urlscan.io logo urlscan.io
SecurityTrails logo

d48zp.shbzek.com Open in urlscan Pro
185.56.234.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bergensmagasinet.no/
Effective URL: https://d48zp.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=4357...
Submission: On June 13 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 87 HTTP transactions. The main IP is 185.56.234.205, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is d48zp.shbzek.com.
TLS certificate: Issued by R3 on April 4th 2023. Valid for: 3 months.
This is the only time d48zp.shbzek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    185.7.62.199 (Germany)

ASN39783 (RENTARACK-AS, DE)
bergensmagasinet.no
1    91.238.104.193 (Ukraine)

ASN50321 (BYTES-AS, UA)
collect.clickandanalytics.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    194.135.30.210 (Madrid, Spain)

ASN50321 (BYTES-AS, UA)
statistic.scriptsplatform.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2.59.222.113 (Kyiv, Ukraine)

ASN209155 (ONEHOSTPLANET, CZ)
come.clickandanalytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    185.56.234.205 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
shbzek.com
vq84b.shbzek.com
vq4hr.shbzek.com
6qchx.shbzek.com
61ras.shbzek.com
7dzkr.shbzek.com
nf8ut.shbzek.com
zqgsr.shbzek.com
i32qx.shbzek.com
d48zp.shbzek.com
11    2606:4700:3035::6815:18e9 (United States)

ASN13335 (CLOUDFLARENET, US)
ulmoyc.com
1    2a02:b4a:1:7::9165:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
azkcqs.com
Apex Domain
Subdomains		 Transfer
25 bergensmagasinet.no
bergensmagasinet.no
953 KB
11 ulmoyc.com
ulmoyc.com — Cisco Umbrella Rank: 39083
52 KB
10 shbzek.com
shbzek.com — Cisco Umbrella Rank: 278596
vq84b.shbzek.com
vq4hr.shbzek.com
6qchx.shbzek.com
61ras.shbzek.com
7dzkr.shbzek.com
nf8ut.shbzek.com
zqgsr.shbzek.com
i32qx.shbzek.com
d48zp.shbzek.com
129 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
210 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
region1.google-analytics.com — Cisco Umbrella Rank: 1892
21 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 106
www.google.com — Cisco Umbrella Rank: 3
2 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
47 KB
3 clickandanalytics.com
collect.clickandanalytics.com — Cisco Umbrella Rank: 282947
come.clickandanalytics.com — Cisco Umbrella Rank: 252528 Failed
3 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com Failed
58 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
149 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
1 azkcqs.com
azkcqs.com — Cisco Umbrella Rank: 22552 Failed
100 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1086
609 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
2 KB
1 scriptsplatform.com
statistic.scriptsplatform.com — Cisco Umbrella Rank: 242179
3 KB
0 ecrwqu.com Failed
ecrwqu.com Failed
0 googletagservices.com Failed
www.googletagservices.com Failed
87 17
Domain Requested by
25 bergensmagasinet.no 2 redirects bergensmagasinet.no
11 ulmoyc.com shbzek.com
ulmoyc.com
vq84b.shbzek.com
vq4hr.shbzek.com
6qchx.shbzek.com
61ras.shbzek.com
7dzkr.shbzek.com
nf8ut.shbzek.com
zqgsr.shbzek.com
i32qx.shbzek.com
d48zp.shbzek.com
5 pagead2.googlesyndication.com bergensmagasinet.no
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 come.clickandanalytics.com statistic.scriptsplatform.com
come.clickandanalytics.com
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com bergensmagasinet.no
www.google-analytics.com
2 www.googletagmanager.com bergensmagasinet.no
www.google-analytics.com
2 fonts.googleapis.com bergensmagasinet.no
googleads.g.doubleclick.net
1 d48zp.shbzek.com i32qx.shbzek.com
1 i32qx.shbzek.com zqgsr.shbzek.com
1 zqgsr.shbzek.com nf8ut.shbzek.com
1 nf8ut.shbzek.com 7dzkr.shbzek.com
1 7dzkr.shbzek.com 61ras.shbzek.com
1 61ras.shbzek.com 6qchx.shbzek.com
1 6qchx.shbzek.com vq4hr.shbzek.com
1 vq4hr.shbzek.com vq84b.shbzek.com
1 vq84b.shbzek.com shbzek.com
1 azkcqs.com shbzek.com
vq84b.shbzek.com
1 shbzek.com come.clickandanalytics.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnjs.cloudflare.com bergensmagasinet.no
1 statistic.scriptsplatform.com collect.clickandanalytics.com
1 collect.clickandanalytics.com bergensmagasinet.no
0 ecrwqu.com Failed d48zp.shbzek.com
0 www.googletagservices.com Failed googleads.g.doubleclick.net
0 www.gstatic.com Failed googleads.g.doubleclick.net
87 31

This site contains no links.

Subject Issuer Validity Valid
bergensmagasinet.no
R3		 2023-06-10 -
2023-09-08		 3 months crt.sh
collect.clickandanalytics.com
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
statistic.scriptsplatform.com
R3		 2023-05-15 -
2023-08-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
come.clickandanalytics.com
R3		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
shbzek.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
azkcqs.com
R3		 2023-04-27 -
2023-07-26		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://d48zp.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=9
Frame ID: 96076746AE5D1246248BCFB677B9AAE9
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230608/r20190131/zrt_lookup.html
Frame ID: 0D9153AAD327C43882AF4B4430439630
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1266316915294572&output=html&adk=1812271804&adf=3025194257&lmt=1686639384&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fbergensmagasinet.no%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686649439318&bpp=10&bdt=1052&idt=491&shv=r20230608&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3131742900314&frm=20&pv=2&ga_vid=928739999.1686649439&ga_sid=1686649440&ga_hid=1491281731&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442&oid=2&pvsid=1120134769775120&tmod=1664524653&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=531
Frame ID: 0975EB0D7EAB8A23A5A27B4C68C198DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1266316915294572&output=html&h=250&adk=3873033390&adf=932193573&pi=t.aa~a.1192212056~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1686639384&rafmt=1&to=qs&pwprc=2517853031&format=310x250&url=https%3A%2F%2Fbergensmagasinet.no%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686649440217&bpp=5&bdt=1952&idt=5&shv=r20230608&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7aac31de3cd2c836-227e672074e1002b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MZbrVXJFTmr7jniGX0gPRnGRy987g&gpic=UID%3D00000c4d5450684b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MYHc4kqp6T-Cv7FOKDQOeep1k2nyg&prev_fmts=0x0&nras=2&correlator=3131742900314&frm=20&pv=1&ga_vid=928739999.1686649439&ga_sid=1686649440&ga_hid=1491281731&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1055&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442&oid=2&pvsid=1120134769775120&tmod=1664524653&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=M62SWfeeRk&p=https%3A//bergensmagasinet.no&dtd=16
Frame ID: 67A4C647F16FB18CFC49A7534A7A2DE7
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0E6E8E3EB8F25C21353CD7E99F44B84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD9C300F8DF3A9DF2A8E2C863BE4CD3E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bergensmagasinet.no/ HTTP 301
    https://bergensmagasinet.no/ Page URL
  2. https://come.clickandanalytics.com/to.php?check=35&pid=346364&sid=4367 Page URL
  3. https://come.clickandanalytics.com/went.php HTTP 302
    https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  4. https://vq84b.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  5. https://vq4hr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  6. https://6qchx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  7. https://61ras.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  8. https://7dzkr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  9. https://nf8ut.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  10. https://zqgsr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  11. https://i32qx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL
  12. https://d48zp.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNy... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

