Submitted URL: https://www.xn--rdsandmultiservice-g4b.no
Effective URL: https://xn--rdsandmultiservice-g4b.no/
Submission: On March 15 via automatic , source certstream-suspicious

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 34 HTTP transactions.
The main IP is 178.164.11.101, located in Mosvik, Norway and belongs to NTE-BREDBAND NIX 1, Oslo, Norway, NO. The main domain is xn--rdsandmultiservice-g4b.no.
The TLS certificate was issued by xn--rdsandmultiservice-g4b.no on March 14th 2019 with a validity of a year.
This is the first time this domain was scanned on urlscan.io!

Domain & IP information

IP Address AS Autonomous System
1 16 178.164.11.101 34087 (NTE-BREDB...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 104.244.42.72 13414 (TWITTER)
34 12
Domain
Subdomains
Transfer
16 xn--rdsandmultiservice-g4b.no
298 KB
5 twitter.com
31 KB
5 google.com
98 KB
2 facebook.com
0 B
2 facebook.net
59 KB
2 gstatic.com
27 KB
1 ytimg.com
8 KB
1 youtube.com
923 B
1 fonts.googleapis.com
797 B
34 9
Domain Requested by
15 xn--rdsandmultiservice-g4b.no xn--rdsandmultiservice-g4b.no
4 platform.twitter.com xn--rdsandmultiservice-g4b.no
platform.twitter.com
4 apis.google.com xn--rdsandmultiservice-g4b.no
apis.google.com
2 connect.facebook.net xn--rdsandmultiservice-g4b.no
connect.facebook.net
2 fonts.gstatic.com xn--rdsandmultiservice-g4b.no
1 syndication.twitter.com
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 s.ytimg.com www.youtube.com
1 accounts.google.com apis.google.com
1 www.youtube.com xn--rdsandmultiservice-g4b.no
1 fonts.googleapis.com xn--rdsandmultiservice-g4b.no
1 www.xn--rdsandmultiservice-g4b.no 1 redirects
34 13

This site contains links to these domains. Also see Links.

Domain
wordpress.org
sircon.no
Subject / Issuer Validity Valid
xn--rdsandmultiservice-g4b.no
xn--rdsandmultiservice-g4b.no
2019-03-14 -
2020-03-13
a year
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.apis.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-01-21 -
2019-04-21
3 months
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year
accounts.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-01-24 -
2020-01-24
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i

Web
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • https://www.xn--rdsandmultiservice-g4b.no/
  • https://xn--rdsandmultiservice-g4b.no/
18 KB
18 KB
Document
General
Full URL
https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
2007f2c77d8944e5308c5b44f796c8ebaea748a0372aef2771a422d611928e65

Request headers

:method
GET
:authority
xn--rdsandmultiservice-g4b.no
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 15 Mar 2019 03:31:58 GMT
server
Apache
link
<https://xn--rdsandmultiservice-g4b.no/wp-json/>; rel="https://api.w.org/", <https://xn--rdsandmultiservice-g4b.no/>; rel=shortlink
cache-control
max-age=0
expires
Fri, 15 Mar 2019 03:31:58 GMT
content-length
18434
content-type
text/html; charset=UTF-8

Redirect headers

status
301
date
Fri, 15 Mar 2019 03:31:57 GMT
server
Apache
x-redirect-by
WordPress
location
https://xn--rdsandmultiservice-g4b.no/
cache-control
max-age=0
expires
Fri, 15 Mar 2019 03:31:57 GMT
content-length
0
content-type
text/html; charset=UTF-8
style.min.css?ver=5.1.1
/wp-includes/css/dist/block-library
25 KB
25 KB
Stylesheet
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:18 GMT
server
Apache
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25242
expires
Sun, 14 Apr 2019 03:31:58 GMT
styles.css?ver=5.1.1
/wp-content/plugins/sircon-people-2/style
3 KB
3 KB
Stylesheet
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/plugins/sircon-people-2/style/styles.css?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
b0b2505850c816ef726e7f94c92e74d4af250f67720cda4fdbf602e6fef1a5a6

Request headers

:path
/wp-content/plugins/sircon-people-2/style/styles.css?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:57 GMT
server
Apache
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2871
expires
Sun, 14 Apr 2019 03:31:58 GMT
showcase.2.1.6.css?ver=5.1.1
/wp-content/plugins/sircon-showcase/style
15 KB
15 KB
Stylesheet
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/plugins/sircon-showcase/style/showcase.2.1.6.css?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
993040e1ec5677bdd9b95a5b6687fcf10ec47dcf4f8367a4ea10dec5c8271d57

