www.ansattnett.no Open in urlscan Pro
2a01:5b40:0:4a09:0:64a0:8113:c5fe  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

• https://hal900020.redintelligence.net/request.php?zone=tojuhhm84f1g&nw=20&renderingType=javascript&namespace=ad4c686571&subid=&uid=cc5cce2c275ed4d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1639232046918809003%26mt_id%3D8675608%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3Da6b46045-70ab-4201-a201-37c661e0e90d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%2526client%253Dca-pub-4962733600284009%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4962733600284009%26output%3Dhtml%26h%3D600%26adk%3D517070999%26adf%3D2714943141%26pi%3Dt.aa~a.2832224339~rp.4%26w%3D287%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1615125551%26rafmt%3D1%26to%3Dqs%26pwprc%3D5551558612%26psa%3D0%26format%3D287x600%26url%3Dhttps%253A%252F%252Fwww.ansattnett.no%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26dt%3D1615163563737%26bpp%3D2%26bdt%3D488%26idt%3D2%26shv%3Dr20210303%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7194e0125af66fd0-22df5749b6ba0024%253AT%253D1615163563%253ART%253D1615163563%253AS%253DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D621841048313%26frm%3D20%26pv%3D1%26ga_vid%3D1641914599.1615163564%26ga_sid%3D1615163564%26ga_hid%3D617443645%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1092%26ady%3D1726%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736524%252C21066922%252C21069711%26oid%3D3%26pvsid%3D2906848288337533%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dl0YKWMMIie%26p%3Dhttps%253A%2F%2Fwww.ansattnett.no%26dtd%3D19&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.ansattnett.no&random=434440149917&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900020.redintelligence.net/request.php?zone=tojuhhm84f1g&nw=20&renderingType=javascript&namespace=ad4c686571&subid=&uid=cc5cce2c275ed4d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1639232046918809003%26mt_id%3D8675608%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3Da6b46045-70ab-4201-a201-37c661e0e90d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%2526client%253Dca-pub-4962733600284009%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4962733600284009%26output%3Dhtml%26h%3D600%26adk%3D517070999%26adf%3D2714943141%26pi%3Dt.aa~a.2832224339~rp.4%26w%3D287%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1615125551%26rafmt%3D1%26to%3Dqs%26pwprc%3D5551558612%26psa%3D0%26format%3D287x600%26url%3Dhttps%253A%252F%252Fwww.ansattnett.no%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26dt%3D1615163563737%26bpp%3D2%26bdt%3D488%26idt%3D2%26shv%3Dr20210303%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7194e0125af66fd0-22df5749b6ba0024%253AT%253D1615163563%253ART%253D1615163563%253AS%253DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D621841048313%26frm%3D20%26pv%3D1%26ga_vid%3D1641914599.1615163564%26ga_sid%3D1615163564%26ga_hid%3D617443645%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1092%26ady%3D1726%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736524%252C21066922%252C21069711%26oid%3D3%26pvsid%3D2906848288337533%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dl0YKWMMIie%26p%3Dhttps%253A%2F%2Fwww.ansattnett.no%26dtd%3D19&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.ansattnett.no&random=434440149917&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 49

• https://www.awin1.com/cshow.php?s=2519518&v=14098&q=379074&r=296283&pref1=16431600007421702179201011527020&pv=0 HTTP 302
• https://media.kaspersky.com/de/affiliates/KTS-Promo-160x600.png

Request Chain 55

• https://rtb.openx.net/sync/dds?google_gid=CAESEFS9ENTSRZU6hA7nachorQM&google_cver=1&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFS9ENTSRZU6hA7nachorQM&google_cver=1&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU&google_hm=UprTjyejzSYAE1DxaMLTCg==

Request Chain 56

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECr9mJJGfWKGhPow7-0wvuk&google_cver=1&google_push=AQvitULp1p0xT1lpDLJ3FaLovJACEatCfDKLnSLn6816x3-iCnUIVLgIJZuaAAwCGmEBPYXs927ZD2ZjGCmOgeFdk_kPCxL_s-g7 HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECr9mJJGfWKGhPow7-0wvuk&google_cver=1&google_push=AQvitULp1p0xT1lpDLJ3FaLovJACEatCfDKLnSLn6816x3-iCnUIVLgIJZuaAAwCGmEBPYXs927ZD2ZjGCmOgeFdk_kPCxL_s-g7&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rctylV1lRyy-i2DJUXNsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULp1p0xT1lpDLJ3FaLovJACEatCfDKLnSLn6816x3-iCnUIVLgIJZuaAAwCGmEBPYXs927ZD2ZjGCmOgeFdk_kPCxL_s-g7

Request Chain 57

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELZmOvQEt2ZUXnWp211axQw&google_cver=1&google_push=AQvitUJIyyOCiEzIs7eVw1k1tTghDwsXUuP-X9ggxjI6QXW9UMF70PqFZbin_xmpiHwMzb4pSMRl0AW6ZumfLRCdNInDmkzP9w9Z HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaVU9NN1AtUy1FUzdC&google_push=AQvitUJIyyOCiEzIs7eVw1k1tTghDwsXUuP-X9ggxjI6QXW9UMF70PqFZbin_xmpiHwMzb4pSMRl0AW6ZumfLRCdNInDmkzP9w9Z

Request Chain 58

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIIKC7ihOj6ZSUKtZ-Wz0Io&google_cver=1&google_push=AQvitUL-lpqe2yyqb0VO7J-zHpUhILQ29lHTl-ZS73loLss6Q67iZWf9IRuz1lSHSp8z94eOzl8S27ZlUhrI4kHsrQoyKQSlbeTH HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIIKC7ihOj6ZSUKtZ-Wz0Io&google_cver=1&google_push=AQvitUL-lpqe2yyqb0VO7J-zHpUhILQ29lHTl-ZS73loLss6Q67iZWf9IRuz1lSHSp8z94eOzl8S27ZlUhrI4kHsrQoyKQSlbeTH&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEVwrKNjh7Fm5LBcUaR3aQAABFoAAAIB&google_push=AQvitUL-lpqe2yyqb0VO7J-zHpUhILQ29lHTl-ZS73loLss6Q67iZWf9IRuz1lSHSp8z94eOzl8S27ZlUhrI4kHsrQoyKQSlbeTH&google_cver=1&google_gid=CAESEIIKC7ihOj6ZSUKtZ-Wz0Io

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ansattnett.no/	75 KB 14 KB	270ms 95ms	Document text/html	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash b12db46960cfcb7b965023024697394fe923dfab2ecdbc9413af0297c635ac18 Request headers :method GET :authority www.ansattnett.no :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx/1.18.0 date Mon, 08 Mar 2021 00:32:43 GMT content-type text/html; charset=UTF-8 content-length 14072 last-modified Sun, 07 Mar 2021 13:59:11 GMT cache-control max-age=3, must-revalidate expires Mon, 08 Mar 2021 00:32:46 GMT vary Accept-Encoding,Cookie content-encoding gzip accept-ranges bytes
GET H2	200	style.min.css www.ansattnett.no/wp-content/themes/astra/assets/css/minified/	77 KB 13 KB	58ms 58ms	Stylesheet text/css	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.1.1 Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 0874c37e5c69aba47780801dddc594681ef5d3c583822f5d181f1b2b64fcf873 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip last-modified Sun, 07 Mar 2021 11:17:44 GMT server nginx/1.18.0 vary Accept-Encoding content-type text/css accept-ranges bytes content-length 12933
