www.startsiden.no Open in urlscan Pro
87.238.33.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Submission: On June 08 via manual (June 8th 2024, 8:20:18 am UTC) from LU — Scanned from NO

Summary HTTP 60 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 17 domains to perform 60 HTTP transactions. The main IP is 87.238.33.153, located in Oslo, Norway and belongs to REDPILL-LINPRO Redpill Linpro, NO. The main domain is www.startsiden.no. The Cisco Umbrella rank of the primary domain is 830389.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.

This is the only time www.startsiden.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	87.238.33.153 87.238.33.153	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 _) (CDN77 _)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	172.67.155.215 172.67.155.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
10	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:710... 2a02:26f0:7100:983::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.16.143.111 104.16.143.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	156.146.33.141 156.146.33.141	60068 (CDN77 _) (CDN77 _)
1	2a02:26f0:710... 2a02:26f0:7100:997::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	108.156.60.37 108.156.60.37	16509 (AMAZON-02) (AMAZON-02)
2	167.235.124.23 167.235.124.23	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	167.235.124.61 167.235.124.61	24940 (HETZNER-AS) (HETZNER-AS)
60	25

7 87.238.33.153 (Oslo, Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

www.startsiden.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

log.medietall.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cl-eu5.k5a.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:983::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.143.111 (None, )

ASN13335 (CLOUDFLARENET, US)

experience-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.146.33.141 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 663193551.fra.cdn77.com

log.medietall.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:997::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-37.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.124.23 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0001.cxense.com

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats-collector.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cebf888cc9aea95ec96070b68f589dad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.124.61 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0039.cxense.com

id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 cebf888cc9aea95ec96070b68f589dad.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174	118 KB
7	cxense.com scdn.cxense.com — Cisco Umbrella Rank: 20025 cdn.cxense.com — Cisco Umbrella Rank: 6036 api.cxense.com — Cisco Umbrella Rank: 9068 id.cxense.com — Cisco Umbrella Rank: 13245 stats-collector.cxense.com — Cisco Umbrella Rank: 69163	82 KB
7	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 3178	932 B
7	startsiden.no www.startsiden.no — Cisco Umbrella Rank: 830389	296 KB
4	piano.io experience-eu.piano.io — Cisco Umbrella Rank: 37857 cdn-eu.piano.io — Cisco Umbrella Rank: 50484 c2-eu.piano.io — Cisco Umbrella Rank: 20447 buy-eu.piano.io — Cisco Umbrella Rank: 25060	123 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	175 KB
4	google.com www.google.com — Cisco Umbrella Rank: 5 clients1.google.com — Cisco Umbrella Rank: 749 region1.analytics.google.com — Cisco Umbrella Rank: 3163	73 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 887 script.hotjar.com — Cisco Umbrella Rank: 1282	59 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	184 KB
2	medietall.no log.medietall.no — Cisco Umbrella Rank: 81748	21 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 354	2 KB
1	google.no www.google.no — Cisco Umbrella Rank: 26482	408 B
1	k5a.io cl-eu5.k5a.io — Cisco Umbrella Rank: 95152	197 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5302	265 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 10253	3 KB
0	lp4.io Failed pp.lp4.io Failed
60	17

	Domain	Requested by
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.startsiden.no pagead2.googlesyndication.com
7	www.adsensecustomsearchads.com	www.google.com
7	www.startsiden.no	www.startsiden.no
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.cxense.com	scdn.cxense.com
2	scdn.cxense.com	www.startsiden.no
2	securepubads.g.doubleclick.net	www.startsiden.no securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.startsiden.no www.googletagmanager.com
2	log.medietall.no	www.startsiden.no log.medietall.no
1	buy-eu.piano.io	cdn-eu.piano.io
1	stats-collector.cxense.com	scdn.cxense.com
1	id.cxense.com	scdn.cxense.com
1	cebf888cc9aea95ec96070b68f589dad.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	www.startsiden.no
1	script.hotjar.com	static.hotjar.com
1	www.google.no	www.startsiden.no
1	c2-eu.piano.io	cdn-eu.piano.io
1	api.cxense.com	scdn.cxense.com
1	static.hotjar.com	www.googletagmanager.com
1	cl-eu5.k5a.io	log.medietall.no
1	cdn-eu.piano.io	experience-eu.piano.io
1	experience-eu.piano.io	www.startsiden.no
1	partner.googleadservices.com	www.google.com
1	clients1.google.com	www.startsiden.no
1	www.npttech.com	www.startsiden.no
1	www.google.com	www.startsiden.no
0	pp.lp4.io Failed	www.startsiden.no
60	30

This site contains links to these domains. Also see Links.

Domain
linktr.ee
certisimples.com.br
qrs-cert.com
www.silberschmuck-bremen.de
www.bretagne.developpement-durable.gouv.fr
terracochopp.com.br
uptore.com
bestgoodsex.top
applefix.in
thoughtswhilereading.com
www.facebook.com
twitter.com
om.startsiden.no

Subject Issuer	Validity	Valid
startsiden.no R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
1176478501.rsc.cdn77.org R3	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
npttech.com GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh
*.googleadservices.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2024-02-25` - `2024-12-31`	10 months	crt.sh
1968760263.rsc.cdn77.org R3	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.google.no WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Frame ID: 50F15CA2577AD5A4804601117AC9FF73
Requests: 59 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Frame ID: DEE6B36907022A3934D186E12DBEBB20
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Frame ID: 65DC0CBCEE7BF5A630C5AA63AFDF47BE
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html
Frame ID: 154B3C20228C14DEFE569B15AC3DB2C6
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=4818040824&adpage=1&channel=abc_csa&client=startsiden&q=https%3A%2F%2Flinktr.ee%2Fsexcamlive&r=m&hl=no&ivt=0&adrep=6&type=0&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301438%2C17301442&client_gdprApplies=1&format=p6%7Cn4&ad=n4p6&nocache=6651717834812600&num=0&output=uds_ads_only&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1717834812616&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1963&frm=0&uio=--&cont=googlead_top%7Cgooglead_bottom&drt=0&jsid=csa&nfp=1&jsv=639833580&rurl=https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive
Frame ID: FEEFBD25C10169DA68ED5FA29B601571
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: CDF43389801817DEE949C59CE2A397E2
Requests: 1 HTTP requests in this frame