Request headers

:path
/wp-content/plugins/sircon-showcase/style/showcase.2.1.6.css?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:59 GMT
server
Apache
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15321
expires
Sun, 14 Apr 2019 03:31:58 GMT
reset-and-preset.css?ver=5.1.1
/wp-content/themes/sircon-express/style
11 KB
11 KB
Stylesheet
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/themes/sircon-express/style/reset-and-preset.css?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
ab0bbfeaecf18794877f39813c7c28f8b61d2ba03aab6e3e5dcdf3cbe9e429a2

Request headers

:path
/wp-content/themes/sircon-express/style/reset-and-preset.css?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:22 GMT
server
Apache
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10898
expires
Sun, 14 Apr 2019 03:31:58 GMT
sassy.1552547327.css?ver=5.1.1
/wp-content/themes/sircon-express/style/optimized-cache
69 KB
70 KB
Stylesheet
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/themes/sircon-express/style/optimized-cache/sassy.1552547327.css?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
c718eda8616a7682d53a26f7fafa097a30d2c997f9ce85d3cd86070a365fcc39

Request headers

:path
/wp-content/themes/sircon-express/style/optimized-cache/sassy.1552547327.css?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:48 GMT
server
Apache
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
70687
expires
Sun, 14 Apr 2019 03:31:58 GMT
print-styles.css?ver=5.1.1
/wp-content/themes/sircon-express/style
692 B
724 B
Stylesheet
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/themes/sircon-express/style/print-styles.css?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
b9a1646edd34b0ff729b7f9bdc4172adb7c20ffbc5359b637fd5ddf680ea5498

Request headers

:path
/wp-content/themes/sircon-express/style/print-styles.css?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:22 GMT
server
Apache
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
692
expires
Sun, 14 Apr 2019 03:31:58 GMT
Verified jquery3.js
/wp-content/themes/sircon-express/scripts/default
84 KB
85 KB
Script
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/themes/sircon-express/scripts/default/jquery3.js
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Verified resource
jquery/3.1.0/jquery.min.js at cdnjs.com, project jquery

Request headers

:path
/wp-content/themes/sircon-express/scripts/default/jquery3.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:22 GMT
server
Apache
content-type
application/javascript
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
86351
expires
Fri, 15 Mar 2019 03:31:58 GMT
showcase.2.1.6.js?ver=1
/wp-content/plugins/sircon-showcase/script
33 KB
34 KB
Script
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/plugins/sircon-showcase/script/showcase.2.1.6.js?ver=1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
0008f99624db56d092392127800a089675953111904190d21dddd6a4be35e214

Request headers

:path
/wp-content/plugins/sircon-showcase/script/showcase.2.1.6.js?ver=1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:59 GMT
server
Apache
content-type
application/javascript
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
34209
expires
Fri, 15 Mar 2019 03:31:58 GMT
norefresh.slides.js?ver=1
/wp-content/plugins/sircon-showcase/script
274 B
306 B
Script
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/plugins/sircon-showcase/script/norefresh.slides.js?ver=1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
6dd18b5bb62f355c76a2d60412ceedfb9ada68ec680b6d7468630802310b247c

