urlscan.io logo urlscan.io
SecurityTrails logo

lonningskontoret.no Open in urlscan Pro
91.189.120.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.payroll.no/
Effective URL: https://lonningskontoret.no/hjem
Submission: On February 26 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 29 HTTP transactions. The main IP is 91.189.120.204, located in Oslo, Norway and belongs to NEXTHOP, NO. The main domain is lonningskontoret.no.
TLS certificate: Issued by R3 on February 10th 2021. Valid for: 3 months.
This is the only time lonningskontoret.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a01:5b40:0:248::52 (Norway)

ASN12996 (DOMENESHOP Oslo, Norway, NO)
www.payroll.no
16    91.189.120.204 (Oslo, Norway)

ASN49788 (NEXTHOP, NO)
PTR: destinet.no
www.lonningskontoret.no
lonningskontoret.no
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    93.184.220.20 (London, United Kingdom)

ASN15133 (EDGECAST, US)
fast.fonts.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a02:26f0:7100:481::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
15 lonningskontoret.no 1 redirects lonningskontoret.no
2 px.ads.linkedin.com 1 redirects lonningskontoret.no
2 www.facebook.com lonningskontoret.no
connect.facebook.net
2 www.googletagmanager.com lonningskontoret.no
www.googletagmanager.com
2 www.google-analytics.com lonningskontoret.no
www.google-analytics.com
2 connect.facebook.net lonningskontoret.no
connect.facebook.net
1 www.google.de lonningskontoret.no
1 www.google.com lonningskontoret.no
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com lonningskontoret.no
1 fast.fonts.com lonningskontoret.no
1 www.lonningskontoret.no 1 redirects
1 www.payroll.no 1 redirects
29 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
Subject Issuer Validity Valid
lonningskontoret.no
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
gp1.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-01-29 -
2021-03-19		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lonningskontoret.no/hjem
Frame ID: 0FC00CBB2326BC06BDC353D77EB9B9CC
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.payroll.no/ HTTP 301
    http://www.lonningskontoret.no/ HTTP 301
    https://lonningskontoret.no/ HTTP 301
    https://lonningskontoret.no/hjem Page URL

Page Statistics

29
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

15
Subdomains

13
IPs

4
Countries

385 kB
Transfer

1002 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.payroll.no/ HTTP 301
    http://www.lonningskontoret.no/ HTTP 301
    https://lonningskontoret.no/ HTTP 301
    https://lonningskontoret.no/hjem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=482810&time=1614363969305&url=https%3A%2F%2Flonningskontoret.no%2Fhjem HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D482810%26time%3D1614363969305%26url%3Dhttps%253A%252F%252Flonningskontoret.no%252Fhjem%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=482810&time=1614363969305&url=https%3A%2F%2Flonningskontoret.no%2Fhjem&liSync=true

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hjem
lonningskontoret.no/
Redirect Chain
  • https://www.payroll.no/
  • http://www.lonningskontoret.no/
  • https://lonningskontoret.no/
  • https://lonningskontoret.no/hjem
155 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
58e1a54ead42ccdb24193052869535d3ba73341a7b01a80535b87e1cbd543b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
lonningskontoret.no
:scheme
https
:path
/hjem
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
no-cache
date
Fri, 26 Feb 2021 18:26:08 GMT
pragma
no-cache
content-type
text/html
content-encoding
gzip
expires
-1
accept-ranges
none
server
Destinet
set-cookie
D=13194791589612064608; expires=Sat, 26-Feb-2022 18:26:08 GMT; path=/; secure; HttpOnly
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
accept-ch
Viewport-Width, Downlink
x-xss-protection
0

