booking.paintnsip.no Open in urlscan Pro
34.243.24.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.paintnsip.no/
Submission: On February 28 via automatic, source certstream-suspicious (February 28th 2020, 12:04:08 am UTC)

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 32 HTTP transactions. The main IP is 34.243.24.182, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is booking.paintnsip.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 27th 2020. Valid for: 3 months.

This is the only time booking.paintnsip.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	34.243.24.182 34.243.24.182	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	34.90.75.179 34.90.75.179	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	35.204.27.106 35.204.27.106	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	52.18.156.77 52.18.156.77	16509 (AMAZON-02) (AMAZON-02)
1	34.90.48.149 34.90.48.149	15169 (GOOGLE) (GOOGLE)
32	13

13 34.243.24.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com

booking.paintnsip.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.75.179 (United States)

ASN15169 (GOOGLE, US)
PTR: 179.75.90.34.bc.googleusercontent.com

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.27.106 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 106.27.204.35.bc.googleusercontent.com

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.156.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-156-77.eu-west-1.compute.amazonaws.com

api.paintnsip.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.48.149 (United States)

ASN15169 (GOOGLE, US)
PTR: 149.48.90.34.bc.googleusercontent.com

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	paintnsip.no booking.paintnsip.no api.paintnsip.no	826 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	facebook.com www.facebook.com	396 B
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	362 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	326 B
2	facebook.net connect.facebook.net	142 KB
2	bing.com bat.bing.com	8 KB
2	googletagmanager.com www.googletagmanager.com	51 KB
1	googleapis.com fonts.googleapis.com	683 B
32	12

	Domain	Requested by
13	booking.paintnsip.no	booking.paintnsip.no
3	www.google-analytics.com	2 redirects www.googletagmanager.com
2	api.paintnsip.no	booking.paintnsip.no
2	fonts.gstatic.com	booking.paintnsip.no
2	www.facebook.com	booking.paintnsip.no
2	www.google.de	booking.paintnsip.no
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	connect.facebook.net	booking.paintnsip.no connect.facebook.net
2	bat.bing.com	www.googletagmanager.com booking.paintnsip.no
2	www.googletagmanager.com	booking.paintnsip.no
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	booking.paintnsip.no
1	static.hotjar.com	www.googletagmanager.com
32	15

This site contains no links.

Subject Issuer	Validity	Valid
booking.paintnsip.no Let's Encrypt Authority X3	`2020-02-27` - `2020-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
api.paintnsip.no Let's Encrypt Authority X3	`2020-02-27` - `2020-05-27`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://booking.paintnsip.no/
Frame ID: B4E321D0921C1F11A92C6A5205E997E6
Requests: 31 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2707702139F920D28B04C3B2B8F36BCF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

32
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

1134 kB
Transfer

2583 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=601130601&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&ul=en-us&de=UTF-8&dt=Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=202650038&gjid=412613486&cid=1845253581.1582848233&tid=UA-109231851-1&_gid=2058600596.1582848233&_r=1&gtm=2wg2j0K99K7SS&z=1396175736 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_gid=2058600596.1582848233&gjid=412613486&_v=j81&z=1396175736 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736&slf_rd=1&random=255156013

Request Chain 11

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=601130601&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&ul=en-us&de=UTF-8&dt=Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=1359874442&gjid=1330588173&cid=1845253581.1582848233&tid=UA-109231851-1&_gid=2058600596.1582848233&_r=1&gtm=2ou2j0&z=2086185051 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_gid=2058600596.1582848233&gjid=1330588173&_v=j81&z=2086185051 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051&slf_rd=1&random=2791654964

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
booking.paintnsip.no/ 7 KB
3 KB 188ms
33ms Document
text/html 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2e1c6a485a5ca680669cc1f0c0b2163bb10f5d7add4ab4181d66227b8bc4eb43

Request headers

Host: booking.paintnsip.no
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Connection: keep-alive
Server: nginx
Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Etag: W/"5e4b00f3-1be3"
Content-Encoding: gzip
Via: 1.1 vegur

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109231851-1

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59ffbab9edac193a36a58346c6502825617214d4e93343d233bfcd6790239c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 00:03:52 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 28625
x-xss-protection: 0
expires: Fri, 28 Feb 2020 00:03:52 GMT

