urlscan.io logo urlscan.io
SecurityTrails logo

2yourcredit.com Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://2yourcredit.com/
Submission: On March 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 13 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is 2yourcredit.com.
TLS certificate: Issued by GTS CA 1D4 on January 31st 2022. Valid for: 3 months.
This is the only time 2yourcredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 199.36.158.100 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.104.154.52 63949 (LINODE-AP...)
1 62.92.136.16 2119 (TELENOR-N...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 46.17.17.11 20741 (ADMINISTR...)
1 45.60.197.69 19551 (INCAPSULA)
1 95.175.105.204 49282 (FICOLO)
3 2a00:1450:400... 15169 (GOOGLE)
13 10
3    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
2yourcredit.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.104.154.52 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1670-52.members.linode.com
www.gifty.no
1    62.92.136.16 (Oslo, Norway)

ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO)
sandnes-sparebank.no
1    2606:4700::6812:1dd8 (United States)

ASN13335 (CLOUDFLARENET, US)
nye.econa.no
1    46.17.17.11 (Ă…lesund, Norway)

ASN20741 (ADMINISTRATOR, NO)
PTR: alfa.administrator.no
slive.no
1    45.60.197.69 (United States)

ASN19551 (INCAPSULA, US)
www.santanderconsumer.no
1    95.175.105.204 (Helsinki, Finland)

ASN49282 (FICOLO, FI)
PTR: kommunikasjon.ntb.no
kommunikasjon.ntb.no
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
3 2yourcredit.com 2yourcredit.com
1 kommunikasjon.ntb.no 2yourcredit.com
1 www.santanderconsumer.no 2yourcredit.com
1 slive.no 2yourcredit.com
1 nye.econa.no 2yourcredit.com
1 sandnes-sparebank.no 2yourcredit.com
1 www.gifty.no 2yourcredit.com
1 fonts.googleapis.com 2yourcredit.com
13 9

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1D4		 2022-01-31 -
2022-05-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.gifty.no
R3		 2022-03-18 -
2022-06-16		 3 months crt.sh
eika.no
Buypass Class 3 CA 2		 2022-01-21 -
2022-11-02		 9 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-19 -
2022-05-18		 a year crt.sh
slive.no
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
santanderconsumer.no
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-20 -
2023-01-06		 a year crt.sh
kommunikasjon.ntb.no
R3		 2022-02-21 -
2022-05-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://2yourcredit.com/
Frame ID: FE402F315666E6230F819C2A7A2EE9CA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