GET H2	200	menu-animation.min.css www.ansattnett.no/wp-content/themes/astra/assets/css/minified/	3 KB 556 B	54ms 53ms	Stylesheet text/css	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.1.1 Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip last-modified Sun, 07 Mar 2021 11:17:44 GMT server nginx/1.18.0 etag "d54-5bcf0775d011a-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 379
GET H2	200	style.min.css www.ansattnett.no/wp-includes/css/dist/block-library/	50 KB 8 KB	57ms 56ms	Stylesheet text/css	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2 Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip last-modified Tue, 23 Feb 2021 13:16:20 GMT server nginx/1.18.0 etag "c88a-5bc00b96c45e8-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 7849
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	140 KB 50 KB	42ms 21ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50479 x-xss-protection 0 server cafe etag 13215137272821469477 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 08 Mar 2021 00:32:43 GMT
GET H2	200	cropped-Ansattnett.no_.png www.ansattnett.no/wp-content/uploads/2020/09/	10 KB 10 KB	53ms 52ms	Image image/png	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Show image Full URL https://www.ansattnett.no/wp-content/uploads/2020/09/cropped-Ansattnett.no_.png Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 2c50ba0fdeb0b61b768f59eb3de1c7b6d617597b46d414a56445c86c6be740f5 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Sun, 27 Sep 2020 13:20:46 GMT server nginx/1.18.0 accept-ranges bytes etag "293e-5b04b6af14a5c" content-length 10558 content-type image/png
GET H2	200	wp-emoji-release.min.js Show response www.ansattnett.no/wp-includes/js/	14 KB 5 KB	54ms 52ms	Script application/javascript	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2 Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 12:40:19 GMT server nginx/1.18.0 etag "3795-5ba8201a21887-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 4662
GET H2	200	style.min.js Show response www.ansattnett.no/wp-content/themes/astra/assets/js/minified/	10 KB 3 KB	53ms 51ms	Script application/javascript	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.1.1 Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 758af520af740958167ad867622e499b689a3299fa395f5697ad775f8b9ae4ea Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip last-modified Sun, 07 Mar 2021 11:17:44 GMT server nginx/1.18.0 etag "2962-5bcf07766d4b7-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2808
GET H2	200	wp-embed.min.js Show response www.ansattnett.no/wp-includes/js/	1 KB 927 B	51ms 51ms	Script application/javascript	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/wp-includes/js/wp-embed.min.js?ver=5.6.2 Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 12:40:26 GMT server nginx/1.18.0 vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 765
GET H2	200	gtm.js Show response www.googletagmanager.com/	82 KB 32 KB	31ms 29ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T87W5PZ Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6376b6ea075bc5d3510ad6e7f61ccd405c7666b3b196c8a2204c242b9160f459 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32890 x-xss-protection 0 last-modified Mon, 08 Mar 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 08 Mar 2021 00:32:43 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	91 KB 24 KB	39ms 12ms	Script application/x-javascript	2a03:2880:f045:10:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23762 x-fb-rlafr 0 pragma public x-fb-debug aeTL/Bhtqtp+AbuEyFN2ygEvKHUo3drUPcL07tNwuWiketO/yVxEhle9sgr+KjPbsep+3c8vYWhCSIIwo/hoCw== x-fb-trip-id 664085054 x-frame-options DENY date Mon, 08 Mar 2021 00:32:43 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	astra.woff www.ansattnett.no/wp-content/themes/astra/assets/fonts/	3 KB 3 KB	51ms 51ms	Font application/font-woff	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Full URL https://www.ansattnett.no/wp-content/themes/astra/assets/fonts/astra.woff Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5 Request headers Origin https://www.ansattnett.no Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Sun, 07 Mar 2021 11:17:44 GMT server nginx/1.18.0 accept-ranges bytes etag "ce8-5bcf0776369b8" content-length 3304 content-type application/font-woff
GET H2	200	Ensomme-mennesker-er-nedprioritert-av-samfunnet-1024x682.jpeg www.ansattnett.no/wp-content/uploads/2020/03/	54 KB 54 KB	54ms 53ms	Image image/jpeg	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Show image Full URL https://www.ansattnett.no/wp-content/uploads/2020/03/Ensomme-mennesker-er-nedprioritert-av-samfunnet-1024x682.jpeg Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 27ba22acc7fc00804e6c52ba8e873d090b81d2c76e145b6fdb1f69aca5e9829f Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Sat, 28 Mar 2020 23:44:45 GMT server nginx/1.18.0 accept-ranges bytes etag "d797-5a1f2cd87d763" content-length 55191 content-type image/jpeg
GET H2	200	Slik-vil-5G-kunne-p%C3%A5virke-og-endre-ditt-liv-fra-2020-1024x358.jpeg www.ansattnett.no/wp-content/uploads/2020/03/	35 KB 35 KB	54ms 53ms	Image image/jpeg	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Show image Full URL https://www.ansattnett.no/wp-content/uploads/2020/03/Slik-vil-5G-kunne-p%C3%A5virke-og-endre-ditt-liv-fra-2020-1024x358.jpeg Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash eedcd49a0fa6a6945663d69f5b21779035d321780dc036ff07e6a29f2e8e6a63 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Sat, 28 Mar 2020 20:52:56 GMT server nginx/1.18.0 accept-ranges bytes etag "8b99-5a1f0670fdf7e" content-length 35737 content-type image/jpeg
GET H2	200	Personvern-og-samtykke-ved-bruk-av-bilder-fra-bildebanker-1024x682.jpeg www.ansattnett.no/wp-content/uploads/2020/03/	31 KB 31 KB	54ms 53ms	Image image/jpeg	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Show image Full URL https://www.ansattnett.no/wp-content/uploads/2020/03/Personvern-og-samtykke-ved-bruk-av-bilder-fra-bildebanker-1024x682.jpeg Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 179e1328e4963e22fcd4d8183590c22b7bd5194eec2090137cb9da4800eb28b6 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Sat, 28 Mar 2020 20:45:06 GMT server nginx/1.18.0 accept-ranges bytes etag "7afe-5a1f04b012aa2" content-length 31486 content-type image/jpeg
GET H2	200	Kom-deg-opp-og-fram-i-arbeidslivet-1024x682.jpeg www.ansattnett.no/wp-content/uploads/2020/03/	93 KB 93 KB	54ms 53ms	Image image/jpeg	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Show image Full URL https://www.ansattnett.no/wp-content/uploads/2020/03/Kom-deg-opp-og-fram-i-arbeidslivet-1024x682.jpeg Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash 1d269ccebc7d6a68d91c0b57ec6866d0b9109d97ea9a50fa42f4367c87ad8d60 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Sat, 28 Mar 2020 20:02:37 GMT server nginx/1.18.0 accept-ranges bytes etag "17442-5a1efb3130e74" content-length 95298 content-type image/jpeg
