXRl7dCO4ijjqYrKLE_S78x-4F_FN5J1ZMM6HcXomXKQZvuJUc68nbmodMkdRIVbeo3tKCaKEmrmw92K-OmD7ii197NMZvcsKk1mkyLeShbarMzk_HZ0zSNUP86sgU75vpE1NXEKBH1ToFt7oL3Jo0Nc9pEgNJifGckXcckUA6fOjs9XWR_70rGuO3AL4E8f0zichn_YpnYaV3Un6_kdqybeRngnbrJNF29iyOLX57NJ92Wc1jQk-gbUdmMKmwWkXx_ErFRAji1H0eSsUfMBqh94lBStgYV3lSsstV1LnX89i0hn1U8f4Ef7JVG7PwQ4HoFrYfmYtP8ZGszfnVK3fXoDu-bemG6XzdZ7kP28CjQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDD8 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2099018879945224&bg=!IiGlIWXNAAZKWFskSlg7ACkAdvg8WpP9KdrQWbWe-WLmFIUVM9TcZj1FwqAddBa9fK8podEQ83FHGgIAAAB9UgAAAA1oAQcKAG4GyzaZFn6Apue35VDiw7CJclPlCu91yspvB1SBcdgZvbYNvKYpBZr5vIDZ3Aipa1JbV1iLpGHFv2TnG7HRgWeVPRSlOUw8mS-iZ7Cc9c3oFKQhcmLKGr8vAG3z7UlQVB1shA1wBL0v4FkGV_QnLJkDDO-AUJ9BDvbOl0akpMrryj2-SDBiEDq8C3T-XB0xLHdk60RgxTx7me3nrweVU7dxPs8dtzOLRS8HI2MKUVMVcOHoIPqbhaXyxABn3GTy3vvrtVAYZRtT2xk6sfxj1JdBO5DbCuPammJ3QasuuwR1OEzclolmdRrQ7yMhClntfbrT601Cfoo8QXPumwJ4IFHRfMseAU5823atAzOQLhL7Ib6Qd_cHHHic7c8pD6R7LfL94U4bTQNZO4C5N3R5Sdn45KJE15jbz71fbV0oxOWFdn7C4LszB8GGG01sfbpfw6VUZjRsl-BUHh7qVKVH47v_h17mfhE3Y6KKJd2VorlWIZSaPm9tWbnaTPK9xf7ZXsYSAGmKX_5I0AGmJVTwZKCet2ZnpD6tthsPQ-NW7exhinAe6f_NsjP6Lq6UI3MdK_L_svJGTbjgEx3PgMF3lnuyCmhcTTJXz61MJBq47Y45GpfJolQ7-5CCm16TZY78qANypsuKdHRReXKhvc9Zf_RGzGfN5znfzwrNZxGhuQotVz2lWComJPyRKL_mU4FeoLgTZaWEGlc0MIDJ7Bsknbddd53jqhgCwRDdkai1CLQUJUIoRRYAZ6hy1mXfWSg8fy8J-tS86Q7KCpnSgw4eRiaPybpz8nqsDAmiYnnGmy3I1trf0xSC7TSc9AqJNjjYAqB-tPcU55VAJN6PO73nV0hQOEyl4_PahBsSHBc0ZauDL6W7lDOqG2L83Bk2kmQVm3CyldDx7ODtJnjTJIREjH4r4sfOwf2J12jWdy73kYLdCNBBwMCU7fRYDrqUssfARqvCb1YFKLD8YaiAsDhGHkwWCDWw3fnATJnkAWo4azsy-g4Ud21dEznqeTrajABVi2O3gEEw6ZuuU8bAylmwg6-KpPEvjQBajVTVvw0uMolHG2qL11YTGki6Xt8iyPVcb-I0LAF3_88GVdfpH9WHIYyo8NFoLQTKQBaQMDn5MmMVP-oQRxuMEmAGPdEJ8iaXCBsM7b1LSgc3d9BSrr1izAEGWySSAQCHTOLrwm9emA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D6D0 0
0 42ms
42ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudHeZOC9gONDG33A8y9Fo1x4NwiXGBuWSRy02NyqgVhfFNwLN308BBJvX6fX1SHlg54rAPpXXcbhH2uqa8W2x7HYyB2YE5dWhdKiB-HsQZmlDVQVE8DqlryUq4SCXE9MG_MnNYJDAPXlXQIR5P2dxYr3iMR4THHKgcvu7GDM4v88EcyAFDVBJu34x9pf07wdCpesmgxRM4_gmy-plpQMcylfISowBPlxZZ27QbDbQJDFb2_3SN4SyOwQercs-id9HpCAfqK2YUCw5eKcEBF_CLshgdCvI5nI2fQkMZutCh3uWgZUAJeQbe4FQkHK_oNiB9qocyTIXqtKqAe_wdPkcUSkjgp2ndEQ&sig=Cg0ArKJSzOm3UvWpW6avEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 09 Dec 2021 12:28:53 GMT

GET
H/1.1 200
OK noad.js Show response
cdn.adnxs.com/mediation/ Frame D6D0 163 B
451 B 65ms
15ms Script
application/x-javascript 104.102.28.239
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/mediation/noad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.239 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-28-239.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6408fb3f2ba4fec418a6e46730e5b42b9818641f7d5f3da7102bbd9c4873d996

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Last-Modified: Wed, 11 May 2016 16:43:06 GMT
Server: AkamaiNetStorage
ETag: "f9f86b68afb4864f1b17a1e756855da5:1462985686"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D6D0 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C828 0
0 45ms
45ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdIOmf0EvzkAmwEyjMrkIDuWdJrfYVwR07Z12xiRagXmd9rfEp5Q7j3tyHm6QSWifPOTRqOiZ39xCXxkCPu70IKotB6ih8X2HcBkIWfrSWPXdOOpjrYPYt05tSLRsZU0upoafNKa7M3ALQs0drO2qutrnzGDJ1gUIPEdC-oow4NF5Y42WhKbdYRQ3GljOKeThlaAtHDtguFBcCFcmciPSh2xf2kwBXRcmQXB4GV5UThHXo-0RB8YyNZFvj2Xho6WC0jUHafUscj59u-IzX_drfx1F-pO6V1ftjQ2wvvl58vfY6R9Wc8y4XxtTBwH--B-JNGJmNQkJPSAT4sNkFWmAyXEYr_RZi&sig=Cg0ArKJSzPxwKinFTFL3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 12:28:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 09 Dec 2021 12:28:53 GMT

GET
H/1.1 200
OK noad.js Show response
cdn.adnxs.com/mediation/ Frame C828 163 B
451 B 59ms
16ms Script
application/x-javascript 104.102.28.239
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/mediation/noad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.239 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-28-239.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6408fb3f2ba4fec418a6e46730e5b42b9818641f7d5f3da7102bbd9c4873d996

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Last-Modified: Wed, 11 May 2016 16:43:06 GMT
Server: AkamaiNetStorage
ETag: "f9f86b68afb4864f1b17a1e756855da5:1462985686"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C828 0
0

GET
H/1.1 200
OK log_resp
fra1-ib.adnxs.com/mediation/v2/ Frame 3060 0
803 B 15ms
15ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/mediation/v2/log_resp?info=MQAAAAMABQEFAQiE7ceNBhCokN25gsKzsDwY100hCAPPvYdLGEAowd3yVDBWOABAAA..&s=7f098713316f61ee57c1a290cf779f053a3ecbfd&reason=2&latency=1006

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 79561dce-7389-4b0c-91b9-615ece710ca0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK log_resp
fra1-ib.adnxs.com/mediation/v2/ Frame EDF2 0
803 B 7ms
7ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/mediation/v2/log_resp?info=MQAAAAMABQEFAQiE7ceNBhDQpqqD27TVlXEY100hCAPPvYdLGEAoxqKObzBWOABAAA..&s=e4c6fbcb2eabe9881307e16fdd39a90d18968834&reason=2&latency=997

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9c710040-f664-473c-8bea-20a840ddcd30
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E86D 1 KB
1 KB 54ms
17ms Script
text/javascript 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=9742422;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAAAAAACRAOIQqNXugNT84hCo1e6A1PyhINycQzmA8kZ1UbQ9ZBWWE9rFhAAAAAEeKKQHXJgAA1yYAAAIAAACu3CIJNnYaAAAAAABVU0QAU0VLANQD8ACp4QAAtSoGAQQCAAAAAMAA4B4NwgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lRSAOQjlrswNEK65i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc0QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzQ=/bn=76469/clickenc=;ord=1909503495;

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

89b627f8c0fedadf708fd6683423b86aa10eb3e0d372b5d78ebcf5dcc885808f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 852
expires: -1

GET
H/1.1 200
OK mtrcs_993451.js Show response
s372.mxcdn.net/bb-mx/serve/ Frame E86D 147 KB
57 KB 61ms
11ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 749d38c50152cf0cc705f1fd847e6d3925c3ed36eacbdf6d4209da32c71985ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Nov 2021 10:29:04 GMT
Server: nginx
ETag: "\W00000574301637663344776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=19003
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 57430
Expires: Thu, 09 Dec 2021 17:45:36 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/221/ Frame E86D 85 KB
29 KB 23ms
23ms Script
application/x-javascript 104.102.28.239
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/221/trk.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.239 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-28-239.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 09:57:21 GMT
Server: AkamaiNetStorage
ETag: "f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29240
Expires: Fri, 09 Dec 2022 12:28:53 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 3060 0
803 B 7ms
7ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLVCuhVBQAAAwDWAAUBCITtx40GEKiQ3bmCwrOwPBiRu9Lq9qHWgmUqNgk4hCo1e6A1PxE4hCo1e6A1PxkAAAECCCRAIREbACkRCfDJMQAAAIDrURhAMMeUpgk4101A101IAlCuuYtJWLbsaWAAaKnDgwF4tdUEgAEBigEDVVNEkgEDU0VLmAHUB6AB8AGoAQawAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6AR1zZS1vbW5pLXdkZS1mcm9udC10b3BwYW5vcmFtYYoCWXVmKCdhJywgMzE5MTkyMiwgMTYzOTA1MjkzMik7dWYoJ2knLCAxMTQ2NTE1LCAxNjM5MDUyOTMyKTt1ZigncicsIDE1MzI3OTY2MjYfAPQXAZIC8QMhUDFYY25namxyc3dORUs2NWkwa1lBQ0MyN0drd0JEZ0FRQVJJMTAxUXg1U21DVmdBWU9FQmFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRSGhoWE9HZFpOb1A4RUJILWs0VzBTdk5UX0pBUjNtSUZac0p2b18yUUZTU1oyQUppSWlRT0FCa18xRjlRRUFBQUFBbUFJQW9BSUF0UUlBQUFBQXZRSUFBQUFBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1CdWdNSlJsSkJNVG8xTnpjMDRBT01MWUFFQUlnRUFKQUVBSmdFQWNFRUFBQUFBQUFBQUFESkJBQUFBQUEFEhgyQVFBOFFRBQwFAVRJZ0ZqaTJwQlZKSm5ZQW1JaUpBc1FVBRsFAQhNRUYFCAUBCERKQh07ADAuKAAETmsuKADwPmdCU0h3QmRhLTFnUDRCZkxvd2dHQ0JnTlRSVXVJQmdDUUJnR1lCZ0NoQnZwLWFyeDBrMmdfcUFZQnNnWWtDUQVtBQEARR1wAEcdDABJHQw4dUFZS5oClQEhbFJTQU9RNvUBcHR1eHBJQVFvQURINmZtcThkSk5vUHpvSlJsSkJNLUUQUUl3dFM9AQBVHV0AVx0MAFkdDABhHQwAYx0MEGVBQ0pBHRBQ2ALJ8gHgApi0TeoCS2h0dHBzOi8vYRn0IAEuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQQCAAQARjUByDwASgAMAA4ArgEAMAEAMgEANIEDjk5NDMjRlJBMTo1Nzc02gQCCAHgBAHwBK65i0mIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG9TLaBhYKEAAAAAAAETtsAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaACABtTC6BkAAyAfj2AXSBw0JATQBAQE4CNoHBgknROAHAOoHAggA8Ae66wOKCAIQAA..&s=1f87a5b5b4e8dff309d9b5dc2df2eabfe0ca910e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9037894d-1879-4582-aa4b-647bd8de2979
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2FB5 1 KB
1 KB 43ms
17ms Script
text/javascript 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=9741260;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAACCF6x1AOIQqNXugNT84hCo1e6A1P1CTarClVStxkZ1UbQ9ZBWWE9rFhAAAAAEKKKQHXJgAA1yYAAAIAAACk2iIJNnYaAAAAAABVU0QAU0VLACwB4AGlnAAAumwGAQQCAAAAANYA_iBzvgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iRSKNAjlrswNEKS1i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc2QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzY=/bn=93370/clickenc=;ord=826704769;