85 %
HTTPS

74 %
IPv6

17
Domains

31
Subdomains

20
IPs

5
Countries

1629 kB
Transfer

3972 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bergensmagasinet.no/ HTTP 301
    https://bergensmagasinet.no/ Page URL
  2. https://come.clickandanalytics.com/to.php?check=35&pid=346364&sid=4367 Page URL
  3. https://come.clickandanalytics.com/went.php HTTP 302
    https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel Page URL
  4. https://vq84b.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=1 Page URL
  5. https://vq4hr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=2 Page URL
  6. https://6qchx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=3 Page URL
  7. https://61ras.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=4 Page URL
  8. https://7dzkr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=5 Page URL
  9. https://nf8ut.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=6 Page URL
  10. https://zqgsr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=7 Page URL
  11. https://i32qx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=8 Page URL
  12. https://d48zp.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bergensmagasinet.no/ HTTP 301
  • https://bergensmagasinet.no/
Request Chain 15
  • https://bergensmagasinet.no/wp-content/themes/accesspress-mag-pro/images/slight-border.jpg HTTP 301
  • https://bergensmagasinet.no/aktuelt/magisk-badstue-ved-skomakerdiket/
Request Chain 66
  • https://come.clickandanalytics.com/went.php HTTP 302
  • https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bergensmagasinet.no/
Redirect Chain
  • http://bergensmagasinet.no/
  • https://bergensmagasinet.no/
70 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
217a1c73ac91bb7a4d96fe203aa5a473b1a773a81852ff19b5d9da3059be09f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
16108
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Jun 2023 09:43:58 GMT
Expires
Tue, 13 Jun 2023 09:43:58 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 13 Jun 2023 06:56:24 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
321
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 13 Jun 2023 09:43:58 GMT
Keep-Alive
timeout=5, max=100
Location
https://bergensmagasinet.no/
Server
Apache/2.4.18 (Ubuntu)
trackstart
collect.clickandanalytics.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.clickandanalytics.com/trackstart
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.238.104.193 , Ukraine, ASN50321 (BYTES-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
d971ad919ca1b24b8d3d4a06eca8ffb097381f37e675d38d8c6e102f3d2c8418

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Jun 2023 09:43:58 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1798
Expires
0
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%7COpen%20Sans%3A400%7COswald%3A400%7CDosis%3A400%7CRoboto%3A400%7COpen%20Sans%3A300%7CRoboto%3A400%7CRoboto%3A400%7CRoboto%3A400%7COpen%20Sans%3A400%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%7CRaleway%3A300%7COpen%20Sans%7CRaleway%7CRaleway%7CRaleway%7COpen%20Sans%3A300%7CRaleway&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ckhmer%2Cdevanagari%2Carabic%2Chebrew%2Ctelugu&display=swap
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46285d2b53a108f52509fc211e857361f846cb21923fcfec2ad254fcf30670fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Jun 2023 09:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 09:43:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jun 2023 09:43:58 GMT
05af750acc839ca8c0e8984607e4956b.css
bergensmagasinet.no/wp-content/cache/min/1/ 		944 KB
126 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0fe34daf93096af77bd622adc850ccc1fb3db58264df0c47e59565a80a3193c1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 09:11:06 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Wed, 12 Jun 2024 09:43:58 GMT
jquery.min-3.6.4.js
bergensmagasinet.no/wp-content/cache/busting/1/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bergensmagasinet.no/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.6.4.js
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 09:09:59 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
31049
Expires
Wed, 12 Jun 2024 09:43:58 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CS3TB7ETEW
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d79960d8904eabec5ee17c178d82fc4caf373bb7aff8e304565b6d4a8bb9c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:43:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73418
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Jun 2023 09:43:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1266316915294572&host=ca-host-pub-2644536267352236
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bergensmagasinet.no/
Origin
https://bergensmagasinet.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47482
x-xss-protection
0
server
cafe
etag
10266297035138798301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Jun 2023 09:43:58 GMT
lazyload.min.js
bergensmagasinet.no/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bergensmagasinet.no/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 13:03:10 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2145
Expires
Wed, 12 Jun 2024 09:43:58 GMT
8d15b3a382e860753e7e1cce61fbc738.js
bergensmagasinet.no/wp-content/cache/min/1/ 		596 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bergensmagasinet.no/wp-content/cache/min/1/8d15b3a382e860753e7e1cce61fbc738.js
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
80027551f142130ce86cac4b0e46529cafa4c3c5c2747bb73baedf8111e0b0a0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2023 09:39:30 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Wed, 12 Jun 2024 09:43:58 GMT
collect
statistic.scriptsplatform.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statistic.scriptsplatform.com/collect
Requested by
Host: collect.clickandanalytics.com
URL: https://collect.clickandanalytics.com/trackstart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.135.30.210 Madrid, Spain, ASN50321 (BYTES-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Jun 2023 09:43:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1965
Expires
0
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Jun 2023 09:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2350
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 13 Jun 2023 11:04:48 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
320dc0f72ca2a92b8d9405c063040621217effd92a8bff4f1f7b59a61c41326a