Redirect headers

cache-control
no-cache
date
Fri, 26 Feb 2021 18:26:08 GMT
pragma
no-cache
expires
-1
location
https://lonningskontoret.no:443/hjem
server
Microsoft-IIS/10.0 Destinet
content-length
0
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0
loenningskontoret.png
lonningskontoret.no/s/lonningv1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lonningskontoret.no/s/lonningv1/loenningskontoret.png
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
4beca15937bd94c17fd1aa37094c74a395c33d0d929de85ec164c0d097f2710e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
last-modified
Wed, 23 Dec 2015 09:39:06 GMT
server
Destinet
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public
accept-ranges
none
content-length
8271
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
k0R18JhMiI93j5fOuQZp4DDSvVlbBFSeoiiL208DDEz8gi97f4y9jv+OYSmE939KC54bJqHN+Xmq0ViSJbzJ/g==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 26 Feb 2021 18:26:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
blank.png
lonningskontoret.no/r/view/ 		922 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lonningskontoret.no/r/view/blank.png
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
65d83b1ad2587e12f66d51871ad2b1329ce422e7b20977d69ea37971f520ac8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
last-modified
Wed, 20 Jan 2021 13:25:13 GMT
server
Destinet
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
none
content-length
922
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
1132171.woff
lonningskontoret.no/r/fontsdotcom/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lonningskontoret.no/r/fontsdotcom/1132171.woff?v=6352840030
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
b51e585b7c171eb0eebf96d5f4bc14e801bcbba8f93bdb6e8b30eaceac145b0b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Origin
https://lonningskontoret.no
Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
last-modified
Wed, 19 Feb 2014 08:51:43 GMT
server
Destinet
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
https://lonningskontoret.no
cache-control
public
accept-ranges
none
content-length
26340
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
1132159.woff
lonningskontoret.no/r/fontsdotcom/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lonningskontoret.no/r/fontsdotcom/1132159.woff?v=6352835061
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
5d3ee4a4fd06fb74c18df8e397efca95ed791ddad2d82e75fadf534fdb6c9e7a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Origin
https://lonningskontoret.no
Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
last-modified
Tue, 18 Feb 2014 19:03:35 GMT
server
Destinet
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
https://lonningskontoret.no
cache-control
public
accept-ranges
none
content-length
29032
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
activator2.png
lonningskontoret.no/r/modules/MobileSidebar/menuactivators/ 		974 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lonningskontoret.no/r/modules/MobileSidebar/menuactivators/activator2.png
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
916e956cb53230b9937b74b15170427b7c5c74cf719c71d41978797d061be28e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
last-modified
Wed, 20 Jan 2021 13:25:12 GMT
server
Destinet
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
none
content-length
974
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
viewresponsive.js
lonningskontoret.no/r/view/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lonningskontoret.no/r/view/viewresponsive.js?v=6374795700
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
f2bd546a9791a0551623e185b85aaaa7f32186831d48462d4d7fdd0c980ab8cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 12:50:08 GMT
server
Destinet
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
none
content-length
47594
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
jquery.mmenu.min.416.js
lonningskontoret.no/r/modules/MobileSidebar/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lonningskontoret.no/r/modules/MobileSidebar/jquery.mmenu.min.416.js
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
ac91dda335978320087bb1d09a199f8e1f09d7f6c22b8130b3bb04448e977fcf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 13:25:12 GMT
server
Destinet
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
none
content-length
4054
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
1.css
fast.fonts.com/t/ 		0
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.com/t/1.css?apiType=css&projectid=3bf0d667-37fc-405b-ab20-b4c10be27fbc
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.20 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9A) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
last-modified
Wed, 21 Feb 2018 12:55:22 GMT
server
ECS (amb/6B9A)
age
11532233
etag
"616070693"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
expires
Fri, 26 Feb 2021 18:26:08 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		579 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b85f2bf5aaa0d360180106bd971575db37389cbc173b99f61f7e601ea82cb815