Frame: https://cebf888cc9aea95ec96070b68f589dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E73A007BB15CA6EF39F18979D8C32131
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssS65OFCqNSTgXCj2eTl1Xql7RoktuN4o5zBE5X6SJTgSmUOEYGrrDmYxJc-pFy7w2nT_yiA9cOqB15erQiUJKxiyc2-M2DRuSgmvD4bFE90CtMNJ7WB-xTshTA6giGicELdR2t65KZDpvgx5U7ln2ThiHANO2PyiZTKhvjW-ZEzTMJVTqAfkWriUYBqAiXtamHYTVcWFCpRfMBbkuMqO7-fjRK6i16QImcXph-hkrTHh_2MW-2F4mRwRCPKGygVczL_qOwMOgoR2BiKpUQJuUTOFyKwmRlfqHIkBjMu9d61mjUmLEeQ4-xd0CesLc8yCKFgi3d17QuZEn20qtMtHVPJU9wCQoinTpF9CvTUcJSlxFZBvTjiSy4rqdKqCqiIQeAm-KnPgk&sig=Cg0ArKJSzApMJu6hYEHqEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7C9FFF7C9FC78D7ED46D3E18A1DA1C8B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF24240C82ACF1AC81FA833615A41E5B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

https://linktr.ee/sexcamlive - Startsiden søk

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

97 %
HTTPS

54 %
IPv6

17
Domains

30
Subdomains

25
IPs

5
Countries

1157 kB
Transfer

3598 kB
Size

23
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://linktr.ee/AdultLive
Title: linktr.ee › AdultLive@AdultLive | Linktree

Search URL Search Domain Scan URL

URL: https://certisimples.com.br/descubra-os-beneficios-do-certificado-digital-em-algumas-areas-de-atuacao/
Title: certisimples.com.br › descubra-os-beneficios-do-certificado-digital-em-algumas-areas-de-atuacaoDescubra os benefícios do Certificado Digital em algumas áreas de ...

Search URL Search Domain Scan URL

URL: https://qrs-cert.com/?p=61
Title: qrs-cert.com Welcome To QRS

Search URL Search Domain Scan URL

URL: http://www.silberschmuck-bremen.de/produkt/rabe-kralle-anhaenger-925-silber-kraehe-mittelalter-larp-wikinger-gothic-hexe/
Title: www.silberschmuck-bremen.de › produkt › rabe-kralle-anhaenger-925-silber-kraehe-mittelalter-larp-wikinger-gothic-hexeRabe, Kralle, Anhänger, 925 Silber, Krähe, Mittelalter, Larp ...

Search URL Search Domain Scan URL

URL: https://www.bretagne.developpement-durable.gouv.fr/participation-du-public-sur-le-6e-programme-d-a3649.html
Title: www.bretagne.developpement-durable.gouv.fr › participation-du-public-sur-le-6e-programme-d-a3649.htmlParticipation du public sur le 6e programme d'actions régional ...

Search URL Search Domain Scan URL

URL: https://terracochopp.com.br/food-4/
Title: terracochopp.com.br › food-4Donec at – Restaurante Terraço Chopp

Search URL Search Domain Scan URL

URL: https://uptore.com/customer-voice/%EF%BC%8840%E4%BB%A3%EF%BC%9A%E5%A5%B3%E6%80%A7%EF%BC%89/
Title: uptore.com › customer-voice › （40代：女性）40代：女性 - 背骨くろだ

Search URL Search Domain Scan URL

URL: https://bestgoodsex.top/
Title: bestgoodsex.top GingerSnap33 Webcam Show | Free Sexcam Live Porn Chat

Search URL Search Domain Scan URL

URL: http://applefix.in/apple-service-center-ajmer-road-jaipur/
Title: applefix.in › apple-service-center-ajmer-road-jaipurApple Service Center Ajmer Road Jaipur - Apple Fix 9529088880

Search URL Search Domain Scan URL

URL: http://thoughtswhilereading.com/and-the-mischief-is/
Title: thoughtswhilereading.com › and-the-mischief-isAnd the mischief is…

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Startsiden
Title: https://www.facebook.com/Startsiden

Search URL Search Domain Scan URL

URL: https://twitter.com/startsiden
Title: https://twitter.com/startsiden

Search URL Search Domain Scan URL

URL: https://om.startsiden.no/2018-annonseinfo/
Title: Annonseweb

Search URL Search Domain Scan URL

URL: https://om.startsiden.no/kontakt/
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://om.startsiden.no/
Title: ABC Startsiden AS

Search URL Search Domain Scan URL

URL: https://om.startsiden.no/retningslinjer-for-personvern/
Title: Personvernpolicy

Search URL Search Domain Scan URL

URL: https://om.startsiden.no/startsiden/
Title: Våre produkter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.startsiden.no/sok/ 31 KB
8 KB 428ms
353ms Document
text/html 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 0bb53a366a2d41751af2f3c031e55ca7e1df032ca0df1a3bb68fa927b73940e1

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 08 Jun 2024 08:20:12 GMT
etag: W/"7a6a-8F+DyLTZzW6a7qwjSXbKEk/JyRs"
expires: Sat, 08 Jun 2024 08:20:41 GMT
server: nginx
varnish-grace: 28800s
vary: X-ABGROUP, , Accept-Encoding
x-ab-selection: random=4
x-abtest-name: DT-2366-adsense-test
x-abtest-variation: A
x-robots-tag: noindex

GET
H2 200 styles.c9dd1ba637a4ea230f6e.css
www.startsiden.no/sok/static/ 189 KB
50 KB 84ms
83ms Stylesheet
text/css 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/sok/static/styles.c9dd1ba637a4ea230f6e.css
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 0f5fc38facd0e57da35e01e40c97c1650dee3635149b9f501bb148cc6cc76f52

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
x-abtest-name: DT-2366-adsense-test
content-encoding: gzip
x-abtest-variation: A
content-length: 51196
last-modified: Thu, 23 May 2024 13:18:02 GMT
server: nginx
etag: W/"2f297-18fa599f710"
vary: X-ABGROUP
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-ab-selection: disabled
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization

GET
H3 200 ads.js Show response
www.google.com/adsense/search/ 183 KB
72 KB 236ms
78ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

7a0f7314c90ef47ac8df7983925da479513b86ef88c686fee87d3fdaf2dc0579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "5240080776160470645"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sat, 08 Jun 2024 08:20:12 GMT

GET
H2 200 analytics.js Show response
log.medietall.no/ 338 B
768 B 169ms
56ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://log.medietall.no/analytics.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0e5f13d2ab2f6b30e9af3d1f505eeafa2a9e6e5a7cd9e530ac6cf2f41fbcdcb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Sat, 08 Jun 2024 08:20:12 GMT
content-encoding: gzip
x-accel-date-max: 1713481331
x-77-cache: HIT
x-cache: HIT
x-source: fileserver
x-age: 3473
x-accel-date: 1717831339
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvJwH3kQ0AAAwBJRPCMQH3AAAAAA
x-accel-expires: @1717834939
x-77-age: 3473
last-modified: Thu, 18 Apr 2024 22:05:13 GMT
server: CDN77-Turbo
etag: W/"4546cb09b0af083ad0d0717b3b0f176f8cb287cb"
x-77-nzt-ray: 25b0213178ad51da3c146466abd2071f
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public, s-maxage=3600