GET
H/1.1 200
OK 9.22d6b5ec.chunk.css
booking.paintnsip.no/static/css/ 12 KB
2 KB 33ms
32ms Stylesheet
text/css 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/static/css/9.22d6b5ec.chunk.css
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d893ae57111bbb32f76f3780e78e7cda8bfdaf2508562c4019ced89f7bb1a38d

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: W/"5e4b00f3-2f1d"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main.efb0671c.chunk.css
booking.paintnsip.no/static/css/ 100 KB
13 KB 67ms
33ms Stylesheet
text/css 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/static/css/main.efb0671c.chunk.css
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6331625efd847d2cbe4d02f117d919e0b2d522381b7468f880a045eac1d209f7

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: W/"5e4b00f3-18f66"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 9.a6c0b334.chunk.js Show response
booking.paintnsip.no/static/js/ 393 KB
106 KB 104ms
41ms Script
application/x-javascript 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/static/js/9.a6c0b334.chunk.js
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 57804c5158a4a8441244b594c04862112117b0d273d8b6943d080946f982929b

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Feb 2020 00:55:37 GMT
Server: nginx
Etag: W/"5e571389-62407"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main.89ca486d.chunk.js Show response
booking.paintnsip.no/static/js/ 101 KB
24 KB 102ms
37ms Script
application/x-javascript 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/static/js/main.89ca486d.chunk.js
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d46a29fa231afef6140365b24aa9a0a9db93fb9f1e56f212122925d557f618cb

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: W/"5e4b00f3-195ac"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 65 KB
23 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K99K7SS

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbf569c8871ddad9a42184e7f63bbf00cc1e7fc93179cad23ebced7d12dd09bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 00:03:52 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 23624
x-xss-protection: 0
expires: Fri, 28 Feb 2020 00:03:52 GMT

GET
H2 200 hotjar-1493928.js Show response
static.hotjar.com/c/ 3 KB
2 KB 106ms
105ms Script
application/javascript 34.90.75.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1493928.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99K7SS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.90.75.179 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

179.75.90.34.bc.googleusercontent.com

Software

Resource Hash

21d69b8d88ac3788415e394c3902f9a6226d7131745918c0bf2f1db1aebb8d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 00:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
content-length: 1626
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/548b042a25f99c29df56e1ed7a7cd099
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.078
accept-ranges: bytes
section-io-id: 2d118120cedd192e90c218f7402febdf
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99K7SS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5420
date: Thu, 27 Feb 2020 22:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 28 Feb 2020 00:33:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 45ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K99K7SS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 00:03:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: 98C4C8B425B340B1A9211D33FA20E6E3 Ref B: FRAEDGE0415 Ref C: 2020-02-28T00:03:52Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7295

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: AfyV+xlvC0GARM5WmOtgYhzjqfvE1ElcqdelMl6fHXKtvl95JONWHZh3oKHuclb9v6sGOiZOEFywlS5hkJXtVw==
x-fb-trip-id: 1850256238
date: Fri, 28 Feb 2020 00:03:52 GMT, Fri, 28 Feb 2020 00:03:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=601130601&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&ul=en-us&de=UTF-8&dt=Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro&sd=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_gid=2058600596.1582848233&gjid=412613486&_v=j81&z=1396175736
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736&slf_rd=1&random=255156013

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736&slf_rd=1&random=255156013

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 00:03:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 00:03:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=202650038&_v=j81&z=1396175736&slf_rd=1&random=255156013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=601130601&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&ul=en-us&de=UTF-8&dt=Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro&sd=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_gid=2058600596.1582848233&gjid=1330588173&_v=j81&z=2086185051
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051&slf_rd=1&random=2791654964

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051&slf_rd=1&random=2791654964

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 00:03:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Feb 2020 00:03:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109231851-1&cid=1845253581.1582848233&jid=1359874442&_v=j81&z=2086185051&slf_rd=1&random=2791654964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 439545033114078 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/439545033114078?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