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

adb360f12e96ba7f1a02600a6e22cbed31e3e7fc6af28769248b6fa578760b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 856
expires: -1

GET
H/1.1 200
OK mtrcs_993451.js Show response
s372.mxcdn.net/bb-mx/serve/ Frame 2FB5 147 KB
57 KB 57ms
20ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 749d38c50152cf0cc705f1fd847e6d3925c3ed36eacbdf6d4209da32c71985ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Nov 2021 10:29:04 GMT
Server: nginx
ETag: "\W00000574301637663344776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=19003
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 57430
Expires: Thu, 09 Dec 2021 17:45:36 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/221/ Frame 2FB5 85 KB
29 KB 25ms
25ms Script
application/x-javascript 104.102.28.239
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/221/trk.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.44.0/mediation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.28.239 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-28-239.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 09:57:21 GMT
Server: AkamaiNetStorage
ETag: "f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29240
Expires: Fri, 09 Dec 2022 12:28:53 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame EDF2 0
803 B 39ms
39ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLTCvBDUwUAAAMA1gAFAQiE7ceNBhDQpqqD27TVlXEYkbvS6vah1oJlKjYJOIQqNXugNT8ROIQqNXugNT8ZAAAAIIXrHUAhOIQJGwApESTwyTEAAABA4XqEPzDClKYJONdNQNdNSAJQpLWLSVi27GlgAGilua4BeLrZBYABAYoBA1VTRJIBA1NFS5gBrAKgAeADqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEdc2Utb21uaS13ZGUtYXJ0aWNsZS1pbnNpZGVyXzGKAll1ZignYScsIDMxOTE5MjIsIDE2MzkwNTI5MzIpO3VmKCdpJywgMTE0NjUxNSwgMTYzOTA1MjkzMik7dWYoJ3InLCAxNTMyNzkxNDA2HwD0FwGSAvEDIU9sZXd4UWpscnN3TkVLUzFpMGtZQUNDMjdHa3dCRGdBUUFSSTEwMVF3cFNtQ1ZnQVlPRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVTcUFFRHNBRUF1UUhoaFhPR2RaTm9QOEVCSC1rNFcwU3ZOVF9KQWRuam5HWEhsdlVfMlFGU1NaMkFKaUlpUU9BQmtfMUY5UUVBQUFBQW1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpSbEpCTVRvMU56YzI0QU9NTFlBRUFJZ0VBSkFFQUpnRUFjRUVBQUFBQUFBQUFBREpCQUFBQUFBBRIYMkFRQThRUQUMBQFUSWdGa0MycEJWSkpuWUFtSWlKQXNRVQUbBQEITUVGBQgFAQhESkIdOwAwLigABE5rLigA8D5nQlNId0JkYS0xZ1A0QmZMb3dnR0NCZ05UUlV1SUJnQ1FCZ0dZQmdDaEJ2cC1hcngwazJnX3FBWUJzZ1lrQ1EFbQUBAEUdcABHHQwASR0MOHVBWUuaApUBIWlSU0tOQTb1AXB0dXhwSUFRb0FESDZmbXE4ZEpOb1B6b0pSbEpCTS1FEFFJd3RTPQEAVR1dAFcdDABZHQwAYR0MAGMdDBBlQUNKQR0QUNgCyfIB4AKYtE3qAktodHRwczovL2EZ8Lwuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQOCAQQBBisAiDgAzAAOAO4BADABADIBADSBA45OTQzI0ZSQTE6NTc3NtoEAggB4AQB8ASBJSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab1MtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4ugZAAMgH-9YF0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHuusDiggCEAA.&s=28d04d14a870004dcffc1a4b9dbfabc8029bc214

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f55b693f-bcba-4225-b0f1-572b469a8ed1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E86D 33 KB
16 KB 74ms
18ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=9742422;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAAAAAACRAOIQqNXugNT84hCo1e6A1PyhINycQzmA8kZ1UbQ9ZBWWE9rFhAAAAAEeKKQHXJgAA1yYAAAIAAACu3CIJNnYaAAAAAABVU0QAU0VLANQD8ACp4QAAtSoGAQQCAAAAAMAA4B4NwgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lRSAOQjlrswNEK65i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc0QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzQ=/bn=76469/clickenc=;ord=1909503495;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 10 Dec 2021 16:12:39 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2FB5 33 KB
16 KB 87ms
32ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=9741260;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAACCF6x1AOIQqNXugNT84hCo1e6A1P1CTarClVStxkZ1UbQ9ZBWWE9rFhAAAAAEKKKQHXJgAA1yYAAAIAAACk2iIJNnYaAAAAAABVU0QAU0VLACwB4AGlnAAAumwGAQQCAAAAANYA_iBzvgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iRSKNAjlrswNEKS1i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc2QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzY=/bn=93370/clickenc=;ord=826704769;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 10 Dec 2021 16:12:39 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E86D 7 KB
4 KB 19ms
18ms Script
text/javascript 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=9742422;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAAAAAACRAOIQqNXugNT84hCo1e6A1PyhINycQzmA8kZ1UbQ9ZBWWE9rFhAAAAAEeKKQHXJgAA1yYAAAIAAACu3CIJNnYaAAAAAABVU0QAU0VLANQD8ACp4QAAtSoGAQQCAAAAAMAA4B4NwgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lRSAOQjlrswNEK65i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc0QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzQ=/bn=76469/clickenc=;ord=1909503495;;js=1;adfxid=1x;7192;set=en-US|en-US|1600X1200|0|1000|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fomni.se

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

772d90e782c6533aef5245cf2bd666f662a7b00d89e397edd621c9d74dad4b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3234
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2FB5 7 KB
4 KB 18ms
17ms Script
text/javascript 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=9741260;click=https://fra1-ib.adnxs.com/click?OIQqNXugNT84hCo1e6A1PwAAACCF6x1AOIQqNXugNT84hCo1e6A1P1CTarClVStxkZ1UbQ9ZBWWE9rFhAAAAAEKKKQHXJgAA1yYAAAIAAACk2iIJNnYaAAAAAABVU0QAU0VLACwB4AGlnAAAumwGAQQCAAAAANYA_iBzvgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iRSKNAjlrswNEKS1i0kYtuxpIAQoADH6fmq8dJNoPzoJRlJBMTo1Nzc2QIwtSVJJnYAmIiJAUQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAAAA/cca=OTk0MyNGUkExOjU3NzY=/bn=93370/clickenc=;ord=826704769;;js=1;adfxid=2x;5172;set=en-US|en-US|1600X1200|0|300|500|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fomni.se

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

65b6ca2411d4f601cc1de8cb9897e66cbfd7850c4cf7429051b1ae8ba9f6653d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3246
expires: -1

GET
H/1.1 200
OK mtrcs_993451.js Show response
s372.mxcdn.net/bb-mx/serve/ Frame 3060 147 KB
57 KB 8ms
7ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by: Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 749d38c50152cf0cc705f1fd847e6d3925c3ed36eacbdf6d4209da32c71985ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Nov 2021 10:29:04 GMT
Server: nginx
ETag: "\W00000574301637663344776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=19003
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 57430
Expires: Thu, 09 Dec 2021 17:45:36 GMT