GET H2	200	Ikke-pitch-uten-kontroll-1024x682.jpeg www.ansattnett.no/wp-content/uploads/2020/03/	48 KB 48 KB	54ms 53ms	Image image/jpeg	2a01:5b40:0:4a09:0:64a0:8113:c5fe DOMENESHOP Oslo
General Check archive.org Show headers Download Go to Show image Full URL https://www.ansattnett.no/wp-content/uploads/2020/03/Ikke-pitch-uten-kontroll-1024x682.jpeg Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:5b40:0:4a09:0:64a0:8113:c5fe , Norway, ASN12996 (DOMENESHOP Oslo, Norway, NO), Reverse DNS Software nginx/1.18.0 / Resource Hash a8493a91721328dd8eee7496db594c43280b416388d5d15def955c49d1c2f8c5 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Sat, 28 Mar 2020 19:57:41 GMT server nginx/1.18.0 accept-ranges bytes etag "bf8a-5a1efa16c3796" content-length 49034 content-type image/jpeg
GET H2	200	174762053216071 Show response connect.facebook.net/signals/config/	240 KB 70 KB	78ms 78ms	Script application/x-javascript	2a03:2880:f045:10:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/174762053216071?v=2.9.33&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 217ddbb85eadf3d4fd852e740d52cfae9d20b84a07cfb121842eef7e5cb38d27 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-fb-rlafr 0 pragma public x-fb-debug P43V/8tuKHer38+hHxCzb2OcJ/DWMVil/0RNHVq6VCkFfkRkPGm/T1Me3WQTrMulltDUUMyCObWhC5zHRz1csA== x-fb-trip-id 664085054 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 08 Mar 2021 00:32:43 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 origin-trial AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ== priority u=3,i cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-Q050	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/	227 KB 86 KB	78ms 64ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87278 x-xss-protection 0 server cafe etag 4389487008424739880 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 08 Mar 2021 00:32:43 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame FB80	11 KB 6 KB	25ms 6ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210303/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ansattnett.no/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.ansattnett.no/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sun, 07 Mar 2021 21:27:47 GMT expires Sun, 21 Mar 2021 21:27:47 GMT content-type text/html; charset=UTF-8 etag 14371272352318978350 x-content-type-options nosniff content-encoding gzip server cafe content-length 5136 x-xss-protection 0 age 11096 cache-control public, max-age=1209600 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T87W5PZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 1807 date Mon, 08 Mar 2021 00:02:36 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Mon, 08 Mar 2021 02:02:36 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	1 B 388 B	48ms 13ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&a=617443645&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ansattnett.no%2F&ul=en-us&de=UTF-8&dt=-%20Arbeidstakernes%20informasjonssted%20p%C3%A5%20nett&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1387108931&gjid=1990997761&cid=1641914599.1615163564&tid=UA-39308760-1&_gid=1538110676.1615163564&_r=1&gtm=2wg2o0T87W5PZ&z=256694999 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ansattnett.no cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 410 B	42ms 13ms	Image image/gif	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=174762053216071&ev=PageView&dl=https%3A%2F%2Fwww.ansattnett.no%2F&rl=&if=false&ts=1615163563587&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615163563585.511017646&it=1615163563475&coo=false&rqm=GET Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Mon, 08 Mar 2021 00:32:43 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	203 B 642 B	60ms 39ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.ansattnett.no&callback=_gfp_s_&client=ca-pub-4962733600284009 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 3a2f7e1f7cae7a313e8cf3786426a89b7a79d9424f4b691a1324d1c61151692a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 193 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 799 B	34ms 14ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.ansattnett.no&meb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	34ms 14ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.ansattnett.no&meb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 87C2	7 KB 2 KB	83ms 68ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&adk=1812271804&adf=3025194257&lmt=1615125551&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ansattnett.no%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615163563501&bpp=19&bdt=251&idt=108&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=621841048313&frm=20&pv=2&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c6ab60ef5cc1130c5b8d4f92022a167b60b5cc0fa5a51145624710d298d94c17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4962733600284009&output=html&adk=1812271804&adf=3025194257&lmt=1615125551&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ansattnett.no%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615163563501&bpp=19&bdt=251&idt=108&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=621841048313&frm=20&pv=2&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ansattnett.no/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.ansattnett.no/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Mon, 08 Mar 2021 00:32:43 GMT server cafe content-length 1008 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 00:47:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 08 Mar 2021 00:32:43 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	74 KB 28 KB	34ms 14ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1614774803212306" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28399 x-xss-protection 0 expires Mon, 08 Mar 2021 00:32:43 GMT
GET H3-Q050	200	integrator.js Show response adservice.google.de/adsid/	107 B 777 B	35ms 21ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.ansattnett.no&meb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	integrator.js Show response adservice.google.com/adsid/	107 B 531 B	43ms 29ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.ansattnett.no&meb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame A3B6	13 KB 6 KB	141ms 140ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5fa6d159733c5878e9f74929fc778ad57fa7e49b9b6a880c67913ad38957a842 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ansattnett.no/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.ansattnett.no/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Mon, 08 Mar 2021 00:32:43 GMT server cafe content-length 6134 x-xss-protection 0 set-cookie IDE=AHWqTUnKWPeNgXjC6-LIwlBDkHXZNaF-onayrnB4nMS39NPVXux0EqE5X0d3ObRui2k; expires=Sat, 02-Apr-2022 00:32:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 08 Mar 2021 00:32:43 GMT cache-control private