Request headers

:path
/wp-content/plugins/sircon-showcase/script/norefresh.slides.js?ver=1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:58 GMT
last-modified
Thu, 14 Mar 2019 07:08:59 GMT
server
Apache
content-type
application/javascript
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
274
expires
Fri, 15 Mar 2019 03:31:58 GMT
css?family=Lato:100,300italic,400italic,600italic,700italic,300,400,600,700%7CLato:100,300italic,400italic,600italic,700italic,300,400,600,700
fonts.googleapis.com
5 KB
797 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300italic,400italic,600italic,700italic,300,400,600,700%7CLato:100,300italic,400italic,600italic,700italic,300,400,600,700
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
30271734d44cfd01def8b6f9a8f2512336e1200df88addc2359e2be00b265303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 15 Mar 2019 03:31:59 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 15 Mar 2019 03:31:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Fri, 15 Mar 2019 03:31:59 GMT
wp-emoji-release.min.js?ver=5.1.1
/wp-includes/js
12 KB
12 KB
Script
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:59 GMT
last-modified
Thu, 14 Mar 2019 07:08:18 GMT
server
Apache
content-type
application/javascript
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
12034
expires
Fri, 15 Mar 2019 03:31:59 GMT
wp-embed.min.js?ver=5.1.1
/wp-includes/js
1 KB
1 KB
Script
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-includes/js/wp-embed.min.js?ver=5.1.1
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:59 GMT
last-modified
Thu, 14 Mar 2019 07:08:18 GMT
server
Apache
content-type
application/javascript
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
1403
expires
Fri, 15 Mar 2019 03:31:59 GMT
optimized-early-scripts.1.2.2.js
/wp-content/themes/sircon-express/scripts/optimized-early-cache
8 KB
8 KB
Script
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/themes/sircon-express/scripts/optimized-early-cache/optimized-early-scripts.1.2.2.js
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
6d3b178307e278b1b0862aa8bdaf9812a8d9e01257f263a268ea283a2cce30a6

Request headers

:path
/wp-content/themes/sircon-express/scripts/optimized-early-cache/optimized-early-scripts.1.2.2.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:59 GMT
last-modified
Thu, 14 Mar 2019 07:08:48 GMT
server
Apache
content-type
application/javascript
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
8293
expires
Fri, 15 Mar 2019 03:31:59 GMT
optimized-scripts.1.2.2.js
/wp-content/themes/sircon-express/scripts/optimized-cache
14 KB
15 KB
Script
General
Full URL
https://xn--rdsandmultiservice-g4b.no/wp-content/themes/sircon-express/scripts/optimized-cache/optimized-scripts.1.2.2.js
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
53b786a493597ef0af017e16516f05bf73e2c57dace87bc775abf5584c261129

Request headers

:path
/wp-content/themes/sircon-express/scripts/optimized-cache/optimized-scripts.1.2.2.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xn--rdsandmultiservice-g4b.no
referer
https://xn--rdsandmultiservice-g4b.no/
:scheme
https
:method
GET
Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:59 GMT
last-modified
Thu, 14 Mar 2019 07:08:48 GMT
server
Apache
content-type
application/javascript
status
200
cache-control
max-age=0
accept-ranges
bytes
content-length
14843
expires
Fri, 15 Mar 2019 03:31:59 GMT
Adblocked platform.js
apis.google.com/js
43 KB
17 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
24f1ce9cf3f90902ce18aa6b30089d7e12e6a42a7d749be537de428b228ec3c7
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-YkA/CwAwj1xiaRGvPv+UiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"6d9738b4d45b33535b392057944a5f6d"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Fri, 15 Mar 2019 03:31:59 GMT
search-icon-light.svg
/wp-content/themes/sircon-express/style/icons
473 B
811 B
Image
General
Full URL
http://xn--rdsandmultiservice-g4b.no/wp-content/themes/sircon-express/style/icons/search-icon-light.svg
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
HTTP/1.1
Server
178.164.11.101 Mosvik, Norway, ASN34087 (NTE-BREDBAND NIX 1, Oslo, Norway, NO),
Reverse DNS
web1.sircon.net
Software
Apache /
Resource Hash
146a1926bbf4bef6f937d80df847cf6212595b0680bb1cfef47edd585a5214f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Mar 2019 03:31:59 GMT
Last-Modified
Thu, 14 Mar 2019 07:08:22 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=0
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/svg+xml
Keep-Alive
timeout=3, max=100
Content-Length
473
Expires
Fri, 15 Mar 2019 03:31:59 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,300italic,400italic,600italic,700italic,300,400,600,700%7CLato:100,300italic,400italic,600italic,700italic,300,400,600,700
Origin
https://xn--rdsandmultiservice-g4b.no

Response headers

date
Fri, 08 Mar 2019 23:44:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
532079
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13944
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 23:44:00 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,300italic,400italic,600italic,700italic,300,400,600,700%7CLato:100,300italic,400italic,600italic,700italic,300,400,600,700
Origin
https://xn--rdsandmultiservice-g4b.no