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame E86D 0
803 B 7ms
7ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QKHEugHCQAAAwDWAAUBCITtx40GEKiQ3bmCwrOwPBiRu9Lq9qHWgmUqNgkIA8-9h0sYQBEIA8-9h0sYQBkAAAECCCRAIREbACkRCfQkAjEAAACA61EYQDDHlKYJONdNQNdNSAJQwd3yVFi27GlgAGipw4MBeOPYBYABAYoBA1VTRJIBA1NFS5gB1AegAfABqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEdc2Utb21uaS13ZGUtZnJvbnQtdG9wcGFub3JhbWGKAjx1ZignYScsIDMzNTg5NTgsIDE2MzkwNTI5MzIpO3VmKCdyJywgMTc4MDQwNTEzLCAxNjM5MDUyOTMyKTuSAu0DIXpsTVB6Z2pOcHZFUEVNSGQ4bFFZQUNDMjdHa3dBRGdBUUFSSTEwMVF4NVNtQ1ZnQVlPRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFRHNBRUF1UUVmRkVpQTBvaExRTUVCbTIzRXRJWkxHRURKQVFBQUFBQUFBUEFfMlFGU1NaMkFKaUlpUU9BQkFQVUJqVVpjUXBnQ0FLQUNBTFVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TlRjM05PQURqQzJJQkFDUUJBQ1lCQUhCQkFBQUFBQUFBQUFBeVFRQUFBQUFBQUFBQU5nRUFQRUVBQUFBQUFBQUFBQ0lCWTR0cVFWU1NaMkFKaUlpUUxFRkFBQUFBQUFBQUFEQkJRQUFBQUFBQUFBQXlRVUFBQUFBQUFBQUFORUZBQUFBQQURCERaQhH48ENBQUE0QVdRaVNYd0JmX2t1Z1Q0QmU2QnpRR0NCZ05UUlV1SUJoQ1FCZ0dZQmdDaEJuSGw3SjNSaUV0QXFBWUJzZ1lrQx1MAEUdDABHHQwASR0MSHVBWUuaApUBIXZCWDhwQWpOcHY58dB0dXhwSUFRb0FERng1ZXlkMFloTFFEb0pSbEpCTVRvMU56YzBRSXd0U1ZKSm5ZQW1JaUpBVR1dAFcdDABZHQwAYR0MAGMdDBBlQUNKQR0QUNgCyfIB4AKYtE3qAktodHRwczovL0H48FIuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk3yAhEKBkFEVl9JRBIHMzM1ODk1OAUUCENQRwUUGDkzNTE4MDcBFAgFQ1ABEzQIMzMzMTM2MTPyAg0KCAE8GEZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BVxEPEAsKB0NQFQ4QCQoFSU8BYAQA8gEaBElPFRo4EwoPQ1VTVE9NX01PREVMDSQIGgoWMhYAHExFQUZfTkFNBWoIHgoaNh0ACEFTVAE-EElGSUVEAWIcDQoIU1BMSVQBTfCBATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQQCAAQARjUByDwASgAMAA4ArgEAMAEAMgEANIEDjk5NDMjRlJBMTo1Nzc02gQCCAHgBAHwBKEMIIgFAZgFAKAF_xEBFAHABQDJBaFWHAAA8D_SBQkJCQyIAADYBQHgBQHqBSYKE3NlLWdlbmVyaWMtYWRmb3JtYXQSD3S5ARhfd2Rl6gUeMikAVHNpdGVtb2RlEgdkZXNrdG9w6gUfChcdSrhzY3JlZW5oZWlnaHQSBDEyMDDqBSEKEmFhLXNjaC1zdXBwbHlfdHlwZRILd2ViXxVGCB4KGR1GQGV4dGVybmFsaWRfc3JjEgEwAYgAFh0hCWcgd2lkdGgSBDE2AWYIFAoQLiEAIHRvcnkSAOoFIDY4AFhkay12ZXJzaW9uEgYwLjQ0LjDqBRgKEA2gKHB1Ymxpc2hlchIEYSEQ6gUdCg4dVVBnZW8SC25vIGxvY2F0aW9u6gUaCg_RRQhzZWMBFCASB0Vrb25vbWkBswAUHT0oYXJ0aWNsZWlkEgZpQCEZLvUAHHZpZXdwb3J0Nj0BCBkKEw2dIGNvdW50cnlfYyGACAJzZQHcABgdYRFAMhYBCB0KEh0jRqQAABkyIAA4cGFnZWdlbhIDc21w6gVGMlIBHHRvcGljEjJPwjEEIQkuhQAIYXBwRUMcCG5vdGluYXBFRCFHUY5AdGFncxIMU2F1ZGlhcmFiaWU1aREiAagEEgctUljwBc7wDvoFBAgAEACQBgCYBgC4BgDBBknyKPA_0Ab1MtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAgYACBhgiy6BkAAyAfj2AXSBw11QwE4CNoHBgknROAHAOoHAggA8Ae66wOKCAIQAA..&s=1b1da322d4b90e0681f4fba2faa09933193aab08&bdref=https%3A%2F%2Fomni.se%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fomni.se%2F,https%3A%2F%2Facdn.adnxs-simple.com%2Fast%2Fsafeframe%2Fstatic%2F0.44.0%2Fhtml%2Fsafeframe-v2.html,https%3A%2F%2Facdn.adnxs-simple.com%2Fast%2Fsafeframe%2Fstatic%2F0.44.0%2Fhtml%2Fsafeframe-v2.html&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 86c10388-6a72-451b-b969-4b6c18e20bb7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK mtrcs_993451.js Show response
s372.mxcdn.net/bb-mx/serve/ Frame EDF2 147 KB
57 KB 7ms
7ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Requested by: Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 749d38c50152cf0cc705f1fd847e6d3925c3ed36eacbdf6d4209da32c71985ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Nov 2021 10:29:04 GMT
Server: nginx
ETag: "\W00000574301637663344776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=19003
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 57430
Expires: Thu, 09 Dec 2021 17:45:36 GMT