React App

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

77 %
HTTPS

33 %
IPv6

9
Domains

9
Subdomains

10
IPs

4
Countries

274 kB
Transfer

447 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
2yourcredit.com/ 		751 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2yourcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76d1aa437cb4f515f32e14415cb3e65f3dfd34cda9421c6113af04f3b46b4089
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"877ea5e4a6f2c802c4e90e62cd4756c9bb0c4d96a35a29399d6286bb9f188b18-br"
last-modified
Tue, 29 Mar 2022 14:47:34 GMT
strict-transport-security
max-age=31556926
accept-ranges
bytes
date
Wed, 30 Mar 2022 07:22:16 GMT
x-served-by
cache-hhn4080-HHN
x-cache
HIT
x-cache-hits
1
x-timer
S1648624937.712831,VS0,VE1
vary
x-fh-requested-host, accept-encoding
content-length
285
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 05:48:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 07:22:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 07:22:16 GMT
main.e98d97f4.js
2yourcredit.com/static/js/ 		219 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2yourcredit.com/static/js/main.e98d97f4.js
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
77f92927ff4b98ba53ca1ad51bf0a86da48547dde85e6de71f13245d00c00d15
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 29 Mar 2022 14:47:34 GMT
x-timer
S1648624937.742140,VS0,VE1
etag
"16c16bcca8af39ae3d083e372b39a45d5d34b44549d0386265f4092c4b7bd7a9-br"
x-served-by
cache-hhn4080-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Wed, 30 Mar 2022 07:22:16 GMT
accept-ranges
bytes
content-length
67423
x-cache-hits
1
main.70992f84.css
2yourcredit.com/static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2yourcredit.com/static/css/main.70992f84.css
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6db997eed82d86a65b94b5300640193dedc934e10e8060844c39c5fd066831e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 29 Mar 2022 14:47:34 GMT
x-timer
S1648624937.742238,VS0,VE1
etag
"93cd75795a51e2156127478cedb103d0d61551a2879c171e6df1bd3154c8d33d-br"
x-served-by
cache-hhn4080-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Wed, 30 Mar 2022 07:22:16 GMT
accept-ranges
bytes
content-length
3934
x-cache-hits
1
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cad0c98c838b5ed294e23af8077df8a164c5af62664ea383a67fe8c58beb18d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
dnb-logo.jpg
www.gifty.no/wp-content/uploads/2021/05/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gifty.no/wp-content/uploads/2021/05/dnb-logo.jpg
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.104.154.52 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1670-52.members.linode.com
Software
nginx/1.15.8 /
Resource Hash
3c9a012bfb39daadc8ef845d477ef14fe1b9a6ff5a99adf58e5d5278afadb831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 07:22:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Jul 2021 07:32:56 GMT
server
nginx/1.15.8
etag
"60dd6fa8-5748"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
22344
x-xss-protection
1; mode=block
dgb_stor_til_kort.jpg
sandnes-sparebank.no/-/media/banker/sandnes-sparebank/velg-oss/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandnes-sparebank.no/-/media/banker/sandnes-sparebank/velg-oss/dgb_stor_til_kort.jpg?mw=821&hash=A1AA6EED7B159FAB24DAAFA745F6A2591
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.92.136.16 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
Software
/
Resource Hash
0d3ddfc87e9d2c5885c089a185e83d8499a35b60455550282b7083b955f1b549
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com *.googleapis.com https://app.eika.no/infrastruktur-styleguide-web/;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://app.eika.no/infrastruktur-styleguide-web/;img-src 'self' * data:;frame-src 'self' *.youtube.com *.youtube-nocookie.com *.vimeo.com *.morningstar.com *.portalbank.no https://id.eika.no;font-src 'self' https://fonts.gstatic.com https://app.eika.no/infrastruktur-styleguide-web/;connect-src 'self';report-uri /WebResource.axd?cspReport=true
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SameOrigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com *.googleapis.com https://app.eika.no/infrastruktur-styleguide-web/;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://app.eika.no/infrastruktur-styleguide-web/;img-src 'self' * data:;frame-src 'self' *.youtube.com *.youtube-nocookie.com *.vimeo.com *.morningstar.com *.portalbank.no https://id.eika.no;font-src 'self' https://fonts.gstatic.com https://app.eika.no/infrastruktur-styleguide-web/;connect-src 'self';report-uri /WebResource.axd?cspReport=true
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Disposition
inline; filename="dgb_stor_til_kort.webp"
X-BigIP-Bypass-Errorhandling
true
Last-Modified
Wed, 01 Sep 2021 06:58:58 GMT
X-Frame-Options
SameOrigin
Date
Wed, 30 Mar 2022 07:22:16 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/webp
X-XSS-Protection
1; mode=block
Cache-Control
public, max-age=604800
ETag
5f364fdc64044e82aa36de9cb29cddb4
Accept-Ranges
bytes
Expires
Wed, 06 Apr 2022 07:22:16 GMT
danske-bank-norge-logo-dark.jpg
nye.econa.no/globalassets/bilder---alle-bilder-skal-ligge-her/partner/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nye.econa.no/globalassets/bilder---alle-bilder-skal-ligge-her/partner/danske-bank-norge-logo-dark.jpg?width=1440&format=webp
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dedbfbceb011de3aba256328414af690477b94a30e3609f7b8c01be03dd70c2b
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: wss: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://az416426.vo.msecnd.net https://code.jquery.com https://maxcdn.bootstrapcdn.com https://www.facebook.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://snap.licdn.com https://sc-static.net https://connect.facebook.net https://stats.g.doubleclick.net/j/ https://tr.snapchat.com/collector/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.episerver.net *.bing.com; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://medlemsmorten.boost.ai https://dc.services.visualstudio.com ws: wss: *.bing.com *.virtualearth.net https://www.google-analytics.com; img-src 'self' data: http: https:; child-src 'self' http://player.vimeo.com https://www.youtube.com https://app.powerbi.com