Response headers

date
Sat, 09 Mar 2019 00:34:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:56 GMT
server
sffe
age
529049
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13828
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 00:34:30 GMT
sdk.js
connect.facebook.net/en_US
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
820ac79431c7b92c0182f0a6a01e33f5492c5010843c9bc2406b4f98c5c7502f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ysXiKm9ljkhPr4UR+gdxxQ==
status
200
date
Fri, 15 Mar 2019 03:31:59 GMT
vary
Accept-Encoding
content-length
1778
x-fb-debug
AZ11bTTkUYIM3vsS3PFdS7f4FXGTKwo2p7D86oTGvt5AFcomGIstVFEeKp+8ApVa0JXHz0GOJ4lOf68vXgdI+g==
x-fb-content-md5
12c450d92ebb826bf09c3f47e5fed1c2
etag
"c160143440a8531c6aa4079fe66b16c0"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Mar 2019 03:32:54 GMT
widgets.js
platform.twitter.com
93 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41D8) /
Resource Hash
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Mar 2019 03:31:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
Server
ECS (fcn/41D8)
Etag
"4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
28028
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.POuSAdufx_M.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g
135 KB
48 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.POuSAdufx_M.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ec8fcbf3c51890ff841c869804f60009b6d6160d0f58a87cf38dd007c90703af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 15:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2019 08:42:23 GMT
server
sffe
age
44738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
49059
x-xss-protection
1; mode=block
expires
Fri, 13 Mar 2020 15:06:21 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.POuSAdufx_M.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g
93 KB
33 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.POuSAdufx_M.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b24c9461f02dc015f1d6dca54b3b8cd856830ff04b7feddfb469aa682733c685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 15:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Mar 2019 08:42:23 GMT
server
sffe
age
44738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33531
x-xss-protection
1; mode=block
expires
Fri, 13 Mar 2020 15:06:21 GMT
Adblocked fastbutton?usegapi=1&size=medium&annotation=inline&width=300&hl=en_US&origin=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&url=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no%2F&gsrc=3p&ic=1&jsh=m%3B%2F_...
apis.google.com/se/0/_/+1
0
0
Document
General
Full URL
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=300&hl=en_US&origin=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&url=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.POuSAdufx_M.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=300&hl=en_US&origin=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&url=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.POuSAdufx_M.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xn--rdsandmultiservice-g4b.no/
accept-encoding
gzip, deflate, br
cookie
NID=164=NzDjp4FQALzV2VBWxWxnst2YlY7SN31AccA9J99hNJtGC80i-hZaUY3iVLddQtJod4oJFIk17O2Z4bw_dvpqcS3q9RSs3GEyZrgS_-VWWNh-7Yn_a8inG-irrq4DOJm2XGI3_MaQgo-0J_TVBKVlLIDmIQkkWB3sxbNFHhuDCyI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xn--rdsandmultiservice-g4b.no/

Response headers

status
404
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 15 Mar 2019 03:31:59 GMT
content-security-policy-report-only
script-src 'report-sample' 'nonce-htygfdaF8FhA0ycbsWmdxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
1; mode=block
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
iframe_api
www.youtube.com
859 B
923 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: xn--rdsandmultiservice-g4b.no
URL: https://xn--rdsandmultiservice-g4b.no/wp-content/plugins/sircon-showcase/script/showcase.2.1.6.js?ver=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
a8db27e3e07e4bb67df1e4adc405733880df27622a0c1f8f73e2df6506c8bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:59 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
859
x-xss-protection
1; mode=block
expires
Tue, 27 Apr 1971 19:44:06 EST
sdk.js?hash=012f3219dc0e26427b48ffaaa3ad2972&ua=modern_es6
connect.facebook.net/en_US
191 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=012f3219dc0e26427b48ffaaa3ad2972&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
196031fd788933b5a1509e46847365ba5c943d6b135e9efbc413fae871ae45b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xn--rdsandmultiservice-g4b.no/
Origin
https://xn--rdsandmultiservice-g4b.no

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
rFsHI7/jQ/hX6RjZgwi+6Q==
status
200
date
Fri, 15 Mar 2019 03:31:59 GMT
vary
Accept-Encoding
content-length
58403
x-fb-debug
s9c3d16y7/cn8ByhaLClyZZbG2bzSLtNuBlSUF17+lekTxTXr8/3L31f7jdK4EYoLBXegrutnEi6lOMKcgus3Q==
x-fb-content-md5
66a7e75700ed86aa02618c4b3064c169
etag
"ef774ec59f48cb86a882220cded102f0"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 14 Mar 2020 02:24:24 GMT
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
platform.twitter.com/widgets
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DF) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xn--rdsandmultiservice-g4b.no/
Accept-Encoding
gzip, deflate, br
Cookie
personalization_id="v1_AMjLdAJpyF+z4LGhQrkt5w=="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xn--rdsandmultiservice-g4b.no/