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 2FB5 0
803 B 8ms
8ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QKAEvBDAAkAAAMA1gAFAQiE7ceNBhDQpqqD27TVlXEYkbvS6vah1oJlKjYJCAPPvYdLGEARCAPPvYdLGEAZAAAAIIXrHUAhCAMJGwApEST0JAIxAAAAQOF6hD8wwpSmCTjXTUDXTUgCUMaijm9YtuxpYABopbmuAXj71gWAAQGKAQNVU0SSAQNTRUuYAawCoAHgA6gBBrABALgBAcABBMgBAtABANgBAOABAPABAPoBHXNlLW9tbmktd2RlLWFydGljbGUtaW5zaWRlcl8xigI8dWYoJ2EnLCAzMzU4OTU4LCAxNjM5MDUyOTMyKTt1ZigncicsIDIzMzAxNzY3MCwgMTYzOTA1MjkzMik7kgLtAyFBRk4tbndpRWlmc1VFTWFpam04WUFDQzI3R2t3QURnQVFBUkkxMDFRd3BTbUNWZ0FZT0VCYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRURzQUVBdVFFZkZFaUEwb2hMUU1FQm0yM0V0SVpMR0VESkFRQUFBQUFBQVBBXzJRRlNTWjJBSmlJaVFPQUJBUFVCalVaY1FwZ0NBS0FDQUxVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5UYzNOdUFEakMySUJBQ1FCQUNZQkFIQkJBQUFBQUFBQUFBQXlRUUFBQUFBQUFBQUFOZ0VBUEVFQUFBQUFBQUFBQUNJQlpBdHFRVlNTWjJBSmlJaVFMRUZBQUFBQUFBQUFBREJCUUFBQUFBQUFBQUF5UVVBQUFBQUFBQUFBTkVGQUFBQUEFEQhEWkIR-PBDQUFBNEFXUWlTWHdCZnE1OGdYNEJlNkJ6UUdDQmdOVFJVdUlCaENRQmdHWUJnQ2hCbkhsN0ozUmlFdEFxQVlCc2dZa0MdTABFHQwARx0MAEkdDEh1QVlLmgKVASE2QlFUVUFpRWlmOfHQdHV4cElBUW9BREZ4NWV5ZDBZaExRRG9KUmxKQk1UbzFOemMyUUl3dFNWSkpuWUFtSWlKQVUdXQBXHQwAWR0MAGEdDABjHQwQZUFDSkEdEFDYAsnyAeACmLRN6gJLaHR0cHM6Ly9B-PDeLnNlL29tZmF0dGFuZGUtYm90b3hmdXNrLWktc2tvbmhldHN0YXZsaW5nLWZvci1rYW1lbGVyL2EvMEdiTzJN8gIRCgZBRFZfSUQSBzMzNTg5NTjyAhIKBkNQR19JRBIIMTIzNjA5NTTyAhEKBUNQX0lEEgg0Mzk1OTQyOPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAgkKBUlPX0lEEgDyAgsKB0lPX0NPRAUoOBMKD0NVU1RPTV9NT0RFTAGsFADyAhoKFjIWABxMRUFGX05BTQUzCB4KGjYdAAhBU1QBPgxJRklFBWIcDQoIU1BMSVQBTfCQATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQOCAQQBBisAiDgAzAAOAO4BADABADIBADSBA45OTQzI0ZSQTE6NTc3NtoEAggB4AQB8ATGoo5viAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC7gAAADYBQHgBQHqBR4KE3NlLWdlbmVyaWMtc2l0ZW1vZGUSB2Rlc2t0b3DqBR0KDh0hUGdlbxILbm8gbG9jYXRpb27qBSAKGB0gXHZpZXdwb3J0d2lkdGgSBDE2MDDqBRQKEB0jLHN0b3J5EgDqBSEKGR0XETokaGVpZ2h0EgQxMgE7CCAKFh0kSHNkay12ZXJzaW9uEgYwLjQ0LjABwgAUHSMIYXJ0ob4MaWQSBkmdASEyRAAQY3JlZW4yoAAAIDIEAVRhZGZvcm1hdBIJaW5zaWRlcl8x6gVGMsMAHHRvcGljEjJPwjMDEOoFGgoPHa4UcGFnZRIHDbRY6gUYChBhYS1zY2gtcHVibGlzaGVyEgRhoQHFABIdOAhhcHAlpyAIbm90aW5hcHARWQEtDC1zZWMhnDQSB0Vrb25vbWnqBR8KFx0-KQM2aQEAHjKNAUBleHRlcm5hbGlkX3NyYxIBMAFDLrkAUHRhZ3MSDFNhdWRpYXJhYmllbuoFHTKjAEaFAAAZMiAAAfscZ2VuEgNzbXBBDAASDfpAc3VwcGx5X3R5cGUSC3dlYl9ViggZChMNJCBjb3VudHJ5X2NBq2QCc2XwBc7wDvoFBAgAEACQBgCYBgC4BgDBBkHoMAAA8D_QBvUy2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi6BkAAyAf71gXSBw11PQE4CNoHBgknROAHAOoHAggA8Ae66wOKCAIQAA..&s=dc92006a3fc01eaef9e60a36c2243683526a7904&bdref=https%3A%2F%2Fomni.se%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fomni.se%2F,https%3A%2F%2Facdn.adnxs-simple.com%2Fast%2Fsafeframe%2Fstatic%2F0.44.0%2Fhtml%2Fsafeframe-v2.html,https%3A%2F%2Facdn.adnxs-simple.com%2Fast%2Fsafeframe%2Fstatic%2F0.44.0%2Fhtml%2Fsafeframe-v2.html&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/safeframe/static/0.44.0/html/safeframe-v2.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7f9151ef-4ec5-4e25-8a34-32d2dfa9a9e2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame E86D 0
831 B 7ms
7ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLVCuhVBQAAAwDWAAUBCITtx40GEKiQ3bmCwrOwPBiRu9Lq9qHWgmUqNgk4hCo1e6A1PxE4hCo1e6A1PxkAAAECCCRAIREbACkRCfDJMQAAAIDrURhAMMeUpgk4101A101IAlCuuYtJWLbsaWAAaKnDgwF4tdUEgAEBigEDVVNEkgEDU0VLmAHUB6AB8AGoAQawAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6AR1zZS1vbW5pLXdkZS1mcm9udC10b3BwYW5vcmFtYYoCWXVmKCdhJywgMzE5MTkyMiwgMTYzOTA1MjkzMik7dWYoJ2knLCAxMTQ2NTE1LCAxNjM5MDUyOTMyKTt1ZigncicsIDE1MzI3OTY2MjYfAPQXAZIC8QMhUDFYY25namxyc3dORUs2NWkwa1lBQ0MyN0drd0JEZ0FRQVJJMTAxUXg1U21DVmdBWU9FQmFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRSGhoWE9HZFpOb1A4RUJILWs0VzBTdk5UX0pBUjNtSUZac0p2b18yUUZTU1oyQUppSWlRT0FCa18xRjlRRUFBQUFBbUFJQW9BSUF0UUlBQUFBQXZRSUFBQUFBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1CdWdNSlJsSkJNVG8xTnpjMDRBT01MWUFFQUlnRUFKQUVBSmdFQWNFRUFBQUFBQUFBQUFESkJBQUFBQUEFEhgyQVFBOFFRBQwFAVRJZ0ZqaTJwQlZKSm5ZQW1JaUpBc1FVBRsFAQhNRUYFCAUBCERKQh07ADAuKAAETmsuKADwPmdCU0h3QmRhLTFnUDRCZkxvd2dHQ0JnTlRSVXVJQmdDUUJnR1lCZ0NoQnZwLWFyeDBrMmdfcUFZQnNnWWtDUQVtBQEARR1wAEcdDABJHQw4dUFZS5oClQEhbFJTQU9RNvUBcHR1eHBJQVFvQURINmZtcThkSk5vUHpvSlJsSkJNLUUQUUl3dFM9AQBVHV0AVx0MAFkdDABhHQwAYx0MEGVBQ0pBHRBQ2ALJ8gHgApi0TeoCS2h0dHBzOi8vYRn0IAEuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQQCAAQARjUByDwASgAMAA4ArgEAMAEAMgEANIEDjk5NDMjRlJBMTo1Nzc02gQCCAHgBAHwBK65i0mIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG9TLaBhYKEAAAAAAAETtsAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaACABtTC6BkAAyAfj2AXSBw0JATQBAQE4CNoHBgknROAHAOoHAggA8Ae66wOKCAIQAA..&s=1f87a5b5b4e8dff309d9b5dc2df2eabfe0ca910e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=980&bh=240&sid=6705830111612751894&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19499591&sw=1600&sh=1200&pw=980&ph=244&ww=980&wh=240&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c7c70192-703d-47ba-85d0-7727fa08110c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://acdn.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2FB5 0
831 B 7ms
6ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLTCvBDUwUAAAMA1gAFAQiE7ceNBhDQpqqD27TVlXEYkbvS6vah1oJlKjYJOIQqNXugNT8ROIQqNXugNT8ZAAAAIIXrHUAhOIQJGwApESTwyTEAAABA4XqEPzDClKYJONdNQNdNSAJQpLWLSVi27GlgAGilua4BeLrZBYABAYoBA1VTRJIBA1NFS5gBrAKgAeADqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEdc2Utb21uaS13ZGUtYXJ0aWNsZS1pbnNpZGVyXzGKAll1ZignYScsIDMxOTE5MjIsIDE2MzkwNTI5MzIpO3VmKCdpJywgMTE0NjUxNSwgMTYzOTA1MjkzMik7dWYoJ3InLCAxNTMyNzkxNDA2HwD0FwGSAvEDIU9sZXd4UWpscnN3TkVLUzFpMGtZQUNDMjdHa3dCRGdBUUFSSTEwMVF3cFNtQ1ZnQVlPRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVTcUFFRHNBRUF1UUhoaFhPR2RaTm9QOEVCSC1rNFcwU3ZOVF9KQWRuam5HWEhsdlVfMlFGU1NaMkFKaUlpUU9BQmtfMUY5UUVBQUFBQW1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpSbEpCTVRvMU56YzI0QU9NTFlBRUFJZ0VBSkFFQUpnRUFjRUVBQUFBQUFBQUFBREpCQUFBQUFBBRIYMkFRQThRUQUMBQFUSWdGa0MycEJWSkpuWUFtSWlKQXNRVQUbBQEITUVGBQgFAQhESkIdOwAwLigABE5rLigA8D5nQlNId0JkYS0xZ1A0QmZMb3dnR0NCZ05UUlV1SUJnQ1FCZ0dZQmdDaEJ2cC1hcngwazJnX3FBWUJzZ1lrQ1EFbQUBAEUdcABHHQwASR0MOHVBWUuaApUBIWlSU0tOQTb1AXB0dXhwSUFRb0FESDZmbXE4ZEpOb1B6b0pSbEpCTS1FEFFJd3RTPQEAVR1dAFcdDABZHQwAYR0MAGMdDBBlQUNKQR0QUNgCyfIB4AKYtE3qAktodHRwczovL2EZ8Lwuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQOCAQQBBisAiDgAzAAOAO4BADABADIBADSBA45OTQzI0ZSQTE6NTc3NtoEAggB4AQB8ASBJSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab1MtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4ugZAAMgH-9YF0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHuusDiggCEAA.&s=28d04d14a870004dcffc1a4b9dbfabc8029bc214&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=480&sid=6705830111612751894&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19499586&sw=1600&sh=1200&pw=300&ph=484&ww=300&wh=480&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5a4f3f0b-cdc5-4749-bf45-039951bf20a7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://acdn.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame 3060 82 B
351 B 131ms
11ms Script
application/javascript 5.9.119.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h361.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Thu, 09 Dec 2021 12:28:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s372.meetrics.net/bb-mxad/ Frame 3060 0
208 B 107ms
10ms Script
application/octet-stream 5.9.82.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.meetrics.net/bb-mxad/gettag
Requested by: Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.82.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h524.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b137.s372.meetrics.net/bb-mx/ Frame 3060 43 B
291 B 104ms
12ms Image
image/gif 136.243.2.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b137.s372.meetrics.net/bb-mx/submit?/kHPfBdAAA/whFQBo0F0wFz6BvvAhjFkuFuhEkuF4zFtzEptFwsFluBjvFtvBhzF0vBzhFmlFmyFhtFlvBz0Fh0FpjFvwAu0A0uAwvAo0FtsFvzEhmFlmFyhFtlFt2EyuAo0FtsFvpyFo0F0wFz6BvvAvtFupFuzElvB+k2FoywAyxAtxAxtAyzAtxAw6Ay3At5A5zA01AxtAyuAxyAzuAxtA5xAx1A33AixBKp6Fsp3Fx2Az5Aw1Ay5AzyAzwA0BEjwtFuvFulFnqnFluFtVETsBluFLlnFB/k0FZCxgAwqFpkF95A5zA01AxmAjwFpkF9yA41Ax0Ax0A5mAzpF0lF91Ax5A13A50AmwEshFjlF9xA50A55A15AxmAjpFk9Bx1AzyA35A22AymAhkFj9Bx0AwzA2wA3mAhkF29BzxA5xA5yAymAhwFh9BxxA02A1xA1mAhwFi9B33Aw4A1wAymAhwFj9B55A0zAmzEp6Fl9B54Aw4Ey0AwmAjiF9xA5wA51AwzA05A1BEL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF50Ag3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5B0BEUkzFpBFAAAAAAUPwDwDAPAAAAAAAAAOAAAAGCAAAAAUPwDwDABPBAAAAAAAABqxmAZWAAFAw8Ez8ExBEGAx1A44Ay2ArWd2APAAAFAAqxmTWd2ASksF3DhAAAAAAAAAAAAEAAAqxmAAAAAAAIAy4A1xA0xA05AIAx5A05A51A5xAHA1xA51A35A0BEHA54Aw4Ey0AwBEJAx1AzyA35A22AyBEHAx0AwzA2wA3BEAAAAHAzxA5xA5yAyBEHAxxA02A1xA1BEHA33Aw4A1wAyBEEA55A0zAdAAAAAAUPAwDAFAAAWd2AAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFG9EiVA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h525.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H/1.1 200
OK data
b137.s372.meetrics.net/ Frame 3060 43 B
308 B 103ms
11ms Image
image/gif 136.243.2.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b137.s372.meetrics.net/data?/kHPfCeAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjF5gVNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h525.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 09-Dec-21 12:28:52 GMT

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame EDF2 82 B
351 B 87ms
10ms Script
application/javascript 5.9.119.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h361.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Thu, 09 Dec 2021 12:28:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s372.meetrics.net/bb-mxad/ Frame EDF2 0
208 B 67ms
11ms Script
application/octet-stream 5.9.82.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s372.meetrics.net/bb-mxad/gettag
Requested by: Host: s372.mxcdn.net
URL: https://s372.mxcdn.net/bb-mx/serve/mtrcs_993451.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.82.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h524.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:28:53 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b151.s372.meetrics.net/bb-mx/ Frame EDF2 43 B
291 B 64ms
12ms Image
image/gif 136.243.33.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b151.s372.meetrics.net/bb-mx/submit?/5VUYBbAAA/whFQBo0F0wFz6BvvAhjFkuFuhEkuF4zFtzEptFwsFluBjvFtvBhzF0vBzhFmlFmyFhtFlvBz0Fh0FpjFvwAu0A0uAwvAo0FtsFvzEhmFlmFyhFtlFt2EyuAo0FtsFvpyFo0F0wFz6BvvAvtFupFuzElvB+k2FoywAyxAtxAxtAyzAtxAw6Ay3At5A5zA01AxtAyuAxyAzuAxtA5xAx1A33AixBKp6Fsp3Fx2Az5Aw1Ay5AzyAzzA2BEjwtFuvFulFnqnFluFtVETsBluFLlnFB/k0FYCxgAwqFpkF95A5zA01AxmAjwFpkF9yA41Ax0Ax0A5mAzpF0lF91Ax5A13A50AmwEshFjlF9xA50A55A14A2mAjpFk9Bx1AzyA35Ax0AwmAhkFj9Bx0AwzA2wA3mAhkF29BzxA5xA5yAymAhwFh9BxxA02A1xA1mAhwFi9B33Aw4A1wAymAhwFj9B55A0zAmzEp6Fl9BzwAw4E04AwmAjiF94Ay2A3wA03A25AL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF50Ag3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5B0BEUkzFpBFAAAAAAsEgHgHAPAAAAAAAAAOAAAAGCAAAAAsEgHgHABPBAAAAAAAABMvLAZVAAFAw8Ez8ExBEFA04Aw3A2BErWd2APAAAFAAMvLTWd2ASksF6DhAAAAAAAAAAAAEAAAMvLAAAAAAAIAy4A1xA0xA05AIAx5A05A51A42AHA1xA51A35A0BEHAzwAw4E04AwBEJAx1AzyA35Ax0AwBEHAx0AwzA2wA3BEAAAAHAzxA5xA5yAyBEHAxxA02A1xA1BEHA33Aw4A1wAyBEEA55A0zAdAAAAAAsEAgHAFAAAWd2AAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFcbWhVA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h377.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Thu, 09 Dec 2021 12:28:52 GMT