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46fa2d009b39d3fc221ecfb8e39ff7716efd9952f213668b5b68bd31364cc1eb

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/svg+xml
header-ny-6.jpg
bergensmagasinet.no/wp-content/uploads/2016/04/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2016/04/header-ny-6.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4c9da2641a3762bf20406a457f3510753f6a2d6e9b6402a86e489f09b289d6d6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Sun, 29 Nov 2020 10:06:43 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
149255
Expires
Wed, 11 Oct 2023 09:43:58 GMT
/
bergensmagasinet.no/aktuelt/magisk-badstue-ved-skomakerdiket/
Redirect Chain
  • https://bergensmagasinet.no/wp-content/themes/accesspress-mag-pro/images/slight-border.jpg
  • https://bergensmagasinet.no/aktuelt/magisk-badstue-ved-skomakerdiket/
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/aktuelt/magisk-badstue-ved-skomakerdiket/
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
Protocol
HTTP/1.1
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:44:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Jun 2023 03:37:14 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
23766
Expires
Tue, 13 Jun 2023 09:44:00 GMT

Redirect headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Content-Encoding
gzip
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Location
https://bergensmagasinet.no/aktuelt/magisk-badstue-ved-skomakerdiket/
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://bergensmagasinet.no/wp-json/>; rel="https://api.w.org/"
Content-Length
91
Keep-Alive
timeout=5, max=96
Expires
Wed, 11 Jan 1984 05:00:00 GMT
slight-border.png
bergensmagasinet.no/wp-content/themes/accesspress-mag-pro/images/ 		104 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/themes/accesspress-mag-pro/images/slight-border.png
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e2cbf1cdd44b68cc1b45f1ef90c5fa6590b4f790370e0b4e20989939a6d8496b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Mon, 30 Nov 2020 10:56:39 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
104
Expires
Wed, 11 Oct 2023 09:43:58 GMT
fontawesome-webfont.woff2
bergensmagasinet.no/wp-content/themes/accesspress-mag-pro/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bergensmagasinet.no/wp-content/themes/accesspress-mag-pro/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://bergensmagasinet.no/wp-content/cache/min/1/05af750acc839ca8c0e8984607e4956b.css
Origin
https://bergensmagasinet.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Apr 2016 17:48:41 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Expires
Thu, 13 Jul 2023 09:43:58 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%7COpen%20Sans%3A400%7COswald%3A400%7CDosis%3A400%7CRoboto%3A400%7COpen%20Sans%3A300%7CRoboto%3A400%7CRoboto%3A400%7CRoboto%3A400%7COpen%20Sans%3A400%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%7CRaleway%3A300%7COpen%20Sans%7CRaleway%7CRaleway%7CRaleway%7COpen%20Sans%3A300%7CRaleway&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ckhmer%2Cdevanagari%2Carabic%2Chebrew%2Ctelugu&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bergensmagasinet.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 00:55:03 GMT
x-content-type-options
nosniff
age
290935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9840
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 00:55:03 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%7COpen%20Sans%3A400%7COswald%3A400%7CDosis%3A400%7CRoboto%3A400%7COpen%20Sans%3A300%7CRoboto%3A400%7CRoboto%3A400%7CRoboto%3A400%7COpen%20Sans%3A400%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%3A300%7COpen%20Sans%7CRaleway%3A300%7COpen%20Sans%7CRaleway%7CRaleway%7CRaleway%7COpen%20Sans%3A300%7CRaleway&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%2Clatin-ext%2Ccyrillic%2Ckhmer%2Cdevanagari%2Carabic%2Chebrew%2Ctelugu&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bergensmagasinet.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 05:45:28 GMT
x-content-type-options
nosniff
age
273510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 05:45:28 GMT
bergensmagasinet.png
bergensmagasinet.no/wp-content/uploads/2016/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2016/04/bergensmagasinet.png
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
589214b9f4146db5bd2560f0a711f8424e9ce28116521292ed8775476642b732

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Sun, 29 Nov 2020 10:06:30 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3944
Expires
Wed, 11 Oct 2023 09:43:58 GMT
facebook.png
bergensmagasinet.no/wp-content/plugins/accesspress-social-icons/icon-sets/png/set5/ 		980 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/plugins/accesspress-social-icons/icon-sets/png/set5/facebook.png
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0882c1cd9164efd85b938228dc25f00b8024132a355c4a15cad2c4cb6cc3e893

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Sun, 11 Sep 2022 09:45:57 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
980
Expires
Wed, 11 Oct 2023 09:43:58 GMT
instagram.png
bergensmagasinet.no/wp-content/plugins/accesspress-social-icons/icon-sets/png/set5/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/plugins/accesspress-social-icons/icon-sets/png/set5/instagram.png
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bbb84054a899c267cde39320e9eff2a409414c4d8f0489484bd3c32485b57c17

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Sun, 11 Sep 2022 09:45:57 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
16220
Expires
Wed, 11 Oct 2023 09:43:58 GMT
Fersk-fisk-rett-fra-bat.jpg
bergensmagasinet.no/wp-content/uploads/2022/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2022/07/Fersk-fisk-rett-fra-bat.jpg?pas=10318209582306130656
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7585c4a70a524edcee0549a8b64c867a09effb7b4206caf8d4c0280fa5a5a524

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Fri, 08 Jul 2022 05:43:06 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14014
Expires
Wed, 11 Oct 2023 09:43:58 GMT
52874761209_4ef829764d_o-kopi-326x235.jpg
bergensmagasinet.no/wp-content/uploads/2023/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2023/05/52874761209_4ef829764d_o-kopi-326x235.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
866f15307b12428f65b4415bf8df100638adcd1dcc6c182c292897b53996fd50

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Wed, 24 May 2023 08:53:22 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26238
Expires
Wed, 11 Oct 2023 09:43:58 GMT
Selvik1-326x235.jpg
bergensmagasinet.no/wp-content/uploads/2016/06/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2016/06/Selvik1-326x235.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
678a6d513b3b07f7130f04c245179a45781d87b532829f7415d7a77360c1a09d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Mon, 20 Jun 2016 13:26:57 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
12269
Expires
Wed, 11 Oct 2023 09:43:58 GMT
Roger-Iversen-326x235.jpg
bergensmagasinet.no/wp-content/uploads/2016/05/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2016/05/Roger-Iversen-326x235.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7c59cb6a2ef1a72afa55c8f5151ee30e48b15088a257cc3696bc162c36b69369