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Mar 2019 03:31:59 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:26 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40DF)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
Adblocked button.dd024c345fc26f7c7a8d9938b67e5d3d.js
platform.twitter.com/js
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.dd024c345fc26f7c7a8d9938b67e5d3d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Mar 2019 03:31:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:15 GMT
Server
ECS (fcn/40E6)
Etag
"481d209bbcd2464884d57a77bc64e947+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
2293
postmessageRelay?parent=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.POuSAdufx_M.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNie9DR8_4D_M8...
accounts.google.com/o/oauth2
0
0
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.POuSAdufx_M.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.POuSAdufx_M.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b5gQaAWFugR6ju6gA7tw1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.POuSAdufx_M.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNie9DR8_4D_M8Jus2yis_8YhMR-g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xn--rdsandmultiservice-g4b.no/
accept-encoding
gzip, deflate, br
cookie
NID=164=NzDjp4FQALzV2VBWxWxnst2YlY7SN31AccA9J99hNJtGC80i-hZaUY3iVLddQtJod4oJFIk17O2Z4bw_dvpqcS3q9RSs3GEyZrgS_-VWWNh-7Yn_a8inG-irrq4DOJm2XGI3_MaQgo-0J_TVBKVlLIDmIQkkWB3sxbNFHhuDCyI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xn--rdsandmultiservice-g4b.no/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 15 Mar 2019 03:31:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-b5gQaAWFugR6ju6gA7tw1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfl5ur_dk
20 KB
8 KB
Script
General
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl5ur_dk/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3cf7db9d05610a9898b552a5090814d8fff880fb5b81710e3a1e26cf05f66e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Mar 2019 13:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50003
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
7822
x-xss-protection
1; mode=block
last-modified
Wed, 13 Mar 2019 17:54:12 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 22 Mar 2019 13:38:36 GMT
Adblocked tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
platform.twitter.com/widgets
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A2) /
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xn--rdsandmultiservice-g4b.no/
Accept-Encoding
gzip, deflate, br
Cookie
personalization_id="v1_AMjLdAJpyF+z4LGhQrkt5w=="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xn--rdsandmultiservice-g4b.no/

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Mar 2019 03:31:59 GMT
Etag
"8dadfe02e828fc4a9d61e33bdd1df329+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A2)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12257
d_vbiawPdxB.js?version=44
staticxx.facebook.com/connect/xd_arbiter/r
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=012f3219dc0e26427b48ffaaa3ad2972&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f029:16:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xn--rdsandmultiservice-g4b.no/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xn--rdsandmultiservice-g4b.no/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 13 Mar 2020 21:38:07 GMT
cache-control
public,max-age=31536000,immutable
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
x-fb-debug
x69Io0qQ5xC52nc7odk+LygcVwOtk1TZXdHIsF6tAlo8JG1BvjO0jYY4nmqU+dtX6Qxi2EL2etgVnkay52sBiA==
content-length
11035
date
Fri, 15 Mar 2019 03:31:59 GMT
Adblocked like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df177ff2cd5088a%26domain%3Dxn--rdsandmultiservice-g4b.no%26...
www.facebook.com/v2.3/plugins
0
0
Document
General
Full URL
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df177ff2cd5088a%26domain%3Dxn--rdsandmultiservice-g4b.no%26origin%3Dhttps%253A%252F%252Fxn--rdsandmultiservice-g4b.no%252Ff210d04716a28c4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=012f3219dc0e26427b48ffaaa3ad2972&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df177ff2cd5088a%26domain%3Dxn--rdsandmultiservice-g4b.no%26origin%3Dhttps%253A%252F%252Fxn--rdsandmultiservice-g4b.no%252Ff210d04716a28c4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fxn--rdsandmultiservice-g4b.no%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://xn--rdsandmultiservice-g4b.no/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xn--rdsandmultiservice-g4b.no/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version
v2.8
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
IyuYqUuW6CVRxixhMqxglOAOxGSPJGWhaC0V1z7f1NVhdXvQLXa0n2A/2CBmWHvct4OOh04QaxRESkJFwkYI1Q==
date
Fri, 15 Mar 2019 03:31:59 GMT
Adblocked jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fxn--rdsandmultiservice-g4b.no%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%2...
syndication.twitter.com/i
43 B
375 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fxn--rdsandmultiservice-g4b.no%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1552620719608%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c1f189f%3A1551939852453%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://xn--rdsandmultiservice-g4b.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 15 Mar 2019 03:31:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
109
pragma
no-cache
last-modified
Fri, 15 Mar 2019 03:31:59 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4c2b5ae8daf0006ba68d2543b8f98f1e
x-transaction
001d532d0011b28c
expires
Tue, 31 Mar 1981 05:00:00 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://www.xn--rdsandmultiservice-g4b.no/
  • https://xn--rdsandmultiservice-g4b.no/