GET
H2 200 polyfills.9bb726b4700b9091aab8.js Show response
www.startsiden.no/sok/static/ 17 KB
6 KB 108ms
107ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/sok/static/polyfills.9bb726b4700b9091aab8.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: acb0dda6b68f38e82b26aebd61b4e4b0caa73558fbc2bcd072f1e7594978d0c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
x-abtest-name: DT-2366-adsense-test
content-encoding: gzip
x-abtest-variation: A
content-length: 5974
last-modified: Thu, 23 May 2024 13:18:02 GMT
server: nginx
etag: W/"443d-18fa599f710"
vary: X-ABGROUP
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-ab-selection: disabled
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization

GET
H2 200 commons.6c66494305ed6c6a90f0.js Show response
www.startsiden.no/sok/static/ 614 KB
196 KB 113ms
112ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/sok/static/commons.6c66494305ed6c6a90f0.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 6ac37d8b0b621cac6a9f0990c536c94df9535f882604dc66b2b43931767f4ffc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
x-abtest-name: DT-2366-adsense-test
content-encoding: gzip
x-abtest-variation: A
content-length: 200408
last-modified: Thu, 23 May 2024 13:18:02 GMT
server: nginx
etag: W/"99707-18fa599f710"
vary: X-ABGROUP
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-ab-selection: disabled
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization

GET
H2 200 generalSearch.8cb87453226c4e025f8c.js Show response
www.startsiden.no/sok/static/ 100 KB
32 KB 43ms
42ms Script
application/javascript 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/sok/static/generalSearch.8cb87453226c4e025f8c.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 3622029dda17b4fdb66c241b1f8fc832be525769dfa77acccc2fd389397ea727

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
x-abtest-name: DT-2366-adsense-test
content-encoding: gzip
x-abtest-variation: A
content-length: 32307
last-modified: Thu, 23 May 2024 13:18:02 GMT
server: nginx
etag: W/"190ed-18fa599f710"
vary: X-ABGROUP
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-ab-selection: disabled
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Authorization

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
87 KB 233ms
94ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56P5GX

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86cbfb8b1444b2feaae5806c7eb7b6ca7084e0f63369e32ca6ec54e0bf3a38cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88767
x-xss-protection: 0
last-modified: Sat, 08 Jun 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Jun 2024 08:20:12 GMT

GET
H3 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 135ms
67ms Script
application/javascript 172.67.155.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZMB4X0YBFBZ8NW5W
age: 1407
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XDm9WOSu8GzHhTFX4wvv5o4wl86gVIAHiVxC9d8qUUNcwj/rZP/Nr8QTgUmfuuMbha7YJga0Vzg=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2Bye%2Ft%2BF9xWMVWwyuRzVnDnxd%2FdIUjWfQF82%2BTTJqC85JIda%2BROvmqLsJBmdTBZpqjZb%2BI7nVINjgDk%2BNXdPybsQf0DT2c4n8l7FtXsWoVyGvA0QY9PBgjmeDvgD5mOTlng%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 8907761acdac8f58-CPH

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e10543e2a0e95276ea3cd0cd3406042c00c725337435fb500f8626a57931c63

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f2818f410c9ec914d63aa775b2d350eb989a8eaa319f8443755bc7bc4e63245

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 335 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d98659d038a77359ddcf43ae33401b23c5a79f86024cc249db21160cea29799

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 359 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78e93bdfb9b022507c14f50d3c61d6070632df07b54aab1c312194153ffd2848

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 674 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cd9e2f90b7eb07dbd293f184fdadd29f9e8c832900f263286824adfe64335e3

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16b9d4bfedf6a6863c90af9ad346f456cd0bfcc99ff66e700269c19d82328df3

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 265 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f797131da783a676e683c602c3695e7d3bf35ba9dffcee5ac4676f0199cfa74

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3090a30394e419136ac77416d9d5077933e8fd7c5e690a461dc8daf3f550b612

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf3b98e03edb76cf9cb705eb2ca350f509cb98285636daa449971093a1e564a4

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 941e95cd6ea931afdeef660b66dcdf781561de026016a276fac4b97ae56b28a8

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fc1c9eff70ddac601d11a1f7cea3992038cbdb02271d2fb878e54274f90cec2

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cf99bbfc52b461f978922fda19956c98757fe321ad1b0cf5368cda173ed8208

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 893 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3be4c8ab4337ede483b9ced31b0c78af089a8cfb042b8041b3cc649d40152d0d

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 search Show response
clients1.google.com/complete/ 51 B
790 B 252ms
103ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients1.google.com/complete/search?hl=no&client=firefox&inputencoding=UTF-8&outputencoding=UTF-8&q=https://linktr.ee/sexcamlive&callback=__jp0

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/static/commons.6c66494305ed6c6a90f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

250e60cefe9f25020c4814c35f87bcb968dd2532d52d618045e43851c1520452

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-Tq2xXdu7mN1UD5yhttyOPg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Tq2xXdu7mN1UD5yhttyOPg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding: br
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
permissions-policy: unload=()
expires: -1

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 380 B
265 B 147ms
74ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.startsiden.no&client=startsiden&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

5b5dd9587b7249089c80f5d2b5ac80920a5b6c3e512cb05b7a85709288d28063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0

GET
H2 200 iframe.html
www.adsensecustomsearchads.com/afs/ads/i/ Frame DEE6 0
0 281ms
77ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-u6UT1LhclQRqyj1EZ22NiA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://www.startsiden.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 728
content-security-policy: script-src 'nonce-u6UT1LhclQRqyj1EZ22NiA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 08:20:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 12 Mar 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html
www.adsensecustomsearchads.com/afs/ads/i/ Frame 65DC 0
0 363ms
87ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-u6UT1LhclQRqyj1EZ22NiA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://www.startsiden.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-length: 728
content-security-policy: script-src 'nonce-u6UT1LhclQRqyj1EZ22NiA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 08:20:12 GMT
expires: Sat, 08 Jun 2024 08:20:12 GMT
last-modified: Tue, 12 Mar 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html
www.adsensecustomsearchads.com/afs/ads/i/ Frame 154B 0
0 441ms
77ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-u6UT1LhclQRqyj1EZ22NiA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://www.startsiden.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-length: 728
content-security-policy: script-src 'nonce-u6UT1LhclQRqyj1EZ22NiA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 08:20:13 GMT
expires: Sat, 08 Jun 2024 08:20:13 GMT
last-modified: Tue, 12 Mar 2024 06:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
www.adsensecustomsearchads.com/afs/ Frame FEEF 0
0 409ms
232ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=4818040824&adpage=1&channel=abc_csa&client=startsiden&q=https%3A%2F%2Flinktr.ee%2Fsexcamlive&r=m&hl=no&ivt=0&adrep=6&type=0&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301438%2C17301442&client_gdprApplies=1&format=p6%7Cn4&ad=n4p6&nocache=6651717834812600&num=0&output=uds_ads_only&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1717834812616&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1963&frm=0&uio=--&cont=googlead_top%7Cgooglead_bottom&drt=0&jsid=csa&nfp=1&jsv=639833580&rurl=https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-YHlgfkcOEqlGYkrLsch2GA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://www.startsiden.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: br
content-length: 3808
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-YHlgfkcOEqlGYkrLsch2GA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sat, 08 Jun 2024 08:20:13 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 251ms
105ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/static/commons.6c66494305ed6c6a90f0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6cc76f07da907256a0e575a2cd808d4683553faaa496461337758b5101cb0502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30787
x-xss-protection: 0
server: cafe
etag: 935 / 19882 / m202406040101 / config-hash: 14353985682650205947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jun 2024 08:20:12 GMT