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Thu, 26 May 2016 03:20:08 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
19860
Expires
Wed, 11 Oct 2023 09:43:58 GMT
20230329_091311-e1680766886226-554x305.jpg
bergensmagasinet.no/wp-content/uploads/2023/04/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2023/04/20230329_091311-e1680766886226-554x305.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1beb33a7e2834f9d8e315f9dd4c0d3259e91e4bb586b210647122a9bfc7fce2c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:58 GMT
Last-Modified
Thu, 06 Apr 2023 07:41:26 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
49127
Expires
Wed, 11 Oct 2023 09:43:58 GMT
bib-sfo-e1680765960218-554x305.jpg
bergensmagasinet.no/wp-content/uploads/2023/04/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2023/04/bib-sfo-e1680765960218-554x305.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:59 GMT
Last-Modified
Thu, 06 Apr 2023 07:26:01 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
44967
Expires
Wed, 11 Oct 2023 09:43:59 GMT
Hovedbilde-ViseBasar-Manager-Janicke-Vindenaes-Karlsen-oensker-velkommen-e1680765204164-554x305.jpg
bergensmagasinet.no/wp-content/uploads/2023/04/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2023/04/Hovedbilde-ViseBasar-Manager-Janicke-Vindenaes-Karlsen-oensker-velkommen-e1680765204164-554x305.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:59 GMT
Last-Modified
Thu, 06 Apr 2023 07:13:25 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
36853
Expires
Wed, 11 Oct 2023 09:43:59 GMT
ulv-554x305.jpg
bergensmagasinet.no/wp-content/uploads/2023/04/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2023/04/ulv-554x305.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fbdd753e49b0a78b3db5b368166dedd4f22e6c7717f43a3f2b2593a384ff58ac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:59 GMT
Last-Modified
Tue, 04 Apr 2023 14:08:46 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
23627
Expires
Wed, 11 Oct 2023 09:43:59 GMT
vestlandskeheiltremoblar.jpg
bergensmagasinet.no/wp-content/uploads/2020/03/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2020/03/vestlandskeheiltremoblar.jpg?pas=20330160882306130656
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:59 GMT
Last-Modified
Tue, 24 Nov 2020 11:22:16 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
40671
Expires
Wed, 11 Oct 2023 09:43:59 GMT
BM_forside-04-03-23.jpg
bergensmagasinet.no/wp-content/uploads/2023/04/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2023/04/BM_forside-04-03-23.jpg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:59 GMT
Last-Modified
Mon, 03 Apr 2023 05:45:34 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
61345
Expires
Wed, 11 Oct 2023 09:43:59 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.6.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3684503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1065
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gy3mkioKeKwXLPKQDQpbbH6xvAfrXRdAWHOVt%2F6qEONGoJuDXj8B7AGX0GXZpcrqDeK3jAuBgT906cnciuIzTKvZ7ZpmHHS%2FH12bu9NeuGJQAYyGsizTZzUcFx3tZhoY4o0VRUb0KxlrYQccj49zyLTP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d6964721ca0b524-OSL
expires
Sun, 02 Jun 2024 09:43:59 GMT
BERGEN-INNEKLIMA1-toshiba-signatur-granitt-388x258.jpeg
bergensmagasinet.no/wp-content/uploads/2022/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bergensmagasinet.no/wp-content/uploads/2022/12/BERGEN-INNEKLIMA1-toshiba-signatur-granitt-388x258.jpeg
Requested by
Host: bergensmagasinet.no
URL: https://bergensmagasinet.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.62.199 , Germany, ASN39783 (RENTARACK-AS, DE),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 09:43:59 GMT
Last-Modified
Tue, 20 Dec 2022 19:24:45 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
20216
Expires
Wed, 11 Oct 2023 09:43:59 GMT
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1491281731&t=pageview&_s=1&dl=https%3A%2F%2Fbergensmagasinet.no%2F&ul=en-us&de=UTF-8&dt=St%C3%B8rst%20i%20Bergen%20%7C%20Bergensmagasinet.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=236197169&gjid=738852086&cid=928739999.1686649439&tid=UA-76455198-1&_gid=1314539485.1686649439&_r=1&_slc=1&z=1258772161
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bergensmagasinet.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 09:43:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bergensmagasinet.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CS3TB7ETEW&gtm=45je36c0&_p=1491281731&gdid=dZTNiMT&cid=928739999.1686649439&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686649439&sct=1&seg=0&dl=https%3A%2F%2Fbergensmagasinet.no%2F&dt=St%C3%B8rst%20i%20Bergen%20%7C%20Bergensmagasinet.no&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS3TB7ETEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 09:43:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bergensmagasinet.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1266316915294572&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120788
x-xss-protection
0
server
cafe
etag
11369294074879822774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Jun 2023 09:43:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230608/r20190131/ Frame 0D91 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230608/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1266316915294572&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bergensmagasinet.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
39764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 22:41:15 GMT
etag
15057649708203361565
expires
Mon, 26 Jun 2023 22:41:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4CTCCXFWGW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:43:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78920
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Jun 2023 09:43:59 GMT
to.php
come.clickandanalytics.com/ 		0
0
to.php
come.clickandanalytics.com/ 		155 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://come.clickandanalytics.com/to.php?check=35&pid=346364&sid=4367
Requested by
Host: statistic.scriptsplatform.com
URL: https://statistic.scriptsplatform.com/collect
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.59.222.113 Kyiv, Ukraine, ASN209155 (ONEHOSTPLANET, CZ),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://bergensmagasinet.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-length
126
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:00 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
collect
region1.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4CTCCXFWGW&gtm=45je36c0&_p=1491281731&gdid=dZTNiMT&ul=en-us&sr=1600x1200&cid=928739999.1686649439&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&ngs=1&_s=1&dl=https%3A%2F%2Fbergensmagasinet.no%2F&dt=St%C3%B8rst%20i%20Bergen%20%7C%20Bergensmagasinet.no&sid=1686649439&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4CTCCXFWGW&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jun 2023 09:43:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bergensmagasinet.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		405 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bergensmagasinet.no&callback=_gfp_s_&client=ca-pub-1266316915294572
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bergensmagasinet.no