409852b0f1d83e5455c33065d13d9a28544b5872639bc014e262652b7598844e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 2wrmjuEeKVcXGMtqJ0R4bhaPQQPukwTU2B31N2Zz2s96KmLnRv1lwqczW7kVQp96NHPOML8zYZ/GXBWrnrJMRg==
x-fb-trip-id: 1850256238
date: Fri, 28 Feb 2020 00:03:52 GMT, Fri, 28 Feb 2020 00:03:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
683 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,700,900

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11eb12077dba75a2ad5bdaff14a77ffda5e6eb6ac1bce5089c50d3039f20fab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Feb 2020 00:03:52 GMT
server: ESF
date: Fri, 28 Feb 2020 00:03:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Feb 2020 00:03:52 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56000715&Ver=2&mid=37a7f7ba-39ff-e0b8-4840-d90c93ecc0fd&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro&p=https%3A%2F%2Fbooking.paintnsip.no%2F&r=&evt=pageLoad&msclkid=N&rn=635507
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Fri, 28 Feb 2020 00:03:52 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 8EC96EB2541A43DB90B278A8A82E0A85 Ref B: FRAEDGE0415 Ref C: 2020-02-28T00:03:52Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e483a7fd5848d79df4ee.js Show response
script.hotjar.com/ 401 KB
70 KB 81ms
27ms Script
application/javascript 35.204.27.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.e483a7fd5848d79df4ee.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1493928.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.204.27.106 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 106.27.204.35.bc.googleusercontent.com
Software: /
Resource Hash: 4585112a2875bc18afb3fa188a407aefcd4dafa4b7b833fe3f873aece15429b1

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 00:03:52 GMT
content-encoding: br
content-type: application/javascript
age: 15737
status: 200
section-io-cache: Hit
content-length: 71460
last-modified: Thu, 27 Feb 2020 17:17:33 GMT
etag: "f0179ea5c6729cd6b8c9d565caabd69f"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.104
accept-ranges: bytes
section-io-id: 7dfa234d9cab3b17608ed5b8f2e9a346
section-origin-responded: true

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=439545033114078&ev=PageView&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&rl=&if=false&ts=1582848232822&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582848232821.1981675850&it=1582848232723&coo=false&rqm=GET

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 00:03:52 GMT, Fri, 28 Feb 2020 00:03:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 28 Feb 2020 00:03:52 GMT

GET
H/1.1 200
OK 0.090ccad3.chunk.css
booking.paintnsip.no/static/css/ 4 KB
1 KB 32ms
31ms Stylesheet
text/css 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/static/css/0.090ccad3.chunk.css
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fda0172df975b173db362f9eccdaf3239c37bfa61505b228cd36e8c0760f7712

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: W/"5e4b00f3-1152"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 0.a693bc3d.chunk.js Show response
booking.paintnsip.no/static/js/ 110 KB
31 KB 42ms
42ms Script
application/x-javascript 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/static/js/0.a693bc3d.chunk.js
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ed5f22aeb35b863ca50f0bef346c372fdb58264bff0add67025b7c32a005cf46

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: W/"5e4b00f3-1b72d"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 17.fc99fb8b.chunk.js Show response
booking.paintnsip.no/static/js/ 13 KB
4 KB 32ms
32ms Script
application/x-javascript 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.paintnsip.no/static/js/17.fc99fb8b.chunk.js
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a15f208a31717b34eddd6ed9fe1f61c8168f4c736405486991a7308f810d4a3d

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: W/"5e4b00f3-3314"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK logo_full_white.c650625c.png
booking.paintnsip.no/static/media/ 112 KB
112 KB 34ms
34ms Image
image/png 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.paintnsip.no/static/media/logo_full_white.c650625c.png
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 273fd19de81356de004a20ae95823fe1c516a6a06d93d485c330c40984e5facd

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Via: 1.1 vegur
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: "5e4b00f3-1c0d7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114903

GET
H/1.1 200
OK logo_small_white.1d4437f1.png
booking.paintnsip.no/static/media/ 152 KB
152 KB 54ms
32ms Image
image/png 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.paintnsip.no/static/media/logo_small_white.1d4437f1.png
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 341baf37cb7e9df007fb8687dea6f4940e8d9866bec90c934ef1e930dc7bb339