GET
H/1.1 200
OK cx.cce.js Show response
scdn.cxense.com/ 25 KB
7 KB 190ms
63ms Script
application/x-javascript 2a02:26f0:7100:983::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.cce.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 08:20:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Apr 2024 13:13:58 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6352
Expires: Sat, 08 Jun 2024 09:20:12 GMT

GET
H3 200 load Show response
experience-eu.piano.io/xbuilder/experience/ 5 KB
2 KB 130ms
73ms Script
application/javascript 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience-eu.piano.io/xbuilder/experience/load?aid=mw2SnUSxpe

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14198288dbfc2516a3be2979e0655881432b60373764f0107521d712fa48a47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Sat, 08 Jun 2024 08:20:12 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 08 Jun 2024 07:36:44 GMT
server: cloudflare
age: 2608
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 8907761b98f90a37-ARN
alt-svc: h3=":443"; ma=86400
x-request-id: 5k7wji895v
expires: Sat, 08 Jun 2024 08:50:12 GMT

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 113 KB
37 KB 184ms
61ms Script
application/x-javascript 2a02:26f0:7100:983::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0715720ef5aba6588c54f73301afe6cc8950c25cd9ff3cf692cfc6a7474ca047

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 08:20:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2024 08:43:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37591
Expires: Sat, 08 Jun 2024 09:20:12 GMT

GET
H3 200 analytics.v2.js Show response
log.medietall.no/ 72 KB
20 KB 132ms
60ms Script
application/javascript 156.146.33.141
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://log.medietall.no/analytics.v2.js
Requested by: Host: log.medietall.no
URL: https://log.medietall.no/analytics.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 5bd0328ec28368afef4fa1bff181a33644f51aa021c90b4f1a869708489bc475

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Origin: https://www.startsiden.no
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Sat, 08 Jun 2024 08:20:12 GMT
content-encoding: gzip
x-accel-date-max: 1714136873
x-77-cache: HIT
x-cache: HIT
x-source: fileserver
x-age: 3313
x-accel-date: 1717831499
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH38QwAAAwBnJIhHwH3AAAAAA
x-accel-expires: @1717835099
x-77-age: 3313
last-modified: Fri, 26 Apr 2024 12:06:34 GMT
server: CDN77-Turbo
etag: W/"37d6736fe71ae2fa744b4e90ee29289501586a19"
x-77-nzt-ray: cf8787278b8916f83c146466c356022d
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public, s-maxage=3600

GET
H3 200 tinypass.min.js Show response
cdn-eu.piano.io/api/ 400 KB
118 KB 84ms
79ms Script
application/javascript 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-eu.piano.io/api/tinypass.min.js

Requested by

Host: experience-eu.piano.io
URL: https://experience-eu.piano.io/xbuilder/experience/load?aid=mw2SnUSxpe

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d91ad63c8e48d320bf03a4795b53f16630bebcc316ec387cd435f95cb480bcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
x-amz-version-id: 8A_UTy0j8zFFVkbsFziwnxHsav9wdNWo
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: C0T6JKXQWN83RXAD
age: 2639
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NRPru1hEDsA8BT9XnaKBKO/5Iba+aZgaINsNcEWuqJm9N29Wfpr6NTmeg51HNMyZJ/p2q33l3UY=
last-modified: Thu, 30 May 2024 11:52:10 GMT
server: cloudflare
etag: W/"7727284e9fbe8801904967979f34818c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8907761c19c10a37-ARN
expires: Sat, 08 Jun 2024 12:20:12 GMT

POST
H2 204 /
cl-eu5.k5a.io/ 0
197 B 173ms
60ms Ping
text/plain 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cl-eu5.k5a.io/?i=607d77e46bf6b242026472c2&l=p&u=https%3A%2F%2Fstartsiden.no%2Fsok&c=desktop&ptp=website&psn=&sbs=&ul=&sbid=&r=_&lcid=na&uid=DtAhfhyDpmul8bxc&ns=1&_h=pageView&_s=js&_l=DOMContentLoaded&_c=1&_m=b
Requested by: Host: log.medietall.no
URL: https://log.medietall.no/analytics.v2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-77-nzt: EggBw7WvJwAACAHUZjgRAAA
x-77-pop: frankfurtDE
date: Sat, 08 Jun 2024 08:20:12 GMT
server: CDN77-Turbo
x-77-nzt-ray: 25b021311aabdfec3c146466d1813d38
x-77-cache: MISS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 113 KB
37 KB 189ms
75ms Script
application/x-javascript 2a02:26f0:7100:997::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0715720ef5aba6588c54f73301afe6cc8950c25cd9ff3cf692cfc6a7474ca047

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 08:20:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2024 08:43:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37591
Expires: Sat, 08 Jun 2024 09:20:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
97 KB 98ms
97ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZNMHTLTPRD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56P5GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db74c8178c808b414d068d1b353d87b5ea1f147b3d9f11ce345f663e8542ad25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jun 2024 08:20:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
39ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56P5GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jun 2024 07:54:23 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1550
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 08 Jun 2024 09:54:23 GMT

GET
H2 200 hotjar-2309160.js Show response
static.hotjar.com/c/ 9 KB
4 KB 157ms
52ms Script
application/javascript 108.156.60.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2309160.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56P5GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-37.ams1.r.cloudfront.net

Software

Resource Hash

fa595716cdcf0eb72d326cab620732c656a18660a7ae5f428b50a2810ee342f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Jun 2024 08:20:04 GMT
via: 1.1 96e04892ec84a7161914f66c3ba3b5f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 24
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/cf03a0fc01b7dd4cb1ce072d7f873435
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 0Mla-ctCmJ7P3hmKWBE1F22ZpVct8HUY7yQ6doimAmHwcfDpDPGciA==

GET 5e84d7c4588d3e647a675573.js
pp.lp4.io/app/5e/84/d7/ 0
0

GET
H2 200 segment Show response
api.cxense.com/profile/user/ 62 B
569 B 220ms
68ms Script
text/javascript 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=9ac4ad19223828bf5c4d976bf3542b2f833977b0&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22lx5uhssdn9ohca9d%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.23 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0001.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 62
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/ 463 KB
144 KB 69ms
67ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 07:04:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4555
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147735
x-xss-protection: 0
server: cafe
etag: 15837355652058665441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Jun 2025 07:04:17 GMT