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
1132183.woff
lonningskontoret.no/r/fontsdotcom/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lonningskontoret.no/r/fontsdotcom/1132183.woff?v=6354827298
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
725a31c4944ee8d1b3163764fd25d3838de3a273933cd1a73032757355c3335a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Origin
https://lonningskontoret.no
Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
last-modified
Tue, 07 Oct 2014 08:03:08 GMT
server
Destinet
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
https://lonningskontoret.no
cache-control
public
accept-ranges
none
content-length
24952
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
243923539408820
connect.facebook.net/signals/config/ 		240 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/243923539408820?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c58f4643e89d936bc09debdacc42f38b46607255ca7f8bd60cd46180b7ad4277
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
duGNz6HhICi0yvgIMtF1FvTNpyJvHXiC8stZmPpiItI+mdpOEL+bjMv7KNpcVi7NnyzvuW8ltZ1gy6H7aTLRYw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 26 Feb 2021 18:26:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
182253697
expires
Sat, 01 Jan 2000 00:00:00 GMT
1
lonningskontoret.no/statisticslogging/load/20043716141965726/ 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lonningskontoret.no/statisticslogging/load/20043716141965726/1
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/r/view/viewresponsive.js?v=6374795700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Feb 2021 18:26:08 GMT
cache-control
private
server
Destinet
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1413
date
Fri, 26 Feb 2021 18:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 26 Feb 2021 20:02:36 GMT
gtm.js
www.googletagmanager.com/ 		72 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4FRTX7
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
040b04067d2a2dc65454add9401f6c8db651c4b5332f208feed5e60ce51e3c7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29155
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Feb 2021 18:26:09 GMT
facebook-lik.jpg
lonningskontoret.no/s/lonningv1/ 		242 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lonningskontoret.no/s/lonningv1/facebook-lik.jpg?w=40&h=40&bg=ffffff&w=40
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
1364870e1f79ed655c78cf45d70ecdba14a72a61f954f7e7eae63ed98e0f9882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
last-modified
Mon, 25 Jan 2021 14:05:01 GMT
server
Destinet
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
public
accept-ranges
none
content-length
242
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
linkedin.jpg
lonningskontoret.no/s/lonningv1/ 		348 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lonningskontoret.no/s/lonningv1/linkedin.jpg?w=40&h=40&bg=ffffff&w=40
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
e83baeed5f6110c9523088fbea3fcfbc2ad07a0c27a40e5a729e5389cfbbf41b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
last-modified
Mon, 25 Jan 2021 14:05:01 GMT
server
Destinet
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
public
accept-ranges
none
content-length
348
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
twitter.jpg
lonningskontoret.no/s/lonningv1/ 		308 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lonningskontoret.no/s/lonningv1/twitter.jpg?w=40&h=40&bg=ffffff&w=40
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
1ba1b9f06b3a5643114d5359baa5171980c3529e8b4930728ca9e4e21aaf3dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
last-modified
Mon, 25 Jan 2021 14:05:01 GMT
server
Destinet
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
public
accept-ranges
none
content-length
308
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=243923539408820&ev=PageView&dl=https%3A%2F%2Flonningskontoret.no%2Fhjem&rl=&if=false&ts=1614363969257&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614363969256.1187638599&it=1614363969157&coo=false&rqm=GET
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 26 Feb 2021 18:26:09 GMT
loenningskontoret.jpg
lonningskontoret.no/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lonningskontoret.no/loenningskontoret.jpg?w=1600&h=400
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.189.120.204 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS
destinet.no
Software
Destinet /
Resource Hash
ada039d4d97f4ea3baba0e6e68ee32115a443aa05ac546170462e018171e7f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
last-modified
Tue, 02 Feb 2021 01:47:34 GMT
server
Destinet
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
public
accept-ranges
none
content-length
20378
x-xss-protection
0
expires
Sat, 26 Feb 2022 18:26:09 GMT
collect
www.google-analytics.com/j/ 		2 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=1299807102&t=pageview&_s=1&dl=https%3A%2F%2Flonningskontoret.no%2Fhjem&ul=en-us&de=UTF-8&dt=Autorisert%20regnskapsf%C3%B8rerselskap%20-%20L%C3%B8nningskontoret&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=978428600&gjid=645322146&cid=1460414875.1614363969&tid=UA-89084822-1&_gid=627799872.1614363969&_r=1&_slc=1&z=686485215
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 18:26:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lonningskontoret.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-849075675
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4FRTX7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a585d14f6abbb58c5629657dd3e8d9aa7c115c5a42b85b59552e2b4ec85441d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39436
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Feb 2021 18:26:09 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:481::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 18:26:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=49137
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=482810&time=1614363969305&url=https%3A%2F%2Flonningskontoret.no%2Fhjem
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D482810%26time%3D1614363969305%26url%3Dhttps%253A%252F%252Flonningskontoret.no%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=482810&time=1614363969305&url=https%3A%2F%2Flonningskontoret.no%2Fhjem&liSync=true
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=482810&time=1614363969305&url=https%3A%2F%2Flonningskontoret.no%2Fhjem&liSync=true
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:10 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
QrcSQnpfZxZArSdmfisAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
8RczNnpfZxawLw7+tioAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 9FF7C5100C664F7AACB42B762794C883 Ref B: FRAEDGE1518 Ref C: 2021-02-26T18:26:09Z
date
Fri, 26 Feb 2021 18:26:09 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=482810&time=1614363969305&url=https%3A%2F%2Flonningskontoret.no%2Fhjem&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849075675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 18:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12348
x-xss-protection
0
server
cafe
etag
7672817363517198860
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 Feb 2021 18:26:09 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/849075675/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849075675/?random=1614363969460&cv=9&fst=1614363969460&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flonningskontoret.no%2Fhjem&tiba=Autorisert%20regnskapsf%C3%B8rerselskap%20-%20L%C3%B8nningskontoret&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
771734c370b0eed1b8a827bffc28f06a5fc40c25b36dba6b2fbaf61da35a498c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 18:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/849075675/ 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/849075675/?random=1614363969460&cv=9&fst=1614362400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flonningskontoret.no%2Fhjem&tiba=Autorisert%20regnskapsf%C3%B8rerselskap%20-%20L%C3%B8nningskontoret&async=1&fmt=3&is_vtc=1&random=3790420315&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 18:26:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/849075675/ 		42 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/849075675/?random=1614363969460&cv=9&fst=1614362400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flonningskontoret.no%2Fhjem&tiba=Autorisert%20regnskapsf%C3%B8rerselskap%20-%20L%C3%B8nningskontoret&async=1&fmt=3&is_vtc=1&random=3790420315&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: lonningskontoret.no
URL: https://lonningskontoret.no/hjem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Feb 2021 18:26:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
86 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lonningskontoret.no/hjem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarydDkWN8kRlGCbb9H3