GET
H/1.1 200
OK data
b151.s372.meetrics.net/ Frame EDF2 43 B
308 B 76ms
11ms Image
image/gif 136.243.33.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b151.s372.meetrics.net/data?/5VUYCcAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjF8eVNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h377.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 09-Dec-21 12:28:52 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame E86D 90 KB
39 KB 20ms
20ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a94a27bdc5c56617489606128eb2ad6653a20ab180981cbb40a237a3b1a94f0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 10 Dec 2021 16:13:16 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 2FB5 90 KB
39 KB 26ms
26ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a94a27bdc5c56617489606128eb2ad6653a20ab180981cbb40a237a3b1a94f0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 10 Dec 2021 16:13:16 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame E86D 35 B
464 B 18ms
17ms Ping
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=9742422&csi=oKTyKxP9o99DAPcexukRSwytnjfPyMYCWN6maFcFxf_rygPkIxxfkyBv8jVMuSwMJkFmxxLaP-eTPNkVhqAozN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://acdn.adnxs-simple.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame 2FB5 35 B
473 B 17ms
17ms Ping
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=9741260&csi=MDI5Bf70CjRbH-RIMPZ9EDQkqutpvOtsDiUpTI6HOkLrygPkIxxfk1atn7hGWqF7LgYZ37XTA0he4YRoZ-ky-N6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://acdn.adnxs-simple.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame E86D 0
831 B 7ms
6ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLVCuhVBQAAAwDWAAUBCITtx40GEKiQ3bmCwrOwPBiRu9Lq9qHWgmUqNgk4hCo1e6A1PxE4hCo1e6A1PxkAAAECCCRAIREbACkRCfDJMQAAAIDrURhAMMeUpgk4101A101IAlCuuYtJWLbsaWAAaKnDgwF4tdUEgAEBigEDVVNEkgEDU0VLmAHUB6AB8AGoAQawAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6AR1zZS1vbW5pLXdkZS1mcm9udC10b3BwYW5vcmFtYYoCWXVmKCdhJywgMzE5MTkyMiwgMTYzOTA1MjkzMik7dWYoJ2knLCAxMTQ2NTE1LCAxNjM5MDUyOTMyKTt1ZigncicsIDE1MzI3OTY2MjYfAPQXAZIC8QMhUDFYY25namxyc3dORUs2NWkwa1lBQ0MyN0drd0JEZ0FRQVJJMTAxUXg1U21DVmdBWU9FQmFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRSGhoWE9HZFpOb1A4RUJILWs0VzBTdk5UX0pBUjNtSUZac0p2b18yUUZTU1oyQUppSWlRT0FCa18xRjlRRUFBQUFBbUFJQW9BSUF0UUlBQUFBQXZRSUFBQUFBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1CdWdNSlJsSkJNVG8xTnpjMDRBT01MWUFFQUlnRUFKQUVBSmdFQWNFRUFBQUFBQUFBQUFESkJBQUFBQUEFEhgyQVFBOFFRBQwFAVRJZ0ZqaTJwQlZKSm5ZQW1JaUpBc1FVBRsFAQhNRUYFCAUBCERKQh07ADAuKAAETmsuKADwPmdCU0h3QmRhLTFnUDRCZkxvd2dHQ0JnTlRSVXVJQmdDUUJnR1lCZ0NoQnZwLWFyeDBrMmdfcUFZQnNnWWtDUQVtBQEARR1wAEcdDABJHQw4dUFZS5oClQEhbFJTQU9RNvUBcHR1eHBJQVFvQURINmZtcThkSk5vUHpvSlJsSkJNLUUQUUl3dFM9AQBVHV0AVx0MAFkdDABhHQwAYx0MEGVBQ0pBHRBQ2ALJ8gHgApi0TeoCS2h0dHBzOi8vYRn0IAEuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQQCAAQARjUByDwASgAMAA4ArgEAMAEAMgEANIEDjk5NDMjRlJBMTo1Nzc02gQCCAHgBAHwBK65i0mIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG9TLaBhYKEAAAAAAAETtsAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaACABtTC6BkAAyAfj2AXSBw0JATQBAQE4CNoHBgknROAHAOoHAggA8Ae66wOKCAIQAA..&s=1f87a5b5b4e8dff309d9b5dc2df2eabfe0ca910e&type=nv&nvt=13&jm=1003|1018|1008&px=0&py=0&bw=980&bh=240&sf=1&sid=6705830111612751894&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19499591&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0a980a68-ffe5-4714-a2fe-aebbce21dd8b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://acdn.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 9631052.js Show response
s1.adform.net/Banners/Elements/Files/21219/9631052/ Frame FDF6 2 KB
1001 B 17ms
16ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9631052/9631052.js?ADFassetID=9631052&bv=257

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0189b0328dfc323d3728755eec67ca2be96306e7071aef6a95fad73fd46f2abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:45:48 GMT
server: nginx
etag: W/"6091500c-6ca"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2FB5 0
831 B 18ms
17ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLTCvBDUwUAAAMA1gAFAQiE7ceNBhDQpqqD27TVlXEYkbvS6vah1oJlKjYJOIQqNXugNT8ROIQqNXugNT8ZAAAAIIXrHUAhOIQJGwApESTwyTEAAABA4XqEPzDClKYJONdNQNdNSAJQpLWLSVi27GlgAGilua4BeLrZBYABAYoBA1VTRJIBA1NFS5gBrAKgAeADqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEdc2Utb21uaS13ZGUtYXJ0aWNsZS1pbnNpZGVyXzGKAll1ZignYScsIDMxOTE5MjIsIDE2MzkwNTI5MzIpO3VmKCdpJywgMTE0NjUxNSwgMTYzOTA1MjkzMik7dWYoJ3InLCAxNTMyNzkxNDA2HwD0FwGSAvEDIU9sZXd4UWpscnN3TkVLUzFpMGtZQUNDMjdHa3dCRGdBUUFSSTEwMVF3cFNtQ1ZnQVlPRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVTcUFFRHNBRUF1UUhoaFhPR2RaTm9QOEVCSC1rNFcwU3ZOVF9KQWRuam5HWEhsdlVfMlFGU1NaMkFKaUlpUU9BQmtfMUY5UUVBQUFBQW1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpSbEpCTVRvMU56YzI0QU9NTFlBRUFJZ0VBSkFFQUpnRUFjRUVBQUFBQUFBQUFBREpCQUFBQUFBBRIYMkFRQThRUQUMBQFUSWdGa0MycEJWSkpuWUFtSWlKQXNRVQUbBQEITUVGBQgFAQhESkIdOwAwLigABE5rLigA8D5nQlNId0JkYS0xZ1A0QmZMb3dnR0NCZ05UUlV1SUJnQ1FCZ0dZQmdDaEJ2cC1hcngwazJnX3FBWUJzZ1lrQ1EFbQUBAEUdcABHHQwASR0MOHVBWUuaApUBIWlSU0tOQTb1AXB0dXhwSUFRb0FESDZmbXE4ZEpOb1B6b0pSbEpCTS1FEFFJd3RTPQEAVR1dAFcdDABZHQwAYR0MAGMdDBBlQUNKQR0QUNgCyfIB4AKYtE3qAktodHRwczovL2EZ8Lwuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQOCAQQBBisAiDgAzAAOAO4BADABADIBADSBA45OTQzI0ZSQTE6NTc3NtoEAggB4AQB8ASBJSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab1MtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4ugZAAMgH-9YF0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHuusDiggCEAA.&s=28d04d14a870004dcffc1a4b9dbfabc8029bc214&type=nv&nvt=13&jm=1003|1018|1008&px=0&py=0&bw=300&bh=480&sf=1&sid=6705830111612751894&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19499586&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f06b7bf7-feda-43c2-a626-7705ca6a297d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://acdn.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 9630955.js Show response
s1.adform.net/Banners/Elements/Files/21219/9630955/ Frame 49E0 2 KB
981 B 16ms
16ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9630955/9630955.js?ADFassetID=9630955&bv=257

Requested by

Host: omni.se
URL: https://omni.se/omfattande-botoxfusk-i-skonhetstavling-for-kameler/a/0GbO2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d4a444082c5e6a2d040cdaa541ab4dcc5039b63fd232092cf48fe7b0d0cd3e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:38:33 GMT
server: nginx
etag: W/"60914e59-660"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 style.css
s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/ Frame FDF6 6 KB
1 KB 17ms
16ms Stylesheet
text/css 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/style.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

daf3d5d9a7cc42e8830c90b42e651d6ed01abb558a0ffe83ac306072836a7b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:45:48 GMT
server: nginx
etag: W/"6091500c-18d3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame FDF6 30 KB
13 KB 17ms
17ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/ Frame FDF6 17 KB
17 KB 18ms
17ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

62475bcd0adc5809538944ae5420363e81d1b95da80d1334e11314015b0f8684

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
last-modified: Tue, 04 May 2021 13:45:48 GMT
server: nginx
etag: "6091500c-43a5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 17317

GET
H2 200 style.css
s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/ Frame 49E0 6 KB
1 KB 17ms
16ms Stylesheet
text/css 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/style.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c5fd0e9e2216a99051fa09d7125647f1ebf146e9f42653a9081a7b1b6f830ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:38:31 GMT
server: nginx
etag: W/"60914e57-1865"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 49E0 30 KB
13 KB 18ms
17ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/ Frame 49E0 18 KB
18 KB 19ms
18ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

721cbe685a08d8a53f360bb3f790847bfca4584d79bc5abb7a21722acd6114ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
last-modified: Tue, 04 May 2021 13:38:35 GMT
server: nginx
etag: "60914e5b-4736"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 18230

GET
H2 200 css
fonts.googleapis.com/ Frame FDF6 1 KB
914 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:400,700&display=swap

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b2325432f2cb9eab42e89bd3be5a1f15a9f805a6bebbdd0e06280410d9bbfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 12:12:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 12:28:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 12:28:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 49E0 1 KB
485 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:400,700&display=swap

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b2325432f2cb9eab42e89bd3be5a1f15a9f805a6bebbdd0e06280410d9bbfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 12:26:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 12:28:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 12:28:53 GMT

GET
H/1.1 200
OK data
b137.s372.meetrics.net/ Frame 3060 43 B
308 B 12ms
12ms Image
image/gif 136.243.2.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b137.s372.meetrics.net/data?/kHPfDpDAAurvFo0F0wFz6BvvAvtFupFuzElBFLruFBLkqFFlqwF55Az0A1xALl1FDLkqFK0kyB55Az0A1xA6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az5Aw1Ay5AzyAzwA06E0iExzAtkFyjE1BFL2vFB/k0FZCxgAwqFpkF95A5zA01AxmAjwFpkF9yA41Ax0Ax0A5mAzpF0lF91Ax5A13A50AmwEshFjlF9xA50A55A15AxmAjpFk9Bx1AzyA35A22AymAhkFj9Bx0AwzA2wA3mAhkF29BzxA5xA5yAymAhwFh9BxxA02A1xA1mAhwFi9B33Aw4A1wAymAhwFj9B55A0zAmzEp6Fl9B54Aw4Ey0AwmAjiF9xA5wA51AwzA05A1BEOprFriyDOqwFriyDlqwF55Az0A1xALkmFBUkzFwBPLAAAZAwSAcAAAAQqAAAAAAAAYAAAARBAQAAAAAAAAAXAAAARBAPXCAAAAAAAzWd2AZAAAFAx8Ez8EyBEGAx1A44Ay2ArbS3APAAAFAAqxmTbS3ASksFMBdAAAAAAUPAwDAFAAAbS3AAAOAqhF2hFzjFypFw0F6nAn7ACACCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFLXLHTA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h525.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 09-Dec-21 12:28:52 GMT