GET H3-Q050	200	adview googleads.g.doubleclick.net/pagead/ Frame F8FE	0 0	44ms 43ms	Fetch text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C8lLpq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTDAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34NyRNdrUlvWGZ3D2Tuh0CqzNL7YAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoB-gsCCAGADAGyFxgKFhIUcHViLTQ5NjI3MzM2MDAyODQwMDk&sigh=iEC4fJUG5yM&tpd=AGWhJmtU1tPsj6qPSS5krfSP0QiNTrEOXbxXQWSKwen2Htrq6GDqVYfzmLAHbYSrgKndCF1mjYr8eU5_gf6l71-mB6BOH5SLFc6lXp_r3tjSDFfGLY8c90gfVRlz0Rdp6Ybc_qGCQ1XYPcShDyRsGRbf0yd7AqpM9fCqM9GuDuIiy4PNCqUbGZ9q-5oVz1sEUOGtKhbRLILuPn6bMkSX4_KtIQyf078YpbLNQ6tSuS8DbWnUsUiDKEKIGC4U_2iF2WxFbgyi6YphYPwVRk55lWfHAO62PimXPTecNlcf8qqj_7Q6w-AcP4Ww1Ucgweqf9dJrVssHGTw7u_4Y5AI_5kEmD_0uxRnhsfvAf1oKL4fKcqIsvKxTaYUahcpdr3iem6NFOC0WwX9VdWSXdxZab2Y5IFPr5HO0hMw5JBUkAns0GIKjRgZGjbCX7WpM3NpYjY2oXS7D9jWm8gJ5iy344515W9KNxyCVlDbetp1PTxnGhyjDq0xIbY8yUI1GLDAxTWhWpK3lQQGBBvPu326b8yiZPtUC-HG002fjKPPZrhjLJZlqJeRrisIlPkR4PKiuJw9JUrDNySXJFcVRmjqHefuXYbyKP-vAiw3bfI1xg6cobB7xP8iBtY_NlKDUy5oVF7AQDEuibrNHVNMQHD-alh0mgLukD0ilgkqlJvwEikFJygWYbXUDwshnk2uVqQHWPblx0yy_9W9EhEQRfVYGblMSenT6MBYaiIKNKyExBp6R47VlFSQEjZDcHWykhoRmpbGdY36Eo0SgLHaHHobF94aSprzOArKkyezAICFVo1DODw5Ci0qWBr1W1-j8NS0dTfXl6rgOAV5HasuVzuIzOOPl9JNGA-UE6BJ6kwJshb1-KeeP-n9o9mAq-2l8LU7dNVayta8VkreJ4RPGIM9AiSfoXdzPwqRRiNz_EaRvDOyhPxYaMpCvCMMJPmVE3OYz8AovPhJR0hbPy32oIdetE0gewsJ8q2DCPjQNzVrszRHiZthQ3YDsQLqYHiJe7J90Vc3FBOzuVlASTHEmXhPGHCFUao_P7dWV Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Mon, 08 Mar 2021 00:32:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame F8FE	3 KB 2 KB	49ms 13ms	Script application/x-javascript	185.29.133.52 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RFM05qRXhObVF0T1daak1DMDFPR0V4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzkyMzIwNDY5MTg4MDkwMDMvODY3NTYwOC83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmd0JtMjd3b1VINnBlcVh5SUQwVXBrNC8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYzOTIzMjA0NjkxODgwOTAwMy96cmgvMC8xMzQvNi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxNTE2MzU2My8xNjE1MTc2MTYzLzQvcHViLTQ5NjI3MzM2MDAyODQwMDkv/v22raZp6lPDUEWGLEimrRHITt_s&nodeid=1626&group=eu&auctionid=1639232046918809003&sid=7324419&cid=8675608&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%26client%3Dca-pub-4962733600284009%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.193.2 / Resource Hash 29e7db0191f668e19ad827e9a7c1da5e57b52d645c3d56bee0c5b28df762ac28 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:42 GMT Content-Encoding gzip x-mm-bid-request-time 1615163563 Last-Modified Mon, 08 Mar 2021 00:32:43 GMT Server MMBD/3.193.2 x-mm-latency 1 (1) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg Count Cache-Control no-cache x-mm-host zrh-router-x75, zrh-bidder-x137 Connection close Content-Type application/x-javascript; charset=UTF-8 Expires Mon, 08 Mar 2021 00:32:41 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F8FE	3 KB 2 KB	27ms 7ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:23:25 GMT content-encoding gzip x-content-type-options nosniff age 558 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1546 x-xss-protection 0 server cafe etag 8852521427838746165 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Mar 2021 00:23:25 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F8FE	110 KB 34 KB	37ms 21ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:43 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1614774766775808" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34192 x-xss-protection 0 expires Mon, 08 Mar 2021 00:32:43 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F8FE	14 KB 7 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:28:57 GMT content-encoding gzip x-content-type-options nosniff age 226 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6140 x-xss-protection 0 server cafe etag 17031075750977984330 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Mar 2021 00:28:57 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame F8FE	0 0	14ms 13ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUZxJa4IdPjnbd5kkrTbkGzB9vc6dOcHilgBW_RbkcB3ttXjq3AeWoU-vPmSzWxcAIpl33zo2-zDcHKnqNhqJaOPT4Bw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	tojuhhm84f1g Show response hal9000.redintelligence.net/zone/ Frame F8FE	10 KB 3 KB	7ms 3ms	Script text/html	138.201.63.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/tojuhhm84f1g?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=1639232046918809003&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1639232046918809003%26mt_id%3D8675608%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3Da6b46045-70ab-4201-a201-37c661e0e90d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%2526client%253Dca-pub-4962733600284009%2526adurl%253D%26redirect%3D Requested by Host: www.ansattnett.no URL: https://www.ansattnett.no/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.63.201.138.clients.your-server.de Software Apache / Resource Hash 6427ee0173e520ec66b722be64e8d0be94678c74ab443be0be4f5208b7f6eda0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:43 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3373 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame F8FE	49 B 330 B	38ms 13ms	Image image/gif	185.29.133.52 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=1639232046918809003&node_id=1626&exch_id=4 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RFM05qRXhObVF0T1daak1DMDFPR0V4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzkyMzIwNDY5MTg4MDkwMDMvODY3NTYwOC83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmd0JtMjd3b1VINnBlcVh5SUQwVXBrNC8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYzOTIzMjA0NjkxODgwOTAwMy96cmgvMC8xMzQvNi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxNTE2MzU2My8xNjE1MTc2MTYzLzQvcHViLTQ5NjI3MzM2MDAyODQwMDkv/v22raZp6lPDUEWGLEimrRHITt_s&nodeid=1626&group=eu&auctionid=1639232046918809003&sid=7324419&cid=8675608&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%26client%3Dca-pub-4962733600284009%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.193.2 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:42 GMT Server MMBD/3.193.2 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x40, zrh-bidder-x137 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Mon, 08 Mar 2021 00:32:41 GMT