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 07:22:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
87239
content-length
12922
x-xss-protection
1; mode=block
server
cloudflare
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"1D84049309B8787"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
image/webp
cache-control
public, max-age=604800
content-security-policy
default-src 'self' ws: wss: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dc.services.visualstudio.com https://az416426.vo.msecnd.net https://code.jquery.com https://maxcdn.bootstrapcdn.com https://www.facebook.com *.episerver.net *.bing.com *.virtualearth.net https://www.googletagmanager.com https://www.google-analytics.com https://snap.licdn.com https://sc-static.net https://connect.facebook.net https://stats.g.doubleclick.net/j/ https://tr.snapchat.com/collector/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com *.episerver.net *.bing.com; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' https://medlemsmorten.boost.ai https://dc.services.visualstudio.com ws: wss: *.bing.com *.virtualearth.net https://www.google-analytics.com; img-src 'self' data: http: https:; child-src 'self' http://player.vimeo.com https://www.youtube.com https://app.powerbi.com
accept-ranges
bytes
cf-ray
6f3f17dfdbf1906a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 06 Apr 2022 07:22:16 GMT
Nordea-logo.png
slive.no/wp-content/uploads/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slive.no/wp-content/uploads/Nordea-logo.png
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.17.17.11 Ă…lesund, Norway, ASN20741 (ADMINISTRATOR, NO),
Reverse DNS
alfa.administrator.no
Software
nginx / PleskLin
Resource Hash
e3cab58883a604e8a4d559d3b0865bc8efccd2fa329be927f85b32b05cda7f75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 07:22:17 GMT
last-modified
Tue, 16 Jun 2020 06:59:50 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ee86de6-2e6a"
content-type
image/png
accept-ranges
bytes
content-length
11882
santander.png
www.santanderconsumer.no/globalassets/demobilder/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.santanderconsumer.no/globalassets/demobilder/santander.png?scale=MaxWidth940
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.197.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ 0
Resource Hash
3ae880aa6610f8967b6a676f2079f8bdf44c26cf0607be291e6b03a21647b18f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.santanderconsumer.no *.santander.no *.scbbf.local *.scb.nu *.redink.digital santandernorge.boost.ai adminpanel-santandernorge.boost.ai placehold.it *.facebook.com *.facebook.net *.google.com *.google.no *.google.dk *.google.se *.google.fi fonts.googleapis.com lh3.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.giosg.com *.giosgusercontent.com giosg-chat-public-eu.s3.amazonaws.com *.hotjar.com *.doubleclick.net *.youtube.com data.brreg.no *.adnxs.com *.finncdn.no cdn.innocode.digital
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.santanderconsumer.no *.santander.no *.scbbf.local *.scb.nu *.redink.digital santandernorge.boost.ai adminpanel-santandernorge.boost.ai placehold.it *.facebook.com *.facebook.net *.google.com *.google.no *.google.dk *.google.se *.google.fi fonts.googleapis.com lh3.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.giosg.com *.giosgusercontent.com giosg-chat-public-eu.s3.amazonaws.com *.hotjar.com *.doubleclick.net *.youtube.com data.brreg.no *.adnxs.com *.finncdn.no cdn.innocode.digital
x-content-type-options
nosniff
x-cdn
Imperva
x-aspnet-version
4.0.30319
x-powered-by
0
x-iinfo
11-431148087-431148088 2NNN RT(1648624936666 0) q(0 0 0 0) r(0 1) U2
servedby
2
content-length
30797
x-xss-protection
1; mode=block
last-modified
Tue, 17 Mar 2020 09:38:28 GMT
x-frame-options
SAMEORIGIN
date
Wed, 30 Mar 2022 07:22:16 GMT
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
santanderconsumer.no
cache-control
private
etag
"1D5FC3FCFFE8200"
expires
Thu, 07 Apr 2022 07:22:17 GMT
17b340d9-83ed-4dc2-9138-4ce6cc2a1c6b.png
kommunikasjon.ntb.no/data/images/00387/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kommunikasjon.ntb.no/data/images/00387/17b340d9-83ed-4dc2-9138-4ce6cc2a1c6b.png
Requested by
Host: 2yourcredit.com
URL: https://2yourcredit.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.175.105.204 Helsinki, Finland, ASN49282 (FICOLO, FI),
Reverse DNS
kommunikasjon.ntb.no
Software
nginx /
Resource Hash
33fdbf3b0da3fcdcce0e6d3d934c5de995186976007d1e3f003d36c1eb8d40dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2yourcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 07:22:16 GMT
server
nginx
etag
W/"3607891163"
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, PUT, GET, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
https://kommunikasjon.ntb.no
cache-control
max-age=2592000
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type, Origin
expires
Fri, 29 Apr 2022 07:22:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2yourcredit.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:07:55 GMT
x-content-type-options
nosniff
age
40461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2yourcredit.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
44547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 18:59:49 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2yourcredit.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:33:18 GMT
x-content-type-options
nosniff
age
6538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 05:33:18 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| webpackChunkfinance_affiliate

2 Cookies

Domain/Path Name / Value
.santanderconsumer.no/ Name: visid_incap_2431389
Value: 4cU1q3k0Saeg6q69iYMSZigFRGIAAAAAQUIPAAAAAADx4J4HKXjgwXrD8oP1QSqd
.santanderconsumer.no/ Name: incap_ses_729_2431389
Value: oEb3I8c1kj+cd0CvOO4dCigFRGIAAAAA89qKBY4CSxwGXFzlZ6fQYA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926