POST
H3 200 execute Show response
c2-eu.piano.io/xbuilder/experience/ 2 KB
1 KB 96ms
96ms XHR
application/json 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-eu.piano.io/xbuilder/experience/execute?aid=mw2SnUSxpe

Requested by

Host: cdn-eu.piano.io
URL: https://cdn-eu.piano.io/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19bfc967b935547932b160710fd283d9417f42c0696ccacbc844ad2e28948467

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://www.startsiden.no/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: w87oooul38
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.startsiden.no
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8907761d9c4a0a37-ARN

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 145ms
50ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZNMHTLTPRD&gtm=45je4650v894406370z86580085za200zb6580085&_p=1717834812510&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=94597358.1717834813&ul=no-no&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1717834813&sct=1&seg=0&dl=https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive&dt=https%3A%2F%2Flinktr.ee%2Fsexcamlive%20-%20Startsiden%20s%C3%B8k&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1362
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZNMHTLTPRD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 184ms
60ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZNMHTLTPRD&cid=94597358.1717834813&gtm=45je4650v894406370z86580085za200zb6580085&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZNMHTLTPRD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
408 B 224ms
88ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZNMHTLTPRD&cid=94597358.1717834813&gtm=45je4650v894406370z86580085za200zb6580085&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1541446610

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 50ms
49ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=437675921&t=pageview&_s=1&dl=https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive&ul=no-no&de=UTF-8&dt=https%3A%2F%2Flinktr.ee%2Fsexcamlive%20-%20Startsiden%20s%C3%B8k&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1756142243&gjid=717523702&cid=94597358.1717834813&tid=UA-27825163-16&_gid=23972451.1717834813&_slc=1&gtm=45He4650n7156P5GXv6580085za200&cd2=Disabled&cd18=DT-2366-adsense-test_A&cd54=false&cd55=DT-2366-adsense-test_A&cd56=false&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1839676213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 164ms
61ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27825163-16&cid=94597358.1717834813&jid=1756142243&gjid=717523702&_gid=23972451.1717834813&npa=1&_u=YCDAgEABAAAAAGAAI~&z=1899575142

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jun 2024 08:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.349061f2d87d84c4c336.js Show response
script.hotjar.com/ 222 KB
55 KB 169ms
60ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.349061f2d87d84c4c336.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2309160.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 11:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 247026
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56093
last-modified: Wed, 05 Jun 2024 11:42:10 GMT
etag: "4aa8ac29ac41e30cfd27b0bfd1a19aca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: pSrwGkj1F-uWV1a0MPtxBZqb7TFBGirNPNHyVDz08T3tyVVaWJ2U8Q==

GET
H/1.1 200
OK sp1.html
cdn.cxense.com/ Frame CDF4 0
0 171ms
59ms Document
text/html 2a02:26f0:7100:983::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://www.startsiden.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Sat, 08 Jun 2024 08:20:13 GMT
Expires: Tue, 18 Jun 2024 08:20:13 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 165ms
72ms Fetch
application/json 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240608

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/static/commons.6c66494305ed6c6a90f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e82b34c630b6e6e9dc792e128217ebc78bad2f58e9ccc0783140565d24e5fb40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15559
x-jsd-version: 1.0.2080
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 793
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21935-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"633-mof720qDMb6j/B5iwUezrEciHkg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qy%2BjOyBDqEpIB1Km0jxW7PxRF%2BAWhjt6NXrIkL7KE5J1TdWqR6PyHt1C0cuJXy7puUapbM82FWWhm97tdTbSJjAHcmRuUder9UXQTrEXiMIBtuXSX9PJqYPhpCStY%2BWqSi%2F4bWIc0YBOY%2FiwGJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8907761f1a2f0d4e-ARN

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 63 KB
23 KB 228ms
98ms Fetch
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=355353914342224&correlator=545348169766842&eid=31084062%2C31084074%2C31084262%2C31084215%2C31078668&output=ldjh&gdfp_req=1&vrg=202406040101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=36021320%2Cstartsiden.no%2Cpixel%2Csearch%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=1&didk=30298095&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1717834813195&lmt=1717834813&adxs=210&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive&vis=1&psz=1x0&msz=1x0&fws=4&ohw=1&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717834812167&idt=1001&cust_params=search%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive&adks=264567164&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3b1a41ef6e520ccfb7da8ecfff3ed5f9d276193132b937607e27a0fab89edac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23764
x-xss-protection: 0
google-lineitem-id: 5464187709
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321996571
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
cebf888cc9aea95ec96070b68f589dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E73A 0
0 223ms
71ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cebf888cc9aea95ec96070b68f589dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://www.startsiden.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 08:20:13 GMT
expires: Sat, 08 Jun 2024 08:20:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7C9F 0
0 227ms
100ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssS65OFCqNSTgXCj2eTl1Xql7RoktuN4o5zBE5X6SJTgSmUOEYGrrDmYxJc-pFy7w2nT_yiA9cOqB15erQiUJKxiyc2-M2DRuSgmvD4bFE90CtMNJ7WB-xTshTA6giGicELdR2t65KZDpvgx5U7ln2ThiHANO2PyiZTKhvjW-ZEzTMJVTqAfkWriUYBqAiXtamHYTVcWFCpRfMBbkuMqO7-fjRK6i16QImcXph-hkrTHh_2MW-2F4mRwRCPKGygVczL_qOwMOgoR2BiKpUQJuUTOFyKwmRlfqHIkBjMu9d61mjUmLEeQ4-xd0CesLc8yCKFgi3d17QuZEn20qtMtHVPJU9wCQoinTpF9CvTUcJSlxFZBvTjiSy4rqdKqCqiIQeAm-KnPgk&sig=Cg0ArKJSzApMJu6hYEHqEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.startsiden.no
URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240605/r20110914/ Frame 7C9F 23 KB
9 KB 191ms
65ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240605/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

55f017283179055aaeb5642ae7bae973299c19504016022e279e9f9d653c2a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 20:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 8342817275361945841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jun 2024 20:52:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240605/r20110914/client/ Frame 7C9F 3 KB
1 KB 291ms
165ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240605/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 20:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jun 2024 20:52:51 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7C9F 215 KB
65 KB 191ms
66ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ba554d0e7da554af81cd375e390468c282c884dd6e588f5885f16cd48fa140a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 07:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66505
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jun 2024 08:56:57 GMT

GET
H2 200 2397040332971982310
tpc.googlesyndication.com/simgad/ Frame 7C9F 43 B
556 B 196ms
64ms Image
image/gif 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2397040332971982310