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0975 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1266316915294572&output=html&adk=1812271804&adf=3025194257&lmt=1686639384&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fbergensmagasinet.no%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686649439318&bpp=10&bdt=1052&idt=491&shv=r20230608&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3131742900314&frm=20&pv=2&ga_vid=928739999.1686649439&ga_sid=1686649440&ga_hid=1491281731&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442&oid=2&pvsid=1120134769775120&tmod=1664524653&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=531
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bergensmagasinet.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5573
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Jun 2023 09:44:00 GMT
expires
Tue, 13 Jun 2023 09:44:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230608&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11239
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 09:44:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bergensmagasinet.no
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bergensmagasinet.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 67A4 		103 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1266316915294572&output=html&h=250&adk=3873033390&adf=932193573&pi=t.aa~a.1192212056~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1686639384&rafmt=1&to=qs&pwprc=2517853031&format=310x250&url=https%3A%2F%2Fbergensmagasinet.no%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686649440217&bpp=5&bdt=1952&idt=5&shv=r20230608&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7aac31de3cd2c836-227e672074e1002b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MZbrVXJFTmr7jniGX0gPRnGRy987g&gpic=UID%3D00000c4d5450684b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MYHc4kqp6T-Cv7FOKDQOeep1k2nyg&prev_fmts=0x0&nras=2&correlator=3131742900314&frm=20&pv=1&ga_vid=928739999.1686649439&ga_sid=1686649440&ga_hid=1491281731&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1055&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442&oid=2&pvsid=1120134769775120&tmod=1664524653&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=M62SWfeeRk&p=https%3A//bergensmagasinet.no&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1266316915294572&plah=bergensmagasinet.no
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bergensmagasinet.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
37118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Jun 2023 09:44:00 GMT
expires
Tue, 13 Jun 2023 09:44:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0E6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bergensmagasinet.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
6096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Jun 2023 08:02:24 GMT
expires
Wed, 12 Jun 2024 08:02:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD9C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bITN9-vkULq8Pn8RnHmyLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bergensmagasinet.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-bITN9-vkULq8Pn8RnHmyLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Jun 2023 09:44:00 GMT
expires
Tue, 13 Jun 2023 09:44:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame F0E6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 17:04:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
59966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 17:04:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BD9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230608&jk=1120134769775120&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F0E6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0ft8cA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fe45c9c91f95c633caaca753c989e180.js
www.gstatic.com/mysidia/ Frame 67A4 		0
0
2333a2bf7b89f6733c32260158039db2.js
www.gstatic.com/mysidia/ Frame 67A4 		0
0
css
fonts.googleapis.com/ Frame 67A4 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1266316915294572&output=html&h=250&adk=3873033390&adf=932193573&pi=t.aa~a.1192212056~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1686639384&rafmt=1&to=qs&pwprc=2517853031&format=310x250&url=https%3A%2F%2Fbergensmagasinet.no%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686649440217&bpp=5&bdt=1952&idt=5&shv=r20230608&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7aac31de3cd2c836-227e672074e1002b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MZbrVXJFTmr7jniGX0gPRnGRy987g&gpic=UID%3D00000c4d5450684b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MYHc4kqp6T-Cv7FOKDQOeep1k2nyg&prev_fmts=0x0&nras=2&correlator=3131742900314&frm=20&pv=1&ga_vid=928739999.1686649439&ga_sid=1686649440&ga_hid=1491281731&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1055&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442&oid=2&pvsid=1120134769775120&tmod=1664524653&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=M62SWfeeRk&p=https%3A//bergensmagasinet.no&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Jun 2023 09:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 08:52:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jun 2023 09:44:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/ Frame 67A4 		0
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/ Frame 67A4 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/ Frame 67A4 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/ Frame 67A4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1266316915294572&output=html&h=250&adk=3873033390&adf=932193573&pi=t.aa~a.1192212056~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1686639384&rafmt=1&to=qs&pwprc=2517853031&format=310x250&url=https%3A%2F%2Fbergensmagasinet.no%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686649440217&bpp=5&bdt=1952&idt=5&shv=r20230608&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7aac31de3cd2c836-227e672074e1002b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MZbrVXJFTmr7jniGX0gPRnGRy987g&gpic=UID%3D00000c4d5450684b%3AT%3D1686649440%3ART%3D1686649440%3AS%3DALNI_MYHc4kqp6T-Cv7FOKDQOeep1k2nyg&prev_fmts=0x0&nras=2&correlator=3131742900314&frm=20&pv=1&ga_vid=928739999.1686649439&ga_sid=1686649440&ga_hid=1491281731&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1055&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442&oid=2&pvsid=1120134769775120&tmod=1664524653&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=M62SWfeeRk&p=https%3A//bergensmagasinet.no&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:17:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
51966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7977
x-xss-protection
0
server
cafe
etag
11528802260939709675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 19:17:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67A4 		0
0
d955217a3c39fa1d48035534c1a62142.js
www.gstatic.com/mysidia/ Frame 67A4 		0
0
collect
region1.google-analytics.com/g/ 		0
0
went.php
come.clickandanalytics.com/ 		0
0
checking-browser
shbzek.com/
Redirect Chain
  • https://come.clickandanalytics.com/went.php
  • https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel
25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel
Requested by
Host: come.clickandanalytics.com
URL: https://come.clickandanalytics.com/to.php?check=35&pid=346364&sid=4367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
5a0e24971f9acacd1f7ab578a2dc8465aee53bcc7e9788f5932e23b499bb3cb7