GET H/1.1	200 OK	analytics.js Show response s.update.mediamathtag.com/2/619621/ Frame F8FE	4 KB 3 KB	118ms 29ms	Script application/javascript	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&ap=&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&de=43003&si=1944818898&dm=160x600&ac=863182&cr=8675608&ai=242876&c1=7324419&r1=2a01:4f8:192::&r2=&r3= Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RFM05qRXhObVF0T1daak1DMDFPR0V4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzkyMzIwNDY5MTg4MDkwMDMvODY3NTYwOC83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmd0JtMjd3b1VINnBlcVh5SUQwVXBrNC8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYzOTIzMjA0NjkxODgwOTAwMy96cmgvMC8xMzQvNi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxNTE2MzU2My8xNjE1MTc2MTYzLzQvcHViLTQ5NjI3MzM2MDAyODQwMDkv/v22raZp6lPDUEWGLEimrRHITt_s&nodeid=1626&group=eu&auctionid=1639232046918809003&sid=7324419&cid=8675608&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%26client%3Dca-pub-4962733600284009%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash 4110678b070cbc83f6cf285f614d03fa8713762480cac601eb03a400b119000a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 08 Mar 2021 00:32:43 GMT Content-Encoding gzip Accept-Ch Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data Vary * Content-Type application/javascript Cache-Control no-cache, no-store, must-revalidate, no-transform, private, max-age=0 Strict-Transport-Security max-age=31536000; includeSubDomains Timing-Allow-Origin * Content-Length 2059 Expires 0
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame F8FE	43 B 360 B	35ms 21ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1639232046918809003&v3=863182&v4=7324419&v5=8675608&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RFM05qRXhObVF0T1daak1DMDFPR0V4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzkyMzIwNDY5MTg4MDkwMDMvODY3NTYwOC83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmd0JtMjd3b1VINnBlcVh5SUQwVXBrNC8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYzOTIzMjA0NjkxODgwOTAwMy96cmgvMC8xMzQvNi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxNTE2MzU2My8xNjE1MTc2MTYzLzQvcHViLTQ5NjI3MzM2MDAyODQwMDkv/v22raZp6lPDUEWGLEimrRHITt_s&nodeid=1626&group=eu&auctionid=1639232046918809003&sid=7324419&cid=8675608&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%26client%3Dca-pub-4962733600284009%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3518 2f03077 master cdg-pixel-x24 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:43 GMT Server MT3 3518 2f03077 master cdg-pixel-x24 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 08 Mar 2021 00:32:15 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame F8FE	49 B 330 B	36ms 12ms	Image image/gif	185.29.133.52 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1639232046918809003&st=7324419&time=1615163563&nodeid=1626 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RFM05qRXhObVF0T1daak1DMDFPR0V4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MzkyMzIwNDY5MTg4MDkwMDMvODY3NTYwOC83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmd0JtMjd3b1VINnBlcVh5SUQwVXBrNC8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTYzOTIzMjA0NjkxODgwOTAwMy96cmgvMC8xMzQvNi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxNTE2MzU2My8xNjE1MTc2MTYzLzQvcHViLTQ5NjI3MzM2MDAyODQwMDkv/v22raZp6lPDUEWGLEimrRHITt_s&nodeid=1626&group=eu&auctionid=1639232046918809003&sid=7324419&cid=8675608&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%26client%3Dca-pub-4962733600284009%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.193.2 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:42 GMT Server MMBD/3.193.2 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x73, zrh-bidder-x137 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Mon, 08 Mar 2021 00:32:41 GMT
GET H/1.1	200 OK	request.php Show response hal900020.redintelligence.net/ Frame F8FE Redirect Chain https://hal900020.redintelligence.net/request.php?zone=tojuhhm84f1g&nw=20&renderingType=javascript&namespace=ad4c686571&subid=&uid=cc5cce2c275ed4d1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900020.redintelligence.net/request.php?zone=tojuhhm84f1g&nw=20&renderingType=javascript&namespace=ad4c686571&subid=&uid=cc5cce2c275ed4d1&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	2 KB 1 KB	52ms 51ms	Script application/x-javascript	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/request.php?zone=tojuhhm84f1g&nw=20&renderingType=javascript&namespace=ad4c686571&subid=&uid=cc5cce2c275ed4d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1639232046918809003%26mt_id%3D8675608%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3Da6b46045-70ab-4201-a201-37c661e0e90d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%2526client%253Dca-pub-4962733600284009%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4962733600284009%26output%3Dhtml%26h%3D600%26adk%3D517070999%26adf%3D2714943141%26pi%3Dt.aa~a.2832224339~rp.4%26w%3D287%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1615125551%26rafmt%3D1%26to%3Dqs%26pwprc%3D5551558612%26psa%3D0%26format%3D287x600%26url%3Dhttps%253A%252F%252Fwww.ansattnett.no%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26dt%3D1615163563737%26bpp%3D2%26bdt%3D488%26idt%3D2%26shv%3Dr20210303%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7194e0125af66fd0-22df5749b6ba0024%253AT%253D1615163563%253ART%253D1615163563%253AS%253DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D621841048313%26frm%3D20%26pv%3D1%26ga_vid%3D1641914599.1615163564%26ga_sid%3D1615163564%26ga_hid%3D617443645%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1092%26ady%3D1726%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736524%252C21066922%252C21069711%26oid%3D3%26pvsid%3D2906848288337533%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dl0YKWMMIie%26p%3Dhttps%253A%2F%2Fwww.ansattnett.no%26dtd%3D19&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.ansattnett.no&random=434440149917&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash d6c6103355f3d39cfdc5db5254e6c31a45514513b209c83ea8407de40bbc79d2 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 08 Mar 2021 00:32:43 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 16431600007421702179201011527020 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 723 Expires Mon, 08 Mar 2021 00:32:43 +0100 Redirect headers Pragma no-cache Date Mon, 08 Mar 2021 00:32:43 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=tojuhhm84f1g&nw=20&renderingType=javascript&namespace=ad4c686571&subid=&uid=cc5cce2c275ed4d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1639232046918809003%26mt_id%3D8675608%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3Da6b46045-70ab-4201-a201-37c661e0e90d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%2526client%253Dca-pub-4962733600284009%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4962733600284009%26output%3Dhtml%26h%3D600%26adk%3D517070999%26adf%3D2714943141%26pi%3Dt.aa~a.2832224339~rp.4%26w%3D287%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1615125551%26rafmt%3D1%26to%3Dqs%26pwprc%3D5551558612%26psa%3D0%26format%3D287x600%26url%3Dhttps%253A%252F%252Fwww.ansattnett.no%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26dt%3D1615163563737%26bpp%3D2%26bdt%3D488%26idt%3D2%26shv%3Dr20210303%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7194e0125af66fd0-22df5749b6ba0024%253AT%253D1615163563%253ART%253D1615163563%253AS%253DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D621841048313%26frm%3D20%26pv%3D1%26ga_vid%3D1641914599.1615163564%26ga_sid%3D1615163564%26ga_hid%3D617443645%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1092%26ady%3D1726%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736524%252C21066922%252C21069711%26oid%3D3%26pvsid%3D2906848288337533%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dl0YKWMMIie%26p%3Dhttps%253A%2F%2Fwww.ansattnett.no%26dtd%3D19&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.ansattnett.no&random=434440149917&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Mon, 08 Mar 2021 00:32:43 +0100