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 07 Jun 2025 17:34:34 GMT
date: Fri, 07 Jun 2024 17:34:34 GMT
x-content-type-options: nosniff
age: 53139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 10:33:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 7C9F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74d5d173d6eadd8213c6fbd8e7ecaf6df14c9701b05daa5f809e6c6fb732dbf9

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 103 B
674 B 199ms
67ms Script
text/javascript 167.235.124.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lx5uhssdn9ohca9d%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222ag7hk35s1umj2gxon1xgu136e%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222ag7hk35s1umj2gxon1xgu136e%22%7D%5D%2C%22siteId%22%3A%225859583439106013029%22%2C%22location%22%3A%22https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive%22%7D&callback=cXJsonpCB2

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.61 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0039.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

a28b2d00428a6560bc73f1ae23b07e495f72e58d6e9c8677f71d9e94c352356f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:13 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 103
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C9F 0
0 102ms
101ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 7C9F 0
0 98ms
97ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsupamnYecl1SAkTvf0fsLwJBXJDireRDOuzYhx4nrjQ8q_iB3a9qIMYCA3M4GAIkbaIw9kBS4MSs9zpvInlwZs7KCtRNQnUHFgT02Ea7GpweXyfe5lf7JthNIrpXgFm30Nxz418shgxmFEYePL2A8yBUL6Stdl9URvMq-sECVolgXQ0iLXULXG3dyfMQbEWuHAHKGNtNXx1D0OinkD4Y9YHahymLNNqBPxlzREKr7x6TcWkS4E_YIbplQiLoVvZC78eUwj3lbdR4YO2g0QNqRhsso7eNXyNsmBUP3pO2Y2I3mKPpPo4tkVEokAHhvr-zwhG2RWRZ0PpLZ1hotZXgR9DbiWGDHdMEg-NCc9TbSEJDtk9CqX-yviPz4fuooxLmO7qCSMiWr5JmQ&sig=Cg0ArKJSzC-lUc65hoG_EAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ%3D%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 111ms
111ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0322110e88701806148c2d2a9f3c7ede46678dc220765acc22f68edaf11711bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12616
x-xss-protection: 0

GET
H2 200 favicon.140de993.ico
www.startsiden.no/sok/static/ 1 KB
1 KB 36ms
33ms Other
image/x-icon 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/sok/static/favicon.140de993.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 74f75d5ead98a1553d181ed1daef5704a7cdcc50c2449e110df7dc50d28e0e82

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
x-abtest-name: DT-2366-adsense-test
last-modified: Thu, 23 May 2024 13:18:02 GMT
server: nginx
etag: W/"47e-18fa599f710"
vary: X-ABGROUP
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=604800
x-ab-selection: disabled
accept-ranges: bytes
x-abtest-variation: A
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1150

GET
H2 200 imp Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
136 B 206ms
67ms Fetch
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/imp?location=https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive&adId=5464187709&bnId=138321996571&pId=%2F36021320%2Fstartsiden.no%2Fpixel%2Fsearch%2Fgeneral&siteId=5859583439106013029&ckp=lx5uhssdn9ohca9d&rnd=lx5uhssds97pfbn3&cxId=cx%3A39oi4x6n7xw4b2tndgln01j66n%3A15nk0ia9rtoq9&source=cx&t=Startsiden%20s%C3%B8k&targKeys=search
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 08 Jun 2024 08:20:14 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

GET
H2 200 favicon-32x32.b66df527.png
www.startsiden.no/sok/static/ 1 KB
2 KB 34ms
33ms Other
image/png 87.238.33.153
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.startsiden.no/sok/static/favicon-32x32.b66df527.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.238.33.153 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: 64e8234b1ab0569ca81255b32fd438be3d946b85c9c823c75a9f29b809922b47

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:13 GMT
x-abtest-name: DT-2366-adsense-test
last-modified: Thu, 23 May 2024 13:18:02 GMT
server: nginx
etag: W/"4a8-18fa599f710"
vary: X-ABGROUP
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
x-ab-selection: disabled
accept-ranges: bytes
x-abtest-variation: A
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
content-length: 1192

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 08:20:14 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF24 0
0 64ms
63ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: no-NO,no;q=0.9;q=0.9
Referer: https://www.startsiden.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 9168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 05:47:26 GMT
expires: Sun, 08 Jun 2025 05:47:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
509 B 295ms
92ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=startsiden&output=uds_ads_only&zx=xisw71td8avq&aqid=PBRkZtmFOJLGjuwPlNGFwAs&psid=4818040824&pbt=bs&adbx=210&adby=175.5&adbh=209&adbw=1180&adbah=209&adbn=master-1&eawp=partner-startsiden&errv=639833580&csala=27%7C10%7C416%7C177%7C14&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-_CspK3HynG2bdy0ECe8kHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_CspK3HynG2bdy0ECe8kHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 08 Jun 2024 08:20:14 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
212 B 303ms
100ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=startsiden&output=uds_ads_only&zx=zf1l1r65w25l&aqid=PBRkZtmFOJLGjuwPlNGFwAs&psid=4818040824&pbt=bs&adbx=210&adby=1680.5&adbh=209&adbw=680&adbah=209&adbn=slave-1-1&eawp=partner-startsiden&errv=639833580&csala=3%7C34%7C416%7C177%7C14&lle=0&ifv=0&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-dIllujwHsn9R2p4GYMeevQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-dIllujwHsn9R2p4GYMeevQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 08 Jun 2024 08:20:15 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
211 B 86ms
84ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=startsiden&output=uds_ads_only&zx=un99uldeqjqd&aqid=PBRkZtmFOJLGjuwPlNGFwAs&psid=4818040824&pbt=bv&adbx=210&adby=175.5&adbh=209&adbw=1180&adbah=209&adbn=master-1&eawp=partner-startsiden&errv=639833580&csala=27%7C10%7C416%7C177%7C14&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-ljYWbcGPRK50s0x9ErAHNA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ljYWbcGPRK50s0x9ErAHNA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 08 Jun 2024 08:20:15 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sdk-runtime-config.js Show response
buy-eu.piano.io/api/v3/anon/assets/ 266 B
742 B 251ms
196ms XHR
application/json 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy-eu.piano.io/api/v3/anon/assets/sdk-runtime-config.js?aid=mw2SnUSxpe