Request headers

Referer
https://come.clickandanalytics.com/to.php?check=35&pid=346364&sid=4367
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:01 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:01 GMT
location
https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel
server
nginx
strict-transport-security
max-age=15768000;
rpe
azkcqs.com/ 		0
0
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIn0=eyJwaWQ
Requested by
Host: shbzek.com
URL: https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3b13461141e1648dd3f2c13691c8eaef43b668e658888dd6b286f49d520e59

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"nXXL9YI3/EQV6RLxGng00T/7too"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Edj8Uo20Rya61gx2ACgsRpN8TX02SC7tFQb2L%2Fd8i6hYntquctX3LU3XrrTEXqTKn7Shan%2B5ZbsDug4%2BRIch%2BA6lWU4tqXbo2E7e1UK5Qi15btcjPBfzM%2FJSfUqV%2B%2FnozIDXshaTX%2Bk7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d696481cb0eb509-OSL
alt-svc
h3=":443"; ma=86400
fp.js
ulmoyc.com/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/fp.js?d=shbzek.com
Requested by
Host: ulmoyc.com
URL: https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIn0=eyJwaWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c320373d161ac236f775519e33b6daba0ec61e51c800e629c7f26997c800505

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:01 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 13 Jun 2023 09:44:00 GMT
max-age
0
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VocKJIBiP5BXr4wXyBY3DUjv8eZs9jNsRaSBmpEyczHBGzPWkzz6hs2%2B7EDa7le2Wp%2BGVTRtK%2BR%2B%2FEM%2BVPaDPvBZm24iH295%2FY6NzJW%2BtlDQiIN%2FOd4gjLc7vxyGNYp8UIvGm1RWECBU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
max-age=14400
x-zone
eu
cf-ray
7d6964824b99b509-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
vq84b.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vq84b.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=1
Requested by
Host: shbzek.com
URL: https://shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
d066c7bbd875e9cc656e213f57f1c4a8443f6266a11a7ea88af00b05c80847e7

Request headers

Referer
https://shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:01 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu3
rpe
azkcqs.com/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1222634&wd=456287&d=shbzek.com&tpl=44&rnd=0.2404926450690814&sbid=43571&sbid2=samuel
Requested by
Host: vq84b.shbzek.com
URL: https://vq84b.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://vq84b.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 13 Jun 2023 09:44:01 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjEifQ==eyJwaWQ
Requested by
Host: vq84b.shbzek.com
URL: https://vq84b.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f0cde8f83f59dbbca23a8d30e66a4ded9191ccba481bc4760fc35dc805d723

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://vq84b.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2QlQvJEm0S3QHQULPFFCfnergYw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCHPIwqBBNmdFZkxSDsAUwnnoyG5DYH%2FPMigYNMayVzza%2BF%2Fn5GzA9qucdBL9fCvndbsYLfjyG%2B8TefM0kMVBy3fxLCHllFDH9ux5YmPz9R10%2Bw7nG1QR7GMyJlYX7p9Iu6J7ikdZRiT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d696483dd280b65-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
vq4hr.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vq4hr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=2
Requested by
Host: vq84b.shbzek.com
URL: https://vq84b.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
7ba25907fcf2e99bc8af4e040dcebed6d088c434bbf5388d21110b72cc46174a

Request headers

Referer
https://vq84b.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:02 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu4
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjIifQ==eyJwaWQ
Requested by
Host: vq4hr.shbzek.com
URL: https://vq4hr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f51923a5078ee9046bfa92a00d544a52730f5b792b132c75573b908c8944c59

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://vq4hr.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"060VNUfyeh5X1rf+v9OnC1h+fXY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUuK98luGy1%2FB7vqmWaJS3SvMgAddXLdLZxYeBy0gdm5Vg7a7jiISPAWnFuehSbYS6mzyXLK4EAKdkAHH9QDI8fBRDJL15ZUD8%2F2LwWKf64aCaxaQ9qp8sic8cWqNaCMJnN1UCra0ASO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d6964857f140b65-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
6qchx.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6qchx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=3
Requested by
Host: vq4hr.shbzek.com
URL: https://vq4hr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
c0b4343be33935d14a827d5ec14f9faf63d374a6c56396e87edf4f6daf6c5c46

Request headers

Referer
https://vq4hr.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:02 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu4
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjMifQ==eyJwaWQ
Requested by
Host: 6qchx.shbzek.com
URL: https://6qchx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87dd2a662f38db635246a3798818041575299f2b0c1962f080b3fdd3fdb75046

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://6qchx.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"cUR3Kc1z324g19G3NPombILr1H8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6KpA81YZS24Q%2FKfVfb6nGTnYqwMENg07x57%2FtT4kH%2Ba2vqLQAjrKnaFEzXP0C8XwC3d8b%2FaksC9%2FPhxQMSYIEtoQnKp6YW0IGu6Cbzik0xCxUFLFj4nk7ZlJZDIhJcDwXMKgR1WQNXk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d69648718fe0b65-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
61ras.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://61ras.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=4
Requested by
Host: 6qchx.shbzek.com
URL: https://6qchx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
38ddc65304fec9c41a1770ec36f50d182e985c1f69975077fe334453bf7533b0

Request headers

Referer
https://6qchx.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:02 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu4
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjQifQ==eyJwaWQ
Requested by
Host: 61ras.shbzek.com
URL: https://61ras.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11641fd33b8f5dcd833716b1fe066e743c2477b90154d9553daf4c8b1a658fcc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://61ras.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2OBYkkzqBTqD4UmX2TIRUWmcdDM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVSo2iFw1tW7d1DdFxP%2FYIy%2Bh33FJ5dJIXIpr6F1b%2FQJOvlxlFLqWhooNfB6IuzHDTeOSE3J2VJoZk55PqDZi6ShAKBQdlIgnIJuozMzoFigqZUjXlSrD4Jl%2BE3srZf4EqnEfdKrqNZn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d6964899bfc0b65-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
7dzkr.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7dzkr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=5
Requested by
Host: 61ras.shbzek.com
URL: https://61ras.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
dd2eef5c7620e2b0e1ad076462d222bf59c5285ed25805d78a565aa6e027d89f

Request headers

Referer
https://61ras.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:02 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu3
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjUifQ==eyJwaWQ
Requested by
Host: 7dzkr.shbzek.com
URL: https://7dzkr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b0250cb63a6aabc42e48f690546afd9231f317d33d403363b42f4fe15821b7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://7dzkr.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"/f66w6rUeCCZMdbKMZE/AQEP6rc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nUJZGWkmyGUTF5SRg2saJNHIVgQKUf9sYI%2FIOx%2FEc%2FmAczd1rUY5ZXxOvfJ3nJ64E3n8BqLyQkltXtOzmxnjlJdPztGC0fhn8I9nKOmvssJEI8oVvAvxHMYA4QduBcLp17eryck3Wlj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d69648b2d980b65-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
nf8ut.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nf8ut.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=6
Requested by
Host: 7dzkr.shbzek.com
URL: https://7dzkr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
94eaabc7cd3a5db55a9802f369e5aebca313b892628b7ea71a8e57adac92d77f