GET H/1.1	200 OK	request_content.php Show response hal900020.redintelligence.net/ Frame 30FE	3 KB 2 KB	4ms 2ms	Document text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/request_content.php?s=16431600007421702179201011527020&a=2438cdc1 Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request.php?zone=tojuhhm84f1g&nw=20&renderingType=javascript&namespace=ad4c686571&subid=&uid=cc5cce2c275ed4d1&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1639232046918809003%26mt_id%3D8675608%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3Da6b46045-70ab-4201-a201-37c661e0e90d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCBgVUq3BFYKiVL9nP7_UPuKC8kAfPh46bXMCG2YLGAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi00OTYyNzMzNjAwMjg0MDA5yAEJqAMBqgTGAU_Qw8xXF6kyc-e_A9dG268VNo0A8bEc6Km7Uh_TnogI9b0tsYUnatACcfJEnBg19DAvu8kOopJR8A8H4stP3SQGI70CFoShL1Lj9crQaiLYgDRNK9NTQ2AnGLZOpsqhYMbxWoGqoOPGaUVTV6tBppycGSelbKryi06qkrrwKh1-X1EVlnK13I9w-iM4ytsCrFeek4BV4OhnF694xa68B2ce1kJfBNCsj3HDmT568E34N2ZPeyeJLcWeUZnbEcVCBMNW-Xr4YIAG99Hch_HT2IfuAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_2V4xmrXmMbRAlnE9MIkgGxoY5LTw%2526client%253Dca-pub-4962733600284009%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4962733600284009%26output%3Dhtml%26h%3D600%26adk%3D517070999%26adf%3D2714943141%26pi%3Dt.aa~a.2832224339~rp.4%26w%3D287%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1615125551%26rafmt%3D1%26to%3Dqs%26pwprc%3D5551558612%26psa%3D0%26format%3D287x600%26url%3Dhttps%253A%252F%252Fwww.ansattnett.no%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26dt%3D1615163563737%26bpp%3D2%26bdt%3D488%26idt%3D2%26shv%3Dr20210303%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7194e0125af66fd0-22df5749b6ba0024%253AT%253D1615163563%253ART%253D1615163563%253AS%253DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D621841048313%26frm%3D20%26pv%3D1%26ga_vid%3D1641914599.1615163564%26ga_sid%3D1615163564%26ga_hid%3D617443645%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1092%26ady%3D1726%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44736524%252C21066922%252C21069711%26oid%3D3%26pvsid%3D2906848288337533%26rx%3D0%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D8320%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dl0YKWMMIie%26p%3Dhttps%253A%2F%2Fwww.ansattnett.no%26dtd%3D19&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.ansattnett.no&random=434440149917&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash 34a66be99393bed4530e330da4cfb2fa33309f06a63ffa575232ad4763acaf59 Request headers Host hal900020.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://googleads.g.doubleclick.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=105d3afc3560ec1c Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers Date Mon, 08 Mar 2021 00:32:44 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Mon, 08 Mar 2021 00:32:44 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1341 Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame F8FE	43 B 702 B	49ms 32ms	Image image/gif	92.123.148.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519518&v=14098&q=379074&r=296283&pref1=16431600007421702179201011527020&pv=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-148-9.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 08 Mar 2021 00:32:44 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H3-Q050	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 30BC	1 KB 854 B	6ms 6ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sun, 07 Mar 2021 15:30:58 GMT expires Mon, 08 Mar 2021 15:30:58 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 cache-control public, max-age=86400 age 32506 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame F8FE	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2f8df0d52742a69647aa3f72b5a8117262e8dca16f843cc38e62771f8429d7f2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
POST H2	200	/ www.facebook.com/tr/	0 108 B	26ms 26ms	Other text/plain	2a03:2880:f145:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f145:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryqGSyBLNxjRAa4ISZ Response headers strict-transport-security max-age=31536000; includeSubDomains server proxygen-bolt date Mon, 08 Mar 2021 00:32:44 GMT content-type text/plain access-control-allow-origin https://www.ansattnett.no access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	112ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?oz_pl=1&ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&ap=&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&de=43003&si=1944818898&dm=160x600&ac=863182&cr=8675608&ai=242876&c1=7324419&r1=2a01:4f8:192::&r2=&r3= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:43 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H/1.1	200 OK	main.js Show response s.update.mediamathtag.com/2/1.23.0/ Frame F8FE	117 KB 37 KB	29ms 29ms	Script application/javascript	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&ap=&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&de=43003&si=1944818898&dm=160x600&ac=863182&cr=8675608&ai=242876&c1=7324419&r1=2a01:4f8:192::&r2=&r3= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash 33666353b132a680820c4db3b5dc60cc7c8fc42a8ddb4972cdb04c2476db1feb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:43 GMT Content-Encoding br Accept-Ch Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data Vary Origin, Accept-Encoding Content-Type application/javascript Cache-Control public, no-transform, immutable, max-age=999999999 Strict-Transport-Security max-age=31536000; includeSubDomains Timing-Allow-Origin * Content-Length 37340 Expires Wed, 13 Nov 2052 04:53:40 GMT
GET H2	200	KTS-Promo-160x600.png media.kaspersky.com/de/affiliates/ Frame 30FE Redirect Chain https://www.awin1.com/cshow.php?s=2519518&v=14098&q=379074&r=296283&pref1=16431600007421702179201011527020&pv=0 https://media.kaspersky.com/de/affiliates/KTS-Promo-160x600.png	27 KB 27 KB	91ms 60ms	Image image/png	185.85.15.23 KL-EXT