GET
H2 200 bg.jpg
s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/ Frame FDF6 72 KB
73 KB 19ms
18ms Image
image/jpeg 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/bg.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c6defeeb05ac6aa9d94aa287bc02e76a8f18e384ad685d2155940a8a3471a758

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.adform.net/Banners/Elements/Files/21219/9631052/bvpath_257/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
last-modified: Tue, 04 May 2021 13:45:48 GMT
server: nginx
etag: "6091500c-1211b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 74011

GET
H2 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ Frame FDF6 18 KB
18 KB 37ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acdn.adnxs-simple.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 18:13:39 GMT
x-content-type-options: nosniff
age: 152114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18244
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 18:13:39 GMT

GET
H2 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v6/ Frame FDF6 18 KB
18 KB 44ms
15ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acdn.adnxs-simple.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 20:10:40 GMT
x-content-type-options: nosniff
age: 58693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18076
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 20:10:40 GMT

GET
H2 200 bg.jpg
s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/ Frame 49E0 59 KB
59 KB 20ms
18ms Image
image/jpeg 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/bg.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0cb84ea293ff05f2cf59cb096c34b43df4d154429611799973a56a8fc9cb8fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.adform.net/Banners/Elements/Files/21219/9630955/bvpath_257/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:28:53 GMT
last-modified: Tue, 04 May 2021 13:38:35 GMT
server: nginx
etag: "60914e5b-ebd3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 60371

GET
H2 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v6/ Frame 49E0 18 KB
18 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acdn.adnxs-simple.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 20:10:40 GMT
x-content-type-options: nosniff
age: 58693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18076
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 20:10:40 GMT

GET
H2 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ Frame 49E0 18 KB
18 KB 31ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acdn.adnxs-simple.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 18:13:39 GMT
x-content-type-options: nosniff
age: 152114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18244
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 18:13:39 GMT

GET
H/1.1 200
OK data
b151.s372.meetrics.net/ Frame EDF2 43 B
308 B 12ms
11ms Image
image/gif 136.243.33.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b151.s372.meetrics.net/data?/5VUYDlDAAurvFo0F0wFz6BvvAvtFupFuzElBFLruFBLkqFFlqwF55Az0A1xALl1FDLkqFK0kyB55Az0A1xA6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az5Aw1Ay5AzyAzzA2zAypF23AxyFz1EzBFL2vFB/k0FYCxgAwqFpkF95A5zA01AxmAjwFpkF9yA41Ax0Ax0A5mAzpF0lF91Ax5A13A50AmwEshFjlF9xA50A55A14A2mAjpFk9Bx1AzyA35Ax0AwmAhkFj9Bx0AwzA2wA3mAhkF29BzxA5xA5yAymAhwFh9BxxA02A1xA1mAhwFi9B33Aw4A1wAymAhwFj9B55A0zAmzEp6Fl9BzwAw4E04AwmAjiF94Ay2A3wA03A25AOprFriyDOqwFriyDlqwF55Az0A1xALkmFBUkzFwBPNAAAZAwSAcAAAAQTAAAAAAAAYAAAA6AAQAAAAAAAAAXAAAA6AAPrCAAAAAAAzWd2AZAAAFAx8Ez8EyBEFA04Aw3A2BErbS3APAAAFAAMvLTbS3ASksFPBdAAAAAAsEAgHAFAAAbS3AAAOAqhF2hFzjFypFw0F6nAn7ADAJOFUBFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFlw1GTA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h377.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:53 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 09-Dec-21 12:28:52 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 29 B
854 B 32ms
31ms Fetch
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: sdk.pulse.schibsted.com
URL: https://sdk.pulse.schibsted.com/pulse.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bafb3266ec565f7f390c3d20b57f3b343288f23c21425a8f04521c0bfec2e7c8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://omni.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:54 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7c74a0d9-cd4d-4dbd-ab55-39c387a27816
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://omni.se
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 29
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 identify Show response
cis.schibsted.com/api/v1/ 896 B
1 KB 28ms
28ms Fetch
application/json 13.49.191.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cis.schibsted.com/api/v1/identify

Requested by

Host: sdk.pulse.schibsted.com
URL: https://sdk.pulse.schibsted.com/pulse.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.49.191.63 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-49-191-63.eu-north-1.compute.amazonaws.com

Software

Finatra /

Resource Hash

92936f2df2ed40d800c20218208dac948ae5216b0db219f5a7f34b6b5fc4fe83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://omni.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Thu, 09 Dec 2021 12:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Finatra
x-frame-options: DENY
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omni.se
access-control-max-age: 86400
cache-control: private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'none'
access-control-allow-headers: X-Requested-With,content-type,content-length
content-length: 670

OPTIONS
H2 200 identify
cis.schibsted.com/api/v1/ Frame 0
0 28ms
27ms Preflight
application/json 13.49.191.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cis.schibsted.com/api/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.49.191.63 Stockholm, Sweden, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-49-191-63.eu-north-1.compute.amazonaws.com

Software

Finatra /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://omni.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 12:28:54 GMT
content-type: application/json; charset=utf-8
content-length: 28
server: Finatra
cache-control: private, no-cache, proxy-revalidate, max-age=0
x-frame-options: DENY
access-control-max-age: 86400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
access-control-allow-origin: https://omni.se
access-control-allow-headers: X-Requested-With,content-type,content-length
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
content-encoding: gzip

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame E86D 0
831 B 101ms
101ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLVCuhVBQAAAwDWAAUBCITtx40GEKiQ3bmCwrOwPBiRu9Lq9qHWgmUqNgk4hCo1e6A1PxE4hCo1e6A1PxkAAAECCCRAIREbACkRCfDJMQAAAIDrURhAMMeUpgk4101A101IAlCuuYtJWLbsaWAAaKnDgwF4tdUEgAEBigEDVVNEkgEDU0VLmAHUB6AB8AGoAQawAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6AR1zZS1vbW5pLXdkZS1mcm9udC10b3BwYW5vcmFtYYoCWXVmKCdhJywgMzE5MTkyMiwgMTYzOTA1MjkzMik7dWYoJ2knLCAxMTQ2NTE1LCAxNjM5MDUyOTMyKTt1ZigncicsIDE1MzI3OTY2MjYfAPQXAZIC8QMhUDFYY25namxyc3dORUs2NWkwa1lBQ0MyN0drd0JEZ0FRQVJJMTAxUXg1U21DVmdBWU9FQmFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRSGhoWE9HZFpOb1A4RUJILWs0VzBTdk5UX0pBUjNtSUZac0p2b18yUUZTU1oyQUppSWlRT0FCa18xRjlRRUFBQUFBbUFJQW9BSUF0UUlBQUFBQXZRSUFBQUFBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1CdWdNSlJsSkJNVG8xTnpjMDRBT01MWUFFQUlnRUFKQUVBSmdFQWNFRUFBQUFBQUFBQUFESkJBQUFBQUEFEhgyQVFBOFFRBQwFAVRJZ0ZqaTJwQlZKSm5ZQW1JaUpBc1FVBRsFAQhNRUYFCAUBCERKQh07ADAuKAAETmsuKADwPmdCU0h3QmRhLTFnUDRCZkxvd2dHQ0JnTlRSVXVJQmdDUUJnR1lCZ0NoQnZwLWFyeDBrMmdfcUFZQnNnWWtDUQVtBQEARR1wAEcdDABJHQw4dUFZS5oClQEhbFJTQU9RNvUBcHR1eHBJQVFvQURINmZtcThkSk5vUHpvSlJsSkJNLUUQUUl3dFM9AQBVHV0AVx0MAFkdDABhHQwAYx0MEGVBQ0pBHRBQ2ALJ8gHgApi0TeoCS2h0dHBzOi8vYRn0IAEuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQQCAAQARjUByDwASgAMAA4ArgEAMAEAMgEANIEDjk5NDMjRlJBMTo1Nzc02gQCCAHgBAHwBK65i0mIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG9TLaBhYKEAAAAAAAETtsAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaACABtTC6BkAAyAfj2AXSBw0JATQBAQE4CNoHBgknROAHAOoHAggA8Ae66wOKCAIQAA..&s=1f87a5b5b4e8dff309d9b5dc2df2eabfe0ca910e&type=pv&jm=1003|1018|1008&px=0&py=0&bw=980&bh=240&sf=1&sid=6705830111612751894&vd=ct~0|rr~5&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19499591&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:54 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d7665bc9-de7c-40b9-8426-4249325dc557
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://acdn.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2FB5 0
831 B 30ms
30ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fomni.se%2Fomfattande-botoxfusk-i-skonhetstavling-for-kameler%2Fa%2F0GbO2M&e=wqT_3QLTCvBDUwUAAAMA1gAFAQiE7ceNBhDQpqqD27TVlXEYkbvS6vah1oJlKjYJOIQqNXugNT8ROIQqNXugNT8ZAAAAIIXrHUAhOIQJGwApESTwyTEAAABA4XqEPzDClKYJONdNQNdNSAJQpLWLSVi27GlgAGilua4BeLrZBYABAYoBA1VTRJIBA1NFS5gBrAKgAeADqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEdc2Utb21uaS13ZGUtYXJ0aWNsZS1pbnNpZGVyXzGKAll1ZignYScsIDMxOTE5MjIsIDE2MzkwNTI5MzIpO3VmKCdpJywgMTE0NjUxNSwgMTYzOTA1MjkzMik7dWYoJ3InLCAxNTMyNzkxNDA2HwD0FwGSAvEDIU9sZXd4UWpscnN3TkVLUzFpMGtZQUNDMjdHa3dCRGdBUUFSSTEwMVF3cFNtQ1ZnQVlPRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVTcUFFRHNBRUF1UUhoaFhPR2RaTm9QOEVCSC1rNFcwU3ZOVF9KQWRuam5HWEhsdlVfMlFGU1NaMkFKaUlpUU9BQmtfMUY5UUVBQUFBQW1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpSbEpCTVRvMU56YzI0QU9NTFlBRUFJZ0VBSkFFQUpnRUFjRUVBQUFBQUFBQUFBREpCQUFBQUFBBRIYMkFRQThRUQUMBQFUSWdGa0MycEJWSkpuWUFtSWlKQXNRVQUbBQEITUVGBQgFAQhESkIdOwAwLigABE5rLigA8D5nQlNId0JkYS0xZ1A0QmZMb3dnR0NCZ05UUlV1SUJnQ1FCZ0dZQmdDaEJ2cC1hcngwazJnX3FBWUJzZ1lrQ1EFbQUBAEUdcABHHQwASR0MOHVBWUuaApUBIWlSU0tOQTb1AXB0dXhwSUFRb0FESDZmbXE4ZEpOb1B6b0pSbEpCTS1FEFFJd3RTPQEAVR1dAFcdDABZHQwAYR0MAGMdDBBlQUNKQR0QUNgCyfIB4AKYtE3qAktodHRwczovL2EZ8Lwuc2Uvb21mYXR0YW5kZS1ib3RveGZ1c2staS1za29uaGV0c3RhdmxpbmctZm9yLWthbWVsZXIvYS8wR2JPMk2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AO0n1DgAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA05MS4xOTkuMTE4Ljc1qAQAsgQOCAQQBBisAiDgAzAAOAO4BADABADIBADSBA45OTQzI0ZSQTE6NTc3NtoEAggB4AQB8ASBJSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWiugT6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab1MtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4ugZAAMgH-9YF0gcNFXYBOAjaBwYJJ0TgBwDqBwIIAPAHuusDiggCEAA.&s=28d04d14a870004dcffc1a4b9dbfabc8029bc214&type=pv&jm=1003|1018|1008&px=0&py=0&bw=300&bh=480&sf=1&sid=6705830111612751894&vd=ct~0|rr~5&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19499586&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:54 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cda30d63-848a-4988-814b-b3a4c1ff619c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://acdn.adnxs-simple.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK data
b137.s372.meetrics.net/ Frame 3060 43 B
308 B 12ms
11ms Image
image/gif 136.243.2.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b137.s372.meetrics.net/data?/kHPfE7XAATkzFARksFAQtjFRtJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h525.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 09-Dec-21 12:28:54 GMT