Request headers

Referer
https://7dzkr.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:03 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjYifQ==eyJwaWQ
Requested by
Host: nf8ut.shbzek.com
URL: https://nf8ut.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37eb4011731bbf66d566a4fab9874ada74f82e45f8f183718dc1eec80e1a0ae4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://nf8ut.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ycS5WO+cD+WU3W9mSSJwwKkD8oQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXnvqSRwVohYPRSNEOmQPsyudkn%2FWvs9%2FxtckXI%2BRb%2F%2BQJG%2FwQL2t%2BcGQ%2BNxYsQLx0mQTkOE5HoSUQ2f93IpoJf6eyN%2FBxkKbImx4egrx5mZyQH94oC2F92fL%2Fd7aoSjbSoZPhcCRu%2Fb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d69648caf390b65-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
zqgsr.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zqgsr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=7
Requested by
Host: nf8ut.shbzek.com
URL: https://nf8ut.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
5622ce255a425e733316aaa6ae4abd0e898e05d36cbcc5d2dcb0110bc2926970

Request headers

Referer
https://nf8ut.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:03 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjcifQ==eyJwaWQ
Requested by
Host: zqgsr.shbzek.com
URL: https://zqgsr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad68af11ad46ad0479dd3b41d293b43997fbc8006197918e17b978ac9276cfc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://zqgsr.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"tO0PTcGwFDvlL9QBqaYCq0S3sxk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5uHTsLZ1fqBk2ddsY3ELESRjHUV6dxBkMSw7H68uCmDjqZ29cHwGGozgrYKdyP8HFN1Rw2jlP0n%2Fv2C5xmq7xpJrqLlc8T4MVhiU7q%2BTaMN8NH0naPs6SNNVaQQRu8k0w74R%2FcYencM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d69648e292a0b65-OSL
alt-svc
h3=":443"; ma=86400
checking-browser
i32qx.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i32qx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=8
Requested by
Host: zqgsr.shbzek.com
URL: https://zqgsr.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
804df9296f9c2163e6a30f13c39d6dceccb7f2be1779ada5b5c83d6d178bc14f

Request headers

Referer
https://zqgsr.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:03 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu4
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjgifQ==eyJwaWQ
Requested by
Host: i32qx.shbzek.com
URL: https://i32qx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f05f4fa60dc4f3daee4b0e6dd025359afb298f0e4d39911d75bbe442620cab58

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://i32qx.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"KAKJOfwb7NpP1dq5p5UxrOPi/Cs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDISqTiN%2BIlbYhzhn9YQ0Q66Me62BUXO4t0bMSVkyimqMg%2B251XAFGioKR2hofejwTec6v%2FcmX30iMpwihMq04RhtHA8JR%2ByX1YRWJEKIU9F8C6hUkb99M%2BTQOQVbD%2BefbBZ6rqfkt1v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d69648fbbe00b65-OSL
alt-svc
h3=":443"; ma=86400
Primary Request checking-browser
d48zp.shbzek.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d48zp.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=9
Requested by
Host: i32qx.shbzek.com
URL: https://i32qx.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
e6f0bbc9fb2618093c42fbf73fe3ba4d5324abc81256ca0cd1c5f2eb279755f6

Request headers

Referer
https://i32qx.shbzek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Jun 2023 09:44:03 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu4
sdk.js
ulmoyc.com/v1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6MiwicG0iOjJ9eyJ&d=shbzek.com&tpl=44&pbd=iOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNpMSI6IjQzNTcxIiwic2kyIjoic2FtdWVsIiwiaSI6IjkifQ==eyJwaWQ
Requested by
Host: d48zp.shbzek.com
URL: https://d48zp.shbzek.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODcsInNyYyI6Mn0=eyJ&si1=43571&si2=samuel&i=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:18e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3e838258415f21509e32145d6ee0ab95608b82c9cb896fa27488a4862cf4eb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://d48zp.shbzek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:44:04 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"cO4XHyc2CFTbUNtFEXLGhRjJaEc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm6siWw7YP3fxE8DTDGvqu9EMoHPvcbf9kR53zor7t0znnTMDtUGCixk6EoYvSUyv31b27RK5u%2BS7RePX0aAk8KOfkdBwqT%2BRVm0BTW0EnKOeA7llbmB0GUEwEghaMs1aqMMG0kbN%2FJk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://shbzek.com
cache-control
public, max-age=14400
x-zone
eu
cf-ray
7d6964922efc0b65-OSL
alt-svc
h3=":443"; ma=86400
phtbload
ecrwqu.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
come.clickandanalytics.com
URL
https://come.clickandanalytics.com/to.php?check=35&pid=346364&sid=4367
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/fe45c9c91f95c633caaca753c989e180.js?tag=client_fast_engine_2019
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/2333a2bf7b89f6733c32260158039db2.js?tag=text/vanilla_highlight
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/load_preloaded_resource_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/abg_lite_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20230608/r20110914/client/window_focus_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CS3TB7ETEW&gtm=45je36c0&_p=1491281731&gdid=dZTNiMT&cid=928739999.1686649439&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1686649439&sct=1&seg=0&dl=https%3A%2F%2Fbergensmagasinet.no%2F&dt=St%C3%B8rst%20i%20Bergen%20%7C%20Bergensmagasinet.no&en=user_engagement&_et=1800
Domain
come.clickandanalytics.com
URL
https://come.clickandanalytics.com/went.php
Domain
azkcqs.com
URL
https://azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1222634&wd=456287&d=shbzek.com&tpl=44&rnd=0.719513037549778&sbid=43571&sbid2=samuel
Domain
ecrwqu.com
URL
https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODd9