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| sircon object| _wpemojiSettings function| $ function| jQuery function| onYouTubeIframeAPIReady object| twemoji object| wp undefined| msViewportStyle function| equalizeHeightBoxes object| FontDetect function| getMenuOffset function| stickClassOnScroll function| percentage string| cCurrentVisible object| ___gcfg string| lang object| twttr object| gapi object| ___jsl object| ___gu object| FB object| __twttrll object| __twttr object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

2 Cookies

Domain/Path Name / Value
.twitter.com/ Name: personalization_id
Value: "v1_AMjLdAJpyF+z4LGhQrkt5w=="
.google.com/ Name: NID
Value: 164=NzDjp4FQALzV2VBWxWxnst2YlY7SN31AccA9J99hNJtGC80i-hZaUY3iVLddQtJod4oJFIk17O2Z4bw_dvpqcS3q9RSs3GEyZrgS_-VWWNh-7Yn_a8inG-irrq4DOJm2XGI3_MaQgo-0J_TVBKVlLIDmIQkkWB3sxbNFHhuDCyI

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

accounts.google.com
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
platform.twitter.com
s.ytimg.com
staticxx.facebook.com
syndication.twitter.com
www.facebook.com
www.xn--rdsandmultiservice-g4b.no
www.youtube.com
xn--rdsandmultiservice-g4b.no


104.244.42.72
178.164.11.101
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80b::200e
2a00:1450:4001:814::200d
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::200e
2a00:1450:4001:820::200a
2a00:1450:4001:825::2003
2a03:2880:f029:16:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de

0008f99624db56d092392127800a089675953111904190d21dddd6a4be35e214
146a1926bbf4bef6f937d80df847cf6212595b0680bb1cfef47edd585a5214f9
196031fd788933b5a1509e46847365ba5c943d6b135e9efbc413fae871ae45b2
2007f2c77d8944e5308c5b44f796c8ebaea748a0372aef2771a422d611928e65
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
24f1ce9cf3f90902ce18aa6b30089d7e12e6a42a7d749be537de428b228ec3c7
30271734d44cfd01def8b6f9a8f2512336e1200df88addc2359e2be00b265303
3cf7db9d05610a9898b552a5090814d8fff880fb5b81710e3a1e26cf05f66e57
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
53b786a493597ef0af017e16516f05bf73e2c57dace87bc775abf5584c261129
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
6d3b178307e278b1b0862aa8bdaf9812a8d9e01257f263a268ea283a2cce30a6
6dd18b5bb62f355c76a2d60412ceedfb9ada68ec680b6d7468630802310b247c
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
820ac79431c7b92c0182f0a6a01e33f5492c5010843c9bc2406b4f98c5c7502f
993040e1ec5677bdd9b95a5b6687fcf10ec47dcf4f8367a4ea10dec5c8271d57
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a8db27e3e07e4bb67df1e4adc405733880df27622a0c1f8f73e2df6506c8bbb3
ab0bbfeaecf18794877f39813c7c28f8b61d2ba03aab6e3e5dcdf3cbe9e429a2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0b2505850c816ef726e7f94c92e74d4af250f67720cda4fdbf602e6fef1a5a6
b24c9461f02dc015f1d6dca54b3b8cd856830ff04b7feddfb469aa682733c685
b9a1646edd34b0ff729b7f9bdc4172adb7c20ffbc5359b637fd5ddf680ea5498
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c718eda8616a7682d53a26f7fafa097a30d2c997f9ce85d3cd86070a365fcc39
ec8fcbf3c51890ff841c869804f60009b6d6160d0f58a87cf38dd007c90703af