General Check archive.org Show headers Download Go to Show image Full URL https://media.kaspersky.com/de/affiliates/KTS-Promo-160x600.png Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=16431600007421702179201011527020&a=2438cdc1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.85.15.23 , Russian Federation, ASN200107 (KL-EXT, RU), Reverse DNS Software / Kaspersky Labs, Kaspersky Labs Resource Hash 0e7a61956922a31258dabefc24596c62eb9c27e3b9d1b97161cb1f8c19bcdf15 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://hal900020.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Mon, 18 Jan 2021 16:02:44 GMT server x-powered-by Kaspersky Labs, Kaspersky Labs etag "f7ea55bb3edd61:0" x-frame-options SAMEORIGIN content-type image/png x-xss-protection 1; mode=block x-server fr1/MSK5 accept-ranges bytes content-length 27212 date Mon, 08 Mar 2021 00:32:44 GMT Redirect headers Date Mon, 08 Mar 2021 00:32:44 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://media.kaspersky.com/de/affiliates/KTS-Promo-160x600.png Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H/1.1	200 OK	viewability Show response hal900020.redintelligence.net/ Frame 30FE	0 150 B	5ms 2ms	Script text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/viewability?s=16431600007421702179201011527020&a=63f75778&vb=m Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=16431600007421702179201011527020&a=2438cdc1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900020.redintelligence.net/request_content.php?s=16431600007421702179201011527020&a=2438cdc1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:44 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 30FE	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	addDoubleBorder.js Show response cdn.contentspread.net/24i/tools/js/ Frame 30FE	851 B 1 KB	32ms 9ms	Script application/javascript	188.138.57.20 GD-EMEA-DC-SXB1
General Check archive.org Show headers Download Go to Full URL https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=16431600007421702179201011527020&a=2438cdc1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.138.57.20 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE), Reverse DNS loft11016.serverprofi24.de Software nginx / Resource Hash abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107 Request headers Referer https://hal900020.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 08 Mar 2021 00:32:44 GMT Last-Modified Tue, 03 May 2016 20:54:50 GMT Server nginx ETag "5729101a-353" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 851
GET H2	200	dpixel cms.quantserve.com/ Frame 30BC	35 B 463 B	26ms 8ms	Image image/gif	2620:116:800d:21:8c6e:cf2c:8d6:9fb5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENbsifXemr3iAokifKQz7Cc&google_cver=1&google_push=AQvitUIEIlG9SaXy2LvIAZKa5Pt749odJc50fF_Etu8VxjT6YUcKIP9hJFhgmrbhTm-YdApfvhmkKoytQqBQZFQKxXvt7nRKFVGW Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 30BC	43 B 324 B	38ms 14ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFHzngnjhfEYWBcSCQemb44&google_push=AQvitUKO0VGCJRcPQnjsvV2rxYwWWCnhVr75Jkxj5rBSBaccQS9fVgtGYh-rEnwfJuD8nehJuhLOk-P7FeJcjAH5ZQAFDKk7iAk8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 30BC Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFS9ENTSRZU6hA7nachorQM&google_cver=1&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU https://rtb.openx.net/sync/dds?google_gid=CAESEFS9ENTSRZU6hA7nachorQM&google_cver=1&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU&google_hm=UprTjyejzSYAE1DxaMLTCg==	170 B 190 B	21ms 21ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU&google_hm=UprTjyejzSYAE1DxaMLTCg== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJEtCcdwr5FWa3KuYAZBAXxIxX_k_EDAaXfzuZ0oLYd7Os3zx7w4TfG1XAfXIZHvDN1_ZrMxIODhZ1pBWxZYLJD3v_6nIU&google_hm=UprTjyejzSYAE1DxaMLTCg== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id ssap7l9a4oo1nicbd0bptbagfgkmnfmr
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 30BC Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rctylV1lRyy-i2DJUXNsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 190 B	22ms 21ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rctylV1lRyy-i2DJUXNsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULp1p0xT1lpDLJ3FaLovJACEatCfDKLnSLn6816x3-iCnUIVLgIJZuaAAwCGmEBPYXs927ZD2ZjGCmOgeFdk_kPCxL_s-g7 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rctylV1lRyy-i2DJUXNsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULp1p0xT1lpDLJ3FaLovJACEatCfDKLnSLn6816x3-iCnUIVLgIJZuaAAwCGmEBPYXs927ZD2ZjGCmOgeFdk_kPCxL_s-g7 Date Mon, 08 Mar 2021 00:32:42 GMT P3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	pixel cm.g.doubleclick.net/ Frame 30BC Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELZmOvQEt2ZUXnWp211axQw&google_cver=1&google_push=AQvitUJIyyOCiEzIs7eVw1k1tTghDwsXUuP-X9ggxjI6QXW9UMF70PqFZbin_xmpiHwMzb4pSMR... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaVU9NN1AtUy1FUzdC&google_push=AQvitUJIyyOCiEzIs7eVw1k1tTghDwsXUuP-X9ggxjI6QXW9UMF70PqFZbin_xmpiHwMzb4pSMRl0AW6ZumfLRCdNInDmkzP9w9Z	170 B 329 B	31ms 16ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaVU9NN1AtUy1FUzdC&google_push=AQvitUJIyyOCiEzIs7eVw1k1tTghDwsXUuP-X9ggxjI6QXW9UMF70PqFZbin_xmpiHwMzb4pSMRl0AW6ZumfLRCdNInDmkzP9w9Z Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xaVU9NN1AtUy1FUzdC&google_push=AQvitUJIyyOCiEzIs7eVw1k1tTghDwsXUuP-X9ggxjI6QXW9UMF70PqFZbin_xmpiHwMzb4pSMRl0AW6ZumfLRCdNInDmkzP9w9Z Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 611afce88997db6fdd35eb213e662871 Expires 0
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 30BC Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIIKC7ihOj6ZSUKtZ-Wz0Io&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIIKC7ihOj6ZSUKtZ-Wz0Io&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEVwrKNjh7Fm5LBcUaR3aQAABFoAAAIB&google_push=AQvitUL-lpqe2yyqb0VO7J-zHpUhILQ29lHTl-ZS73loLss6Q67iZWf9IRuz1lSHSp8z94eOzl8S27ZlUhrI4kHsrQ...	170 B 484 B	36ms 22ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEVwrKNjh7Fm5LBcUaR3aQAABFoAAAIB&google_push=AQvitUL-lpqe2yyqb0VO7J-zHpUhILQ29lHTl-ZS73loLss6Q67iZWf9IRuz1lSHSp8z94eOzl8S27ZlUhrI4kHsrQoyKQSlbeTH&google_cver=1&google_gid=CAESEIIKC7ihOj6ZSUKtZ-Wz0Io Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 08 Mar 2021 00:32:44 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEVwrKNjh7Fm5LBcUaR3aQAABFoAAAIB&google_push=AQvitUL-lpqe2yyqb0VO7J-zHpUhILQ29lHTl-ZS73loLss6Q67iZWf9IRuz1lSHSp8z94eOzl8S27ZlUhrI4kHsrQoyKQSlbeTH&google_cver=1&google_gid=CAESEIIKC7ihOj6ZSUKtZ-Wz0Io Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 460 Expires Mon, 08 Mar 2021 00:32:44 GMT
GET H2	200	trk ag.innovid.com/ Frame 30BC	43 B 296 B	64ms 20ms	Image image/gif	2a05:d01c:1d8:8101:f6ab:342:7837:ce6e AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESEL1q7jpjbGF9VXHlS9B6agU&google_cver=1&google_push=AQvitUI8b0z3GK_vzFvfTakIO5O3_UGCEbYHWEnZZ-Wg3XpV6EwlrVVE-yEjQGcss9GLUwTO9hPwCVR1fbQlcIo22KY7UEgh4Inb Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT cache-control no-cache content-type image/gif content-length 43 request-time 0 expires -1