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

12 Cookies

Domain/Path Name / Value
.bergensmagasinet.no/ Name: _gid
Value: GA1.2.1314539485.1686649439
.bergensmagasinet.no/ Name: _gat
Value: 1
.bergensmagasinet.no/ Name: _ga
Value: GA1.1.928739999.1686649439
bergensmagasinet.no/ Name: simpeladus
Value: 1
.bergensmagasinet.no/ Name: _ga_4CTCCXFWGW
Value: GS1.2.1686649439.1.0.1686649439.0.0.0
.bergensmagasinet.no/ Name: __gads
Value: ID=7aac31de3cd2c836-227e672074e1002b:T=1686649440:RT=1686649440:S=ALNI_MZbrVXJFTmr7jniGX0gPRnGRy987g
.bergensmagasinet.no/ Name: __gpi
Value: UID=00000c4d5450684b:T=1686649440:RT=1686649440:S=ALNI_MYHc4kqp6T-Cv7FOKDQOeep1k2nyg
.doubleclick.net/ Name: id
Value: 226c41eb30e00094||t=1686649440|et=730|cs=002213fd48ef3f6193c192962b
.bergensmagasinet.no/ Name: _ga_CS3TB7ETEW
Value: GS1.1.1686649439.1.0.1686649441.0.0.0
.shbzek.com/ Name: truniq
Value: 1
.shbzek.com/ Name: ufp2
Value: 4edf4ed85e94b44a25f833abd710905c6dfcea17
.shbzek.com/ Name: prompt
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

61ras.shbzek.com
6qchx.shbzek.com
7dzkr.shbzek.com
adservice.google.com
azkcqs.com
bergensmagasinet.no
cdnjs.cloudflare.com
collect.clickandanalytics.com
come.clickandanalytics.com
d48zp.shbzek.com
ecrwqu.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i32qx.shbzek.com
nf8ut.shbzek.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
shbzek.com
statistic.scriptsplatform.com
tpc.googlesyndication.com
ulmoyc.com
vq4hr.shbzek.com
vq84b.shbzek.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zqgsr.shbzek.com
azkcqs.com
come.clickandanalytics.com
ecrwqu.com
region1.google-analytics.com
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
185.56.234.205
185.7.62.199
194.135.30.210
2.59.222.113
2001:4860:4802:34::36
2606:4700:3035::6815:18e9
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a02:b4a:1:7::9165:1
91.238.104.193
0882c1cd9164efd85b938228dc25f00b8024132a355c4a15cad2c4cb6cc3e893
0fe34daf93096af77bd622adc850ccc1fb3db58264df0c47e59565a80a3193c1
11641fd33b8f5dcd833716b1fe066e743c2477b90154d9553daf4c8b1a658fcc
19f0cde8f83f59dbbca23a8d30e66a4ded9191ccba481bc4760fc35dc805d723
1ad68af11ad46ad0479dd3b41d293b43997fbc8006197918e17b978ac9276cfc
1beb33a7e2834f9d8e315f9dd4c0d3259e91e4bb586b210647122a9bfc7fce2c
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
217a1c73ac91bb7a4d96fe203aa5a473b1a773a81852ff19b5d9da3059be09f7
320dc0f72ca2a92b8d9405c063040621217effd92a8bff4f1f7b59a61c41326a
37eb4011731bbf66d566a4fab9874ada74f82e45f8f183718dc1eec80e1a0ae4
38ddc65304fec9c41a1770ec36f50d182e985c1f69975077fe334453bf7533b0
46285d2b53a108f52509fc211e857361f846cb21923fcfec2ad254fcf30670fd
46fa2d009b39d3fc221ecfb8e39ff7716efd9952f213668b5b68bd31364cc1eb
4c9da2641a3762bf20406a457f3510753f6a2d6e9b6402a86e489f09b289d6d6
5622ce255a425e733316aaa6ae4abd0e898e05d36cbcc5d2dcb0110bc2926970
589214b9f4146db5bd2560f0a711f8424e9ce28116521292ed8775476642b732
5a0e24971f9acacd1f7ab578a2dc8465aee53bcc7e9788f5932e23b499bb3cb7
5c320373d161ac236f775519e33b6daba0ec61e51c800e629c7f26997c800505
5f3e838258415f21509e32145d6ee0ab95608b82c9cb896fa27488a4862cf4eb
5f51923a5078ee9046bfa92a00d544a52730f5b792b132c75573b908c8944c59
678a6d513b3b07f7130f04c245179a45781d87b532829f7415d7a77360c1a09d
7585c4a70a524edcee0549a8b64c867a09effb7b4206caf8d4c0280fa5a5a524
7ba25907fcf2e99bc8af4e040dcebed6d088c434bbf5388d21110b72cc46174a
7c59cb6a2ef1a72afa55c8f5151ee30e48b15088a257cc3696bc162c36b69369
80027551f142130ce86cac4b0e46529cafa4c3c5c2747bb73baedf8111e0b0a0
804df9296f9c2163e6a30f13c39d6dceccb7f2be1779ada5b5c83d6d178bc14f
866f15307b12428f65b4415bf8df100638adcd1dcc6c182c292897b53996fd50
87dd2a662f38db635246a3798818041575299f2b0c1962f080b3fdd3fdb75046
8d79960d8904eabec5ee17c178d82fc4caf373bb7aff8e304565b6d4a8bb9c32
8f3b13461141e1648dd3f2c13691c8eaef43b668e658888dd6b286f49d520e59
94eaabc7cd3a5db55a9802f369e5aebca313b892628b7ea71a8e57adac92d77f
a8b0250cb63a6aabc42e48f690546afd9231f317d33d403363b42f4fe15821b7
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bbb84054a899c267cde39320e9eff2a409414c4d8f0489484bd3c32485b57c17
c0b4343be33935d14a827d5ec14f9faf63d374a6c56396e87edf4f6daf6c5c46
d066c7bbd875e9cc656e213f57f1c4a8443f6266a11a7ea88af00b05c80847e7
d971ad919ca1b24b8d3d4a06eca8ffb097381f37e675d38d8c6e102f3d2c8418
dd2eef5c7620e2b0e1ad076462d222bf59c5285ed25805d78a565aa6e027d89f
e2cbf1cdd44b68cc1b45f1ef90c5fa6590b4f790370e0b4e20989939a6d8496b
e6f0bbc9fb2618093c42fbf73fe3ba4d5324abc81256ca0cd1c5f2eb279755f6
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f05f4fa60dc4f3daee4b0e6dd025359afb298f0e4d39911d75bbe442620cab58
fbdd753e49b0a78b3db5b368166dedd4f22e6c7717f43a3f2b2593a384ff58ac
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995