Requested by

Host: cdn-eu.piano.io
URL: https://cdn-eu.piano.io/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90e56a8320b87b465193b1bda1641a8eff43429ab89053c3b12d03c94adf71fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 08:20:16 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 2628
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 176
x-request-id: Ess3res1gqj
wn: prod-euc1-dash-10-4-145-225
last-modified: Sat, 08 Jun 2024 07:36:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.006
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 890776315ef22d75-ARN
expires: Sat, 08 Jun 2024 12:20:16 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 56ms
55ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZNMHTLTPRD&gtm=45je4650v894406370za200zb6580085&_p=1717834812510&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=94597358.1717834813&ul=no-no&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1717834813&sct=1&seg=0&dl=https%3A%2F%2Fwww.startsiden.no%2Fsok%2F%3Fq%3Dhttps%253A%252F%252Flinktr.ee%252Fsexcamlive&dt=https%3A%2F%2Flinktr.ee%2Fsexcamlive%20-%20Startsiden%20s%C3%B8k&en=view_search_results&ep.search_term=https%3A%2F%2Flinktr.ee%2Fsexcamlive&_et=2&tfd=6365
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZNMHTLTPRD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.startsiden.no/
Accept-Language: no-NO,no;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 08:20:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.startsiden.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pp.lp4.io
URL: https://pp.lp4.io/app/5e/84/d7/5e84d7c4588d3e647a675573.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406040101&jk=355353914342224&bg=!PD-lP3DNAAb64txl2uI7ADQBe5WfODtRDRpwuGE1NWhsYalWwUuEwlFnmweYMHyD2IrRLKjwraVv6xAtPsNBEWQvLe1GAgAAAI9SAAAABGgBB34ANV9owIHjJO7espgQgyLAcc5mpNNe7f0X4H-NJdKWl45xgLtk6IDqJ0E-NHiTV0snZfLRu0xHmQKoQEvrw_NMtIUN7WScsv5JQzrePsmf3PdPWnbXAvR0nXuN3FYSBKzpfkPcFrKKcfEiWAQLLY6_aIOSIPJf_5ScMd_jQzybvj5iwWTz068z8cuVztCMiYusqw6DPr2OoZbWZYbqS3GWrKxG1ZC99DmG3_BQGVQCOuKPwp_mNnnbJ4tVQ4LxMzHzVXRXK6SvfyyBTv3ka0yN0VdbETGdv19UzvYT2L23kEcWBfb4dIBW-LaAwjmBtB88qOp4MQJ8BtgxHDAejGyoscjjGSz3EG8Yxsuyohqw5tuPP_ZKMUV6K10I5zcXsvsn7cdjN9IO_EFV3MAlF-D-37np6oDQLiJN6U9ELWfrJccF1H8GREiDCdpHyNdj6YEQWzYC_19kSqmXVgYcCi526ib-s8shBG42NevLW_wDFv6z6RQ-Ci6yVY2oVne-ZKZJYxYJIZIMqqOGnupvaCzoXYxJ3cZhwBTtnokFBTvw6GnPUBUjrHt2RdydJldXMsqlKM8uxVtWmvZ9Nb1XlrfbcIuOpf3JjUnpEX4VXq7GKO2EqhRPX5-hOMqdD-2zz9Gypi8yHMqS2qa9d3-m4gTRWEnrPoCaW2bf7wENpsd1wmtKAw4jpq36rj4Zd01ydgA569ugLxn9J1bNIDxHG9ot0O9gfKE1gxhXgOMCCKLcP2OY_GF4BMskM8CUvMaRTyil2oHESr4_ki5typseQqc2pYgKuhU9KRqcyvG0dDrPvkDHMi5_v4js6yFv7JN9Rq5o7GqO5fZxb_MYR73OXqJ2dx3rBJak7Fz40AyarMxasSUZ-PUwydCjprgm_yKiFpMcvVMxEdgkABL8Y5lAgmVfy4V8hR4WCWLOlM7G1L-GUD4nfSaz5od_HcIRQnpwMia8dwPrj4whrtzshMzZL8v9xEI

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.startsiden.no/	1970-01-21 05:56:10	Name: authId Value: 86902311-6781-9709-424897146664
.startsiden.no/	1970-01-20 21:30:44	Name: Abgroup Value: 4
.startsiden.no/	1970-01-21 06:32:10	Name: __gsas Value: ID=f2aee4a66fcb9bb9:T=1717834812:RT=1717834812:S=ALNI_MZkF7W83TxLZcGR8vtaiDj8H4fOEg
.piano.io/	1970-01-20 21:10:36	Name: __cf_bm Value: 05dj10OD7arzuP2spidpeMOvrLRKP.yo2xbssKexDDU-1717834812-1.0.1.1-NMxp5Bxc1YczU0piBhjlHS7KJSz7d3pyeCS66kcJhfhhAi2llH1DdE1pzGoXlJBtYdUum9by7Uz0193X8dRvbw
.startsiden.no/	1970-01-21 05:56:10	Name: __mbl Value: 61@{"u":[{"uid":"DtAhfhyDpmul8bxc","ts":1717834812},1717924812]}
www.startsiden.no/	1970-01-20 21:10:35	Name: __adblocker Value: false
.startsiden.no/	1970-01-21 06:39:22	Name: _pcid Value: %7B%22browserId%22%3A%22lx5uhssdn9ohca9d%22%7D
.startsiden.no/	1970-01-21 06:39:22	Name: cX_P Value: lx5uhssdn9ohca9d
.startsiden.no/	1970-01-21 06:39:22	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIFYAODgTm4DMAFgG8AjAAYAbBLECJAJl4gAvkA
www.startsiden.no/	1970-01-20 23:20:10	Name: __pnahc Value: 0
.startsiden.no/	1970-01-21 06:46:34	Name: _ga_ZNMHTLTPRD Value: GS1.1.1717834813.1.0.1717834813.60.0.0
.startsiden.no/	1970-01-21 06:46:34	Name: _ga Value: GA1.2.94597358.1717834813
.startsiden.no/	1970-01-20 21:12:01	Name: _gid Value: GA1.2.23972451.1717834813
.startsiden.no/	1970-01-20 21:10:34	Name: _dc_gtm_UA-27825163-16 Value: 1
.startsiden.no/	1970-01-21 06:46:34	Name: __tbc Value: %7Bkpex%7DUOigHA8ycZFSQlo4ZcSidzJfQrvSUM66mv0oWZrwWzS7DDwwMvLY1Zmn1YVyrdAp
.startsiden.no/	1970-01-20 21:53:46	Name: __pat Value: 7200000
.startsiden.no/	1970-01-20 21:12:01	Name: __pvi Value: eyJpZCI6InYtbHg1dWhzdjZyMmIxbjZpbyIsImRvbWFpbiI6Ii5zdGFydHNpZGVuLm5vIiwidGltZSI6MTcxNzgzNDgxMzEzMn0%3D
.startsiden.no/	1970-01-21 06:46:34	Name: xbc Value: %7Bkpex%7D3W_GGYvsqVNFqzSjCEzaRYcycu8c4IEs4WLSg2lr4yQ
.startsiden.no/	1970-01-21 05:56:10	Name: _hjSessionUser_2309160 Value: eyJpZCI6IjZlMjA2NDNhLTFkMDgtNTA3YS1iZGVlLTg2YWQ2ZDYwOTI0OSIsImNyZWF0ZWQiOjE3MTc4MzQ4MTMzNjgsImV4aXN0aW5nIjpmYWxzZX0=
.startsiden.no/	1970-01-20 21:10:36	Name: _hjSession_2309160 Value: eyJpZCI6IjMxNzJhNTE4LTk5ZTMtNDRhNi1iNDk5LTQ0NWQxZjMyN2U5ZCIsImMiOjE3MTc4MzQ4MTMzNjgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.startsiden.no/	1970-01-21 01:29:46	Name: __eoi Value: ID=3943df5e0b02f681:T=1717834813:RT=1717834813:S=AA-AfjYIoUfxSwKlIkY4XVgC5El2
.startsiden.no/	1970-01-21 06:39:22	Name: cX_G Value: cx%3A39oi4x6n7xw4b2tndgln01j66n%3A15nk0ia9rtoq9
.cxense.com/	1970-01-21 05:56:10	Name: gckp Value: cx:39oi4x6n7xw4b2tndgln01j66n:15nk0ia9rtoq9