GET
H/1.1 200
OK data
b151.s372.meetrics.net/ Frame EDF2 43 B
308 B 11ms
11ms Image
image/gif 136.243.33.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b151.s372.meetrics.net/data?/5VUYE4XAATkzFARksFAQtjFNrJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h377.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 12:28:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 09-Dec-21 12:28:54 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame E86D 35 B
473 B 17ms
17ms Ping
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=762198104873940338@@9742422,4782141662074161959,100|1200|0|0|0|0|0|0|0||147|1|||||1|0|0|v8u4VklQtiJcPlakbYq96ceacxzjIYm3bZSluMr9_1-xqZVCjT5GSIm3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://acdn.adnxs-simple.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2FB5 35 B
473 B 19ms
19ms Ping
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5149074050161443800@@9741260,7180652508233311536,100|1200|0|0|0|0|0|0|0||90|1|||||1|0|0|PPA9CvIk6NBcPlakbYq96cKOFChY-4tarsFMPaJ1OoZlU6Y6Y49Y-Im3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acdn.adnxs-simple.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 12:28:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://acdn.adnxs-simple.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: omni-ad-blocket.herokuapp.com
URL: https://omni-ad-blocket.herokuapp.com/ads?category=ekonomi

Domain: omni-content.omni.news
URL: https://omni-content.omni.news/topics?offset=0&limit=5&sort=current

Domain: omni-content.omni.news
URL: https://omni-content.omni.news/topics?offset=0&limit=5&sort=popular

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-20 01:27:08	Name: uuid2 Value: 7279322295507918225
.adnxs.com/	1970-01-20 01:27:08	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HaR].-%l!1yIE'Yg-$0y=/d!!')c$Qb>_
.omni.se/	1970-01-20 16:05:32	Name: __couid Value: 94e1882e-1af1-4ae4-965f-c9671bde1aae
.omni.se/	1970-01-20 16:48:44	Name: _ga Value: GA1.2.1864928921.1639052932
.omni.se/	1970-01-19 23:18:59	Name: _gid Value: GA1.2.1103065839.1639052932
.omni.se/	1970-01-19 23:17:32	Name: _gat_gtag_UA_60888687_5 Value: 1
omni.se/	1970-01-20 00:00:44	Name: _sp_v1_data Value: 2:340161:1639052931:0:1:0:1:0:0:_:-1
omni.se/	1970-01-20 00:00:44	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKrq6N1YlRSgWx80pzcoDsErBEdW2tUiwAYENeHCgAAAA%3D
omni.se/	1970-01-20 00:00:44	Name: _sp_v1_opt Value: 1:
omni.se/	1970-01-20 00:00:44	Name: _sp_v1_csv Value: null
omni.se/	1970-01-20 00:00:44	Name: _sp_v1_lt Value: 1:
omni.se/	1970-01-20 00:00:44	Name: _sp_v1_uid Value: 1:12:2df0b191-a35d-45f4-b8ba-b783cb72ab77
omni.se/	1970-01-20 00:00:44	Name: _sp_v1_freqcap Value: 0!Grz21FTfGofovXGdzHwz5z5gxiR_Qy44ZRZ5_kCw2ifotXfDeWk4nf-s3j8f43H-OL61ftiT5nd9RNneK2ilODk-cE9wIEF4vf8Htl8Sbwg=
.omni.se/	1970-01-20 08:03:08	Name: consentUUID Value: 23a85ca6-0054-47e3-a720-d6f90ffc4c5a
.omni.se/	1970-01-19 23:18:59	Name: __codnp Value:
.adnxs.com/	1970-01-20 01:27:08	Name: icu Value: ChgI19VVEAoYASABKAEwhO3HjQY4AUABSAEQhO3HjQYYAA..
.omni.se/	1970-01-20 08:03:08	Name: cis-jwe Value: eyJpc3N1ZWRBdCI6IjIwMjEtMTItMDlUMTI6Mjg6NTJaIiwiZW5jIjoiQTEyOENCQy1IUzI1NiIsImFsZyI6ImRpciIsImtpZCI6IjIifQ..XOHrE89sRULzWj7IE7Hm_g.ubNR1Q1rejXLHWGROkK5R8TjKbs3S3OSi6WkCV-ycu5Mhhpbtbzlez2dWp5jvPWYAded-baQaSWJD2BePpOim2YRWaaeNKMo6fmSEioxiMqQxcfROp3mP_EeghDRu5Fh24J3riOcx7SHlG7zQ0icPg43QBhWjjxCNtBwJBBIZFY2GTxDrMt2f57NyD_rjJjSThgwZWLT45A1T0qqv5RWXw.7AAleyM0dsi6qOcBUQ6haQ
.omni.se/	1970-01-19 23:17:34	Name: _pulsesession Value: %5B%22sdrn%3Aschibsted%3Asession%3Ab68b8a99-279e-4a3c-9e69-34b7c0cb6111%22%2C1639052932362%2C1639052932362%5D
.doubleclick.net/	1970-01-20 08:39:08	Name: IDE Value: AHWqTUlmsXJOVutzALbz6rdoDzKsRpbgtk5pZHf9Px3MYzF3GLyofJ83Wksxk7VJEVo
.adform.net/	1970-01-20 00:02:11	Name: C Value: 1
.adform.net/	1970-01-20 00:43:56	Name: uid Value: 5149074050161443800
.adform.net/	1970-01-19 23:27:37	Name: TPC Value: 1639052933570
.schibsted.com/	1970-01-20 08:03:08	Name: cis-jwe Value: eyJpc3N1ZWRBdCI6IjIwMjEtMTItMDlUMTI6Mjg6NTJaIiwiZW5jIjoiQTEyOENCQy1IUzI1NiIsImFsZyI6ImRpciIsImtpZCI6IjIifQ..AzHRIQjkFuPOEhq9eaJtBQ.33PxSUrg2-hJnDvi-ZcJtlon5CKz5lUXiOLYjOjjj23AlGvuctPn4P0B4i8_4FX4FIwCpxlYUMBFq0_WlwHYLLCGwBiJ22crPrDGhtG8Wwef4OymGZHlZVUzX_levInyoH9FCUMiOUZz5kShXimehMIo5sRFPe2MUl3PKgZ81WbIRwRDSzoIBcBWljGEeGaOI03weWigQIt_b8Ij2KwXsUwyx8ygNh29td54Vttiuwk.DNDJGcZFvEjQaorcBdjHIw
.omni.se/	1970-01-20 16:48:44	Name: _pulse2data Value: baee1c09-02a3-4842-b49d-fbf1f2193655%2Cv%2C%2C1639053834455%2CeyJpc3N1ZWRBdCI6IjIwMjEtMTItMDlUMTI6Mjg6NTJaIiwiZW5jIjoiQTEyOENCQy1IUzI1NiIsImFsZyI6ImRpciIsImtpZCI6IjIifQ..AzHRIQjkFuPOEhq9eaJtBQ.33PxSUrg2-hJnDvi-ZcJtlon5CKz5lUXiOLYjOjjj23AlGvuctPn4P0B4i8_4FX4FIwCpxlYUMBFq0_WlwHYLLCGwBiJ22crPrDGhtG8Wwef4OymGZHlZVUzX_levInyoH9FCUMiOUZz5kShXimehMIo5sRFPe2MUl3PKgZ81WbIRwRDSzoIBcBWljGEeGaOI03weWigQIt_b8Ij2KwXsUwyx8ygNh29td54Vttiuwk.DNDJGcZFvEjQaorcBdjHIw%2C7279322295507918225%2C1639067334455%2Ctrue%2C%2CeyJraWQiOiIyIiwiYWxnIjoiSFMyNTYifQ..TCs5eyieD_BunNnIsUNO4jy41U1oJY9-JgGitdweB44

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://settings.omni.se/all Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://settings.omni.se/spid/me Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://settings.omni.se/exchange-token Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://id.omni.se/session?client_sdrn=sdrn%3Aschibsted.com%3Aclient%3A52454d279eaf7ced5d000000&redirect_uri=https%3A%2F%2Fsettings.omni.se%2Fsessions Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://jobb.blocket.se/i/bannerboy_big//.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://acdn.adnxs.com/ast/ast.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://acdn.adnxs-simple.com') does not match the recipient window's origin ('https://omni.se').
security	error	URL: https://acdn.adnxs.com/ast/ast.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://acdn.adnxs-simple.com') does not match the recipient window's origin ('https://omni.se').
security	error	URL: https://acdn.adnxs.com/ast/ast.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://omni.se') does not match the recipient window's origin ('https://acdn.adnxs-simple.com').
security	error	URL: https://acdn.adnxs.com/ast/ast.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://omni.se') does not match the recipient window's origin ('https://acdn.adnxs-simple.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=30758400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