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Via: 1.1 vegur
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: "5e4b00f3-25f28"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155432

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:400,500,700,900
Origin: https://booking.paintnsip.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 03:01:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:29 GMT
server: sffe
age: 2062966
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7924
x-xss-protection: 0
expires: Wed, 03 Feb 2021 03:01:06 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:400,500,700,900
Origin: https://booking.paintnsip.no
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 10:33:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 739846
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7968
x-xss-protection: 0
expires: Thu, 18 Feb 2021 10:33:06 GMT

OPTIONS
H/1.1 204
No Content auth Show response
api.paintnsip.no/api/v1/ 0
737 B 151ms
34ms Fetch 52.18.156.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.paintnsip.no/api/v1/auth

Requested by

Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/static/js/9.a6c0b334.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.156.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-156-77.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://booking.paintnsip.no
Referer: https://booking.paintnsip.no/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,credentials

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Connection: keep-alive
Vary: Origin, Access-Control-Request-Headers
Content-Length: 0
X-Xss-Protection: 1; mode=block
Server: Cowboy
Date: Fri, 28 Feb 2020 00:03:53 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://booking.paintnsip.no
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,credentials

GET
H/1.1 200
OK singleImg.de50397a.png
booking.paintnsip.no/static/media/ 118 KB
118 KB 33ms
32ms Image
image/png 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.paintnsip.no/static/media/singleImg.de50397a.png
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3a4dd128fb27d36a35255b3f4f9b9873ccb14757c41d3c9fc2b8f35e441831e8

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Via: 1.1 vegur
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: "5e4b00f3-1d77d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120701

GET
H/1.1 200
OK groupImg.66c64a95.png
booking.paintnsip.no/static/media/ 138 KB
138 KB 32ms
31ms Image
image/png 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.paintnsip.no/static/media/groupImg.66c64a95.png
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9d039989adf7691374cf42bc87c35df57694b86f272c9b7eb6dcb8accbc4324

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Via: 1.1 vegur
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: "5e4b00f3-22692"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140946

GET
H/1.1 200
OK businessImg.8d945bea.png
booking.paintnsip.no/static/media/ 119 KB
119 KB 45ms
34ms Image
image/png 34.243.24.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.paintnsip.no/static/media/businessImg.8d945bea.png
Requested by: Host: booking.paintnsip.no
URL: https://booking.paintnsip.no/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.24.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-24-182.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e947c07568fb7b194b79b4819f5836be603882b63694a523ac3aee5f3e8eb426

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 00:03:52 GMT
Via: 1.1 vegur
Last-Modified: Mon, 17 Feb 2020 21:09:07 GMT
Server: nginx
Etag: "5e4b00f3-1db44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121668

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2707 0
0 83ms
27ms Document
text/html 34.90.48.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1493928.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.90.48.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 149.48.90.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://booking.paintnsip.no/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://booking.paintnsip.no/

Response headers

status: 200
date: Fri, 28 Feb 2020 00:03:53 GMT
content-type: text/html
content-length: 851
last-modified: Thu, 27 Feb 2020 17:17:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.100
section-origin-responded: true
age: 18994
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 91af974fb243172b72f2be3d71400603

GET
H/1.1 401
Unauthorized auth Show response
api.paintnsip.no/api/v1/ 97 B
657 B 97ms
34ms Fetch
application/json 52.18.156.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.paintnsip.no/api/v1/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.156.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-156-77.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

6f7f3857aaf901f919a5ee2f2d80b4f83778a4018d842efa96ddadd0cf969bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://booking.paintnsip.no
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
credentials: include
Access-Control-Allow-Methods: GET,PUT,POST,PATCH,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://api.paintnsip.no
Referer: https://booking.paintnsip.no/
Access-Control-Allow-Credentials: true
Sec-Fetch-Dest: empty
Access-Control-Allow-Headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
Date: Fri, 28 Feb 2020 00:03:53 GMT
Connection: keep-alive
Content-Length: 97
X-Xss-Protection: 1; mode=block
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"61-PuvU2waIeNpUvsQ2h/a7yJp3mE4"
X-Download-Options: noopen
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://booking.paintnsip.no
Access-Control-Allow-Credentials: true