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.startsiden.no/sok/?q=https%3A%2F%2Flinktr.ee%2Fsexcamlive Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cxense.com
buy-eu.piano.io
c2-eu.piano.io
cdn-eu.piano.io
cdn.cxense.com
cdn.jsdelivr.net
cebf888cc9aea95ec96070b68f589dad.safeframe.googlesyndication.com
cl-eu5.k5a.io
clients1.google.com
experience-eu.piano.io
id.cxense.com
log.medietall.no
pagead2.googlesyndication.com
partner.googleadservices.com
pp.lp4.io
region1.analytics.google.com
scdn.cxense.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
stats-collector.cxense.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.adsensecustomsearchads.com
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
www.npttech.com
www.startsiden.no
pagead2.googlesyndication.com
pp.lp4.io
104.16.143.111
108.156.60.37
13.32.27.19
142.250.184.196
142.250.186.130
156.146.33.141
167.235.124.23
167.235.124.61
172.217.18.2
172.67.155.215
2001:4860:4802:32::36
2001:4860:4802:38::178
2606:4700::6812:bb1f
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:400c:c06::9a
2a02:26f0:7100:983::268b
2a02:26f0:7100:997::268b
2a02:6ea0:c700::11
87.238.33.153
0322110e88701806148c2d2a9f3c7ede46678dc220765acc22f68edaf11711bc
0715720ef5aba6588c54f73301afe6cc8950c25cd9ff3cf692cfc6a7474ca047
0bb53a366a2d41751af2f3c031e55ca7e1df032ca0df1a3bb68fa927b73940e1
0e5f13d2ab2f6b30e9af3d1f505eeafa2a9e6e5a7cd9e530ac6cf2f41fbcdcb3
0f5fc38facd0e57da35e01e40c97c1650dee3635149b9f501bb148cc6cc76f52
0fc1c9eff70ddac601d11a1f7cea3992038cbdb02271d2fb878e54274f90cec2
14198288dbfc2516a3be2979e0655881432b60373764f0107521d712fa48a47e
16b9d4bfedf6a6863c90af9ad346f456cd0bfcc99ff66e700269c19d82328df3
19bfc967b935547932b160710fd283d9417f42c0696ccacbc844ad2e28948467
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e10543e2a0e95276ea3cd0cd3406042c00c725337435fb500f8626a57931c63
250e60cefe9f25020c4814c35f87bcb968dd2532d52d618045e43851c1520452
2cd9e2f90b7eb07dbd293f184fdadd29f9e8c832900f263286824adfe64335e3
3090a30394e419136ac77416d9d5077933e8fd7c5e690a461dc8daf3f550b612
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3622029dda17b4fdb66c241b1f8fc832be525769dfa77acccc2fd389397ea727
3b1a41ef6e520ccfb7da8ecfff3ed5f9d276193132b937607e27a0fab89edac5
3be4c8ab4337ede483b9ced31b0c78af089a8cfb042b8041b3cc649d40152d0d
55f017283179055aaeb5642ae7bae973299c19504016022e279e9f9d653c2a52
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b5dd9587b7249089c80f5d2b5ac80920a5b6c3e512cb05b7a85709288d28063
5bd0328ec28368afef4fa1bff181a33644f51aa021c90b4f1a869708489bc475
5cf99bbfc52b461f978922fda19956c98757fe321ad1b0cf5368cda173ed8208
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64e8234b1ab0569ca81255b32fd438be3d946b85c9c823c75a9f29b809922b47
6ac37d8b0b621cac6a9f0990c536c94df9535f882604dc66b2b43931767f4ffc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc76f07da907256a0e575a2cd808d4683553faaa496461337758b5101cb0502
74d5d173d6eadd8213c6fbd8e7ecaf6df14c9701b05daa5f809e6c6fb732dbf9
74f75d5ead98a1553d181ed1daef5704a7cdcc50c2449e110df7dc50d28e0e82
78e93bdfb9b022507c14f50d3c61d6070632df07b54aab1c312194153ffd2848
7a0f7314c90ef47ac8df7983925da479513b86ef88c686fee87d3fdaf2dc0579
86cbfb8b1444b2feaae5806c7eb7b6ca7084e0f63369e32ca6ec54e0bf3a38cd
8d98659d038a77359ddcf43ae33401b23c5a79f86024cc249db21160cea29799
90e56a8320b87b465193b1bda1641a8eff43429ab89053c3b12d03c94adf71fe
941e95cd6ea931afdeef660b66dcdf781561de026016a276fac4b97ae56b28a8
9f2818f410c9ec914d63aa775b2d350eb989a8eaa319f8443755bc7bc4e63245
9f797131da783a676e683c602c3695e7d3bf35ba9dffcee5ac4676f0199cfa74
a28b2d00428a6560bc73f1ae23b07e495f72e58d6e9c8677f71d9e94c352356f
acb0dda6b68f38e82b26aebd61b4e4b0caa73558fbc2bcd072f1e7594978d0c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2
ba554d0e7da554af81cd375e390468c282c884dd6e588f5885f16cd48fa140a3
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
cf3b98e03edb76cf9cb705eb2ca350f509cb98285636daa449971093a1e564a4
d91ad63c8e48d320bf03a4795b53f16630bebcc316ec387cd435f95cb480bcd1
db74c8178c808b414d068d1b353d87b5ea1f147b3d9f11ce345f663e8542ad25
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82b34c630b6e6e9dc792e128217ebc78bad2f58e9ccc0783140565d24e5fb40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa595716cdcf0eb72d326cab620732c656a18660a7ae5f428b50a2810ee342f0

www.startsiden.no Open in urlscan Pro 87.238.33.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

54 %IPv6

17 Domains

30 Subdomains

25 IPs

5 Countries

1157 kBTransfer

3598 kBSize

23 Cookies

17 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.startsiden.no Open in urlscan Pro
87.238.33.153 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

54 %
IPv6

17
Domains

30
Subdomains

25
IPs

5
Countries

1157 kB
Transfer

3598 kB
Size

23
Cookies

60 HTTP transactions
14 data transactions