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 30BC	0 236 B	36ms 13ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IrJGSjfEX1j4Xsmn4IGBGym4UR6vAGGC_jOObeG5SayDGyu1Q0canR_sAk-H5bBzfYQuQD Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4962733600284009&output=html&h=600&adk=517070999&adf=2714943141&pi=t.aa~a.2832224339~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1615125551&rafmt=1&to=qs&pwprc=5551558612&psa=0&format=287x600&url=https%3A%2F%2Fwww.ansattnett.no%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1615163563737&bpp=2&bdt=488&idt=2&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7194e0125af66fd0-22df5749b6ba0024%3AT%3D1615163563%3ART%3D1615163563%3AS%3DALNI_MbqCD5pfszY5xO21YlVtUd7wbNXAw&prev_fmts=0x0&nras=1&correlator=621841048313&frm=20&pv=1&ga_vid=1641914599.1615163564&ga_sid=1615163564&ga_hid=617443645&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1092&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C21066922%2C21069711&oid=3&pvsid=2906848288337533&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=l0YKWMMIie&p=https%3A//www.ansattnett.no&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:44 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	41ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?oz_pl=1&ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&ap=&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&de=43003&si=1944818898&dm=160x600&ac=863182&cr=8675608&ai=242876&c1=7324419&r1=2a01:4f8:192::&r2=&r3= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:43 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	57ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:43 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	45ms 31ms	XHR application/json	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f5c5127e9e018199b1d7e9aa1fc8a95b91f54198bc2ba85416d99f98b57500d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Mar 2021 00:32:44 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6448 x-xss-protection 0
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	42ms 28ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4962733600284009&plah=www.ansattnett.no&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 00:32:44 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1611170586013198" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6403 x-xss-protection 0 expires Mon, 08 Mar 2021 00:32:44 GMT
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	27ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:44 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3B52	12 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/221/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ansattnett.no/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.ansattnett.no/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4984 date Sun, 07 Mar 2021 17:02:57 GMT expires Mon, 07 Mar 2022 17:02:57 GMT last-modified Tue, 08 Dec 2020 21:41:15 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 26987 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated Show response / Frame 2A62	13 B 13 B		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html;charset=utf-8
GET H3-Q050	200	cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Show response pagead2.googlesyndication.com/bg/ Frame 3B52	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 06 Mar 2021 20:37:34 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 01 Mar 2021 10:45:00 GMT server sffe age 100510 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5702 x-xss-protection 0 expires Sun, 06 Mar 2022 20:37:34 GMT
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	29ms 28ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:44 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 111 B	41ms 41ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=2906848288337533&bg=!y8ilyIvNAAWsVXnBrDsAKQB2-DxaZo9-rDno3Hc03OoJUaP3bkDMxsvltAWFbJF_e2Fe2b0zH4BSAgAAAJJSAAAADmgBBwoA6zl2HBP9CB_0vbpz9rh_Qi1iIYOCe-Fxhl43dn72EuJY_K1LydJzHVTFnMPRnuL4Yowa6ZGN-KhyyproHT5hZH9hapWC4u9TGtEOKFHEqBQlJ9uk4EbrtbEoJf4Rxa0uha-xma-YgmXrtU9pke6bhO_CdQtzpZ24GHhQK-OG1HzhF492mBaducV84_jILkmZeX-xUTU1qs0WxwnKbt4zeK75txYOIR0RtoCOj7Fah75twbhUQaswYjjajPGOBrqSWfWofz8D3yPElscqjIDPol4ey9UbtpVXh_ByvqgqCNa7dzdK2x5xQEGUH0qZAif6RpzEf1YoFFvBD4M_12ODTrqcbSnCk0mL1eA4sJadQLZuAk1UPk95aBKZoGpPC1IfImIjONBgYKZFrnUXg5ZdBpDRMHOtzWcKU67UbcKKYkYXPNPeU4uhagWFezbYY72cMsUamhrUoQUaGevk8-CzW7RVcJndNg08sShJn3Crw0wQ3OXOgkvNg6bLXi-aWhCsdV8825JVuCEtjeE-u-Vvqk02x7kN8g6LnkboRttr8LZYHoyir84yvBK6I42hPjh2MX2Upa_J-KnRw8Ll3VL_wPTiipIpk2dYJODsLZH7h-4LRskK4_zqxH_He2Ff2AaVRDa44zFk98OyQ8wBShEwoReAPbfnGOubyoHt-aUjywA12BfMAarrtSsDWaZbs7NsebmfYyF_mGm4QyQ_o9-n8aMwXh6spZ24wzRISszaRssAtaGiCO2SjTQRF5tSxKCLeOH_l6ywKPiz-MnMl4Wq-PlvuI4Ha-2nPjTDkrXk4zkPoZTdiKcJErvWZ3ftC2Nn5M8YJe-PQMs5prBxRZxaFsjOgjgjo41FhvVAI9hmruPYaxdXCi4oHyZW5lAmZRer3F4A8nH3nUMqbM20NPQNY92c2DkaSzqNnKm-kD7T3NsRTwiq78vKrfG2hVYPHjni9cECwLTZ7q417fxViUWuFZv7UB4JowHFFCQKbeSDd5OCS-MC9cc6J4U2Q-e0HMzarNROCRl5zPzc6t5WiOQjlho_LHatdg Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ansattnett.no/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 08 Mar 2021 00:32:44 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	27ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:44 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	27ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:44 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
GET BLOB	200 OK	43a39210-853b-4ceb-8bb0-28cd6d0edac4 https://googleads.g.doubleclick.net/ Frame F8FE	476 B 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://googleads.g.doubleclick.net/43a39210-853b-4ceb-8bb0-28cd6d0edac4 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 476
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	28ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:44 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	27ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:49 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin
POST H/1.1	200 OK	postback Show response s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/ Frame F8FE	0 145 B	27ms 27ms	XHR text/plain	18.203.96.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.update.mediamathtag.com/2/1.23.0/619621/AGTy1zYLEePVqcvr/postback?ai=242876&r1=2a01%3A4f8%3A192%3A%3A&di=https%3A%2F%2Fwww.ansattnett.no&ui=9176116d-9fc0-58a1-0000-000000000000&r3=&de=43003&dm=160x600&ti=1639232046918809003&pv=72afd756-bde0-410d-b69e-6cdf429fc64e&pp=pub-4962733600284009&sr=4&ac=863182&c1=7324419&dt=6196211556140246740000&pd=avt&r2=&ci=619621&cr=8675608&ap=&si=1944818898&sid=AGTy1zYLEePVqcvr&oz_sc=c31f2218155c629a0c20f2fb&cv=3 Requested by Host: s.update.mediamathtag.com URL: https://s.update.mediamathtag.com/2/1.23.0/main.js?o=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-96-5.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Mon, 08 Mar 2021 00:32:50 GMT Timing-Allow-Origin * Content-Length 0 Vary Origin