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=439545033114078&ev=Microdata&dl=https%3A%2F%2Fbooking.paintnsip.no%2F&rl=&if=false&ts=1582848234327&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paint%27n%20Sip%20%E2%80%93%20Maling%20%26%20Moro%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582848232821.1981675850&it=1582848232723&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://booking.paintnsip.no/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 00:03:54 GMT, Fri, 28 Feb 2020 00:03:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 28 Feb 2020 00:03:54 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paintnsip.no/	1970-01-19 16:13:26	Name: _hjid Value: a15960ba-caf9-4b42-9887-b94c5a81fe37
.paintnsip.no/	1970-01-19 07:42:14	Name: _gid Value: GA1.2.2058600596.1582848233
.paintnsip.no/	1970-01-19 07:40:48	Name: _gat_gtag_UA_109231851_1 Value: 1
.paintnsip.no/	1970-01-20 01:12:00	Name: _ga Value: GA1.2.1845253581.1582848233
.paintnsip.no/	1970-01-19 07:40:48	Name: _gat_UA-109231851-1 Value: 1
.paintnsip.no/	1970-01-19 09:50:24	Name: _fbp Value: fb.1.1582848232821.1981675850

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://booking.paintnsip.no/static/js/9.a6c0b334.chunk.js(Line 1) Message: Pixel not initialized before using call ReactPixel.init with required params

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.paintnsip.no
bat.bing.com
booking.paintnsip.no
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.243.24.182
34.90.48.149
34.90.75.179
35.204.27.106
52.18.156.77
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11eb12077dba75a2ad5bdaff14a77ffda5e6eb6ac1bce5089c50d3039f20fab2
21d69b8d88ac3788415e394c3902f9a6226d7131745918c0bf2f1db1aebb8d51
273fd19de81356de004a20ae95823fe1c516a6a06d93d485c330c40984e5facd
2e1c6a485a5ca680669cc1f0c0b2163bb10f5d7add4ab4181d66227b8bc4eb43
341baf37cb7e9df007fb8687dea6f4940e8d9866bec90c934ef1e930dc7bb339
3a4dd128fb27d36a35255b3f4f9b9873ccb14757c41d3c9fc2b8f35e441831e8
409852b0f1d83e5455c33065d13d9a28544b5872639bc014e262652b7598844e
4585112a2875bc18afb3fa188a407aefcd4dafa4b7b833fe3f873aece15429b1
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
57804c5158a4a8441244b594c04862112117b0d273d8b6943d080946f982929b
59ffbab9edac193a36a58346c6502825617214d4e93343d233bfcd6790239c41
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6331625efd847d2cbe4d02f117d919e0b2d522381b7468f880a045eac1d209f7
6f7f3857aaf901f919a5ee2f2d80b4f83778a4018d842efa96ddadd0cf969bc8
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
a15f208a31717b34eddd6ed9fe1f61c8168f4c736405486991a7308f810d4a3d
b9d039989adf7691374cf42bc87c35df57694b86f272c9b7eb6dcb8accbc4324
cbf569c8871ddad9a42184e7f63bbf00cc1e7fc93179cad23ebced7d12dd09bf
d46a29fa231afef6140365b24aa9a0a9db93fb9f1e56f212122925d557f618cb
d893ae57111bbb32f76f3780e78e7cda8bfdaf2508562c4019ced89f7bb1a38d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e947c07568fb7b194b79b4819f5836be603882b63694a523ac3aee5f3e8eb426
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed5f22aeb35b863ca50f0bef346c372fdb58264bff0add67025b7c32a005cf46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fda0172df975b173db362f9eccdaf3239c37bfa61505b228cd36e8c0760f7712

booking.paintnsip.no Open in urlscan Pro 34.243.24.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

67 %IPv6

12 Domains

15 Subdomains

13 IPs

5 Countries

1134 kBTransfer

2583 kBSize

6 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

booking.paintnsip.no Open in urlscan Pro
34.243.24.182 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

1134 kB
Transfer

2583 kB
Size

6
Cookies

32 HTTP transactions
0 data transactions