38e30e7c291d29145ae6c9a780ced256.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
analytics.codigo.se
b137.s372.meetrics.net
b151.s372.meetrics.net
c43a55be1943afa4f87ec8c90de49e5c.safeframe.googlesyndication.com
cdn.adnxs.com
cis.omni.se
cis.schibsted.com
cmp.omni.se
collector.schibsted.io
d3iwtia3ndepsv.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gfx.omni.se
ib.adnxs.com
id.omni.se
info.privacy.schibsted.com
jobb.blocket.se
omni-ad-blocket.herokuapp.com
omni-content.omni.news
omni-variants.omni.news
omni.se
pagead2.googlesyndication.com
region-api.inventory.schibsted.io
s1.adform.net
s372.meetrics.net
s372.mxcdn.net
sch-map.norstatsurveys.com
sdk.pulse.schibsted.com
secure.adnxs.com
securepubads.g.doubleclick.net
settings.omni.se
stat.meetrics.net
static.privacy.schibsted.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
trafficgateway.research-int.se
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
omni-ad-blocket.herokuapp.com
omni-content.omni.news
www.googletagservices.com
104.102.28.239
13.224.189.64
13.48.72.109
13.49.191.63
13.53.178.57
136.243.2.28
136.243.33.209
143.204.209.48
151.101.1.108
192.0.78.192
199.232.194.49
199.232.198.49
2.18.233.67
2001:67c:21e0::c
216.58.212.130
23.100.50.51
2600:9000:206f:de00:d:f5ec:44c0:93a1
2606:4700:20::ac43:4724
2606:4700::6810:7aaf
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
37.157.2.249
37.157.3.28
37.252.173.215
37.252.173.27
37.252.173.38
5.9.119.17
5.9.82.212
51.138.29.56
52.212.52.84
54.220.192.176
54.73.26.109
54.75.86.116
65.9.68.15
65.9.68.2
99.86.3.230
0189b0328dfc323d3728755eec67ca2be96306e7071aef6a95fad73fd46f2abb
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
0955fe2bc150e9003a5b918cf41e802615d57a81fe5eec51eb74c07d9921bf18
0cb84ea293ff05f2cf59cb096c34b43df4d154429611799973a56a8fc9cb8fb6
11f491eae43e43dd9760fb6da4962ef3c92171ae07f1ca06f0526de5089bfd0e
1555705a6bb02ae2759a5559c5f6ba10c4f9bf90f8daa5c9eca33962e9d3d4b3
159e38a571ceafe0b08d5804e8c061b652db20640e65bbc81787b34e636c978c
18c43d517550dd0d7abca0d7f395ac554ff661032f9f81154811166c724c8ee5
1bbe1308af9e8bf4f4a530c12a67129d26d1634033f50acae3eb5ad781099bd3
1ddbe0e89dcbc08f63e308188a4005c2bcaf02083ef93e622bf1deaa41b17875
1e7da97539be1fbca435b917b319bfb5b991540993430c4f3a52aad07f663139
220dc8475b418bc753d3ac52081f1a3606a70e41f20fdb530a25334a2d375b06
2cf8fbb41feaf9b48014f620285d896ce6221dd627ff84f90a58ded87ceea81d
2d314930f130ce8c3afda986c912ee508ffc18ecba2a3681fbf17711430329df
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2f73bacb7db5c60ff0acbb4be2afa668f087acec662c054b203f28a35af6123c
2fc09218bf5b208b23ad0c42a9e014e789aa4f43ec1083eb9ffe74d93230b230
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
315975e7a7a666b96d4d52a9c108b59677324296f82b0baeb22263cacb1c79aa
324fcc32409fed30518fee030010c95e585c2fde1322a53ee5ebe36091d85074
395526886b143a9e643e2ca52fb6d9304f84764ed40cf1127ba3f69b52aefba1
3cd7258a7ec7a7aa4ff70225f58839fc9670380f3cb1813cffcba5381b87f2f1
41c0f2059b744d5b14271b42ae9aa390849d37182f28388caf7d4e7ceb1b7bab
42e15c4e2f9c2cdfc395f40e949ac851321114e0f695c81827bdda9c06087a48
43a0ec387e59fc21d3d028fe6bc696726fbae99bc7e1f7453df8e38866f97f89
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4763fba9d2af6216cc912fa828b138e9847e16954f764bfa61bb1ab3a7d1ca68
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e
4b2325432f2cb9eab42e89bd3be5a1f15a9f805a6bebbdd0e06280410d9bbfee
4d913681e7432eef0421cd842c0652046c39f8097142b60440e86726d5b75b58
4dc991cdf566c840a9b55da8459bceae93d720e7bfc629d28263dbb7a82eda6c
50b2e6a8a31ca4172da83c29a62e4826a4445cd2b65d537ef5c98af7aca625ff
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566a684209ec604344f96d952439f638b5546bea9e6c7ade5b4ef293428eea57
56c00f3d1962edeb01ba56b6bfbfbe7771fb6dafcf38ed9df6c3283525e86dab
57a3f8ade42776b7552f601ac317c314406652165293c11da36192040b52ae1b
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5d284e3035c9b28dc6239c2a070f590bbac6fe2f94bab831efe29dd3995bea48
5dbbaa6243a1cf3035db355b99719282864a2600fcb790a65746f7e314dd835d
5f575d63d46dd7d057417446ac6249dbd0f909cd1b8f2db2e4b658e635a97791
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62475bcd0adc5809538944ae5420363e81d1b95da80d1334e11314015b0f8684
6408fb3f2ba4fec418a6e46730e5b42b9818641f7d5f3da7102bbd9c4873d996
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65701367f7e07f0ba0baaec7280052db9f82de14a707fdd704020096b3f2855a
65b6ca2411d4f601cc1de8cb9897e66cbfd7850c4cf7429051b1ae8ba9f6653d
6940f8f7ddd796f44d72d03db38292c9b49bbb8a34f626417414317461935d7f
6abd427094dafe1165aa75548060f69444762b92fce9d02f8ad50c4eec1f9bc0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbe35b0bca75513f8aed7d00f1dce8c22678a4da874c2e9d4bf3b0f4248e5b4
7047362d785bcdb21e7eb6f16f8645bf09263612759ce536b1db401736c747b5
70ef965afb676c3691e70251705297dd73e3312f683e2215fe524f4b6b3740df
721cbe685a08d8a53f360bb3f790847bfca4584d79bc5abb7a21722acd6114ea
7397d62b2caaa322f30d72c921628591a13fe9cbc8f42b1498bb65d0bc9fbb3e
745df439f9fcdd1d9512bc9f3cbaeca5f5cca4ccbcdd26758fb101cdbe7bc8aa
749453e9401ec6fbb395f992901e60c1a11070f33a137939dde6fefdb0f804a9
749d38c50152cf0cc705f1fd847e6d3925c3ed36eacbdf6d4209da32c71985ab
76519d67e7f5a7eeaba80ce133fb7a53d0337f63e11a84cf9ccf221c9149b373
772d90e782c6533aef5245cf2bd666f662a7b00d89e397edd621c9d74dad4b78
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7f6f85b2474239f232c24918e2ac4a56a838bc64a9e872a62b89152e569602ff
822fa6bcd41ae4699f7666b4eb093dbb2080c69ccf88e70e4e1d9645641cd23b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ef77e7f07d344b4f64743b6a300ef46a7fbed504ac6792d07dbc7e26d6e1e5
89b627f8c0fedadf708fd6683423b86aa10eb3e0d372b5d78ebcf5dcc885808f
8a17dbe0c9d25187a9ef656698d4a70e9144f61258f7b4211d5403548b8b6a2c
8b55278e028e0dc5c401fae38f6e6c8b4c78f49facf34ce6dae77dd5e1015102
8c8c8076c8921430b02285f42eeeb7c8a794e59c2854e04b7a0747bcf35df621
90687150c18ec51580a40877532d01b82c479d207966f5b51972f0efee916f18
92936f2df2ed40d800c20218208dac948ae5216b0db219f5a7f34b6b5fc4fe83
951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c8392de0df9b8f5d29e45c6d841f51f7ca6d9bad2754d207ee2148e22527e0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c42779dfcf24d34cc624d9fdb1b30e8adea6e6e1d1b45a08cbfc75c24497e1
a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d
a8c2fc3d00ccaf492e1c0a28963fb3e48dafc317379666d12fb241ab616b8a37
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
a94a27bdc5c56617489606128eb2ad6653a20ab180981cbb40a237a3b1a94f0d
adb360f12e96ba7f1a02600a6e22cbed31e3e7fc6af28769248b6fa578760b41
af97b332450c6dc9371fc9fc8326175dc381983ffce3f93f0d1e1f3b209c2640
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0
b24bafea56724cdc9a1244a48abd1e5d1c4a45f728be5de9aa844d9b9116eb06
b57e663e0c3aa60b9eabe7aa85080dd3293b1a1d4b049c12ef233708aab032c8
b5c0ee1f43277301ce3de3b16216185dfc7489fbfdc639f0e7fb8f9120d836ed
b9e6b5ac701dc058a3177563360967bf04eda34af459c216a12802e773841622
bafb3266ec565f7f390c3d20b57f3b343288f23c21425a8f04521c0bfec2e7c8
bcf463ef6cf37b4e02c723d4881712add1539179161c165569a3ad9cee392764
bd79f612bffb0efed79a1077669bd5465d8fe4953d96108566027f946fe478ae
bde0824233edf0081233d0a1622261a223456138c25874c1b806b746a815ae0a
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c5fd0e9e2216a99051fa09d7125647f1ebf146e9f42653a9081a7b1b6f830ed4
c6defeeb05ac6aa9d94aa287bc02e76a8f18e384ad685d2155940a8a3471a758
c726a4f8e2fe43c148f7f6a96cf204f7fbe7beaacb1af67d3e152258de689916
ca8b17872bcdea25b8b18b6b3821ee422578f1948cfa951a108af2df671226bd
ced30ca5b3de42b8577c216a57e22ec3421b8aa1381d54b8b251b6f688bde4c3
d1db332b365bfe71b4fa362bb422687ff3c66bc41f4e7e301738650ec8d93303
d2fb7ff4da3ddc4b8eac36ca196e8873c1f1ca9d00030d934ead28b20987a712
d39c3a28aae5db465af582bfa840be82c187f3c50af81718e4310ab5e9d12da6
d4a444082c5e6a2d040cdaa541ab4dcc5039b63fd232092cf48fe7b0d0cd3e5a
d8d0d13cd85e81f01bb7933e3fe6059fce0cf82869ab16a47abaf7458896e1fd
da4d00fb23a565e4913bda748264219b5ef2a3a3b2cc96d386e8beb65912b9fc
daf3d5d9a7cc42e8830c90b42e651d6ed01abb558a0ffe83ac306072836a7b81
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b8b654af7815a8758491fde66b1b3a65ea8a53a4654491c92b97c4203725f3
e86f2b031fa9641018b76da62bc6776066cce6c84af7b5db0fb974ddbe0e427c
f4afa97c613f4f803bb546fbcc0e8a6c76de58d2625273770749736123bf8d5b
fa47e015a483fe62ba3272b248fdee90efacfa6c0a0a9839668927b2318f7f14
fb06beff3b52ed00a1a147f87a577f9997347e9360ed04f0ef5add191979a1d4
fc22b10c9cd2d152a4200412f39986d2cbfe9494679870133d9dbc56e847f50e
fd85510c24b169104f0e7bb3b8552f9c2efcb4cf54c3870adb275474204cad52
fe6494bba16b715e5c81b1506a56cefb3472ac2e91a072a0b6a46ff65690c4a0
fe9c00b39aa997d1efe1f793dd8d68517005e27f2057f011c6007e313aae32ed

omni.se Open in urlscan Pro 199.232.198.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

209 Requests

96 %HTTPS

33 %IPv6

25 Domains

48 Subdomains

46 IPs

9 Countries

3055 kBTransfer

6252 kBSize

24 Cookies

9 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

omni.se Open in urlscan Pro
199.232.198.49 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

96 %
HTTPS

33 %
IPv6

25
Domains

48
Subdomains

46
IPs

9
Countries

3055 kB
Transfer

6252 kB
Size

24
Cookies

209 HTTP transactions
0 data transactions