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 26 Feb 2021 18:26:09 GMT
content-type
text/plain
access-control-allow-origin
https://lonningskontoret.no
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| deferinit function| fbq function| _fbq number| CurrentPageID string| CurrentLanguageID string| CurrentSkinID boolean| isEditMode string| vid string| Language string| AdminLanguage object| heightResize object| widthResize function| triggerWindowResize object| fullwidthscaler object| matched object| browser function| oldInit object| rquickExpr function| updateURLParameter function| GetGAIDs function| GAIDExist function| changeTracking function| setCookie function| getCookie function| SetWindowLocationHref function| fitHeight function| fitGalleryHeight function| MPost function| MPostAjax function| DFormClass object| DForm function| DModuleClass object| DModule function| __createformfield function| statisticsEvents function| __doActionEvent function| __Reload function| __doEvent function| __doAjaxEvent function| __doAjaxEventUrl function| __doSyncAjaxEvent function| __doPostBack function| GoogleAnalytics function| MC function| DecodeEmail boolean| debug function| $ function| jQuery object| ActionHandler function| DnRateLimitAction object| canvassize object| ExpanderHandler object| HeightScaler function| DnAddClickHandler function| DnInterceptClickHandler object| jQuery1113028929941932214565 object| anchorHandler function| dcomm function| animationIsInView number| ratio boolean| isProduction string| GoogleAnalyticsObject function| ga object| dataLayer function| filechange object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.lonningskontoret.no/ Name: _gat
Value: 1
.lonningskontoret.no/ Name: _fbp
Value: fb.1.1614363969256.1187638599
.lonningskontoret.no/ Name: _gid
Value: GA1.2.627799872.1614363969
.lonningskontoret.no/ Name: _ga
Value: GA1.2.1460414875.1614363969
lonningskontoret.no/ Name: D
Value: 13194791589612064608

4 Console Messages

Source Level URL
Text
console-api log URL: https://lonningskontoret.no/hjem(Line 63)
Message:
Lazyload image /s/lonningv1/facebook-lik.jpg?w=40&h=40&bg=ffffff
console-api log URL: https://lonningskontoret.no/hjem(Line 63)
Message:
Lazyload image /s/lonningv1/linkedin.jpg?w=40&h=40&bg=ffffff
console-api log URL: https://lonningskontoret.no/hjem(Line 63)
Message:
Lazyload image /s/lonningv1/twitter.jpg?w=40&h=40&bg=ffffff
console-api log URL: https://lonningskontoret.no/hjem(Line 63)
Message:
Lazyload background /loenningskontoret.jpg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fast.fonts.com
googleads.g.doubleclick.net
lonningskontoret.no
px.ads.linkedin.com
snap.licdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.lonningskontoret.no
www.payroll.no
142.250.186.98
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2004
2a01:5b40:0:248::52
2a02:26f0:7100:481::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
91.189.120.204
93.184.220.20
040b04067d2a2dc65454add9401f6c8db651c4b5332f208feed5e60ce51e3c7d
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1364870e1f79ed655c78cf45d70ecdba14a72a61f954f7e7eae63ed98e0f9882
1ba1b9f06b3a5643114d5359baa5171980c3529e8b4930728ca9e4e21aaf3dd4
4beca15937bd94c17fd1aa37094c74a395c33d0d929de85ec164c0d097f2710e
58e1a54ead42ccdb24193052869535d3ba73341a7b01a80535b87e1cbd543b45
5d3ee4a4fd06fb74c18df8e397efca95ed791ddad2d82e75fadf534fdb6c9e7a
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
65d83b1ad2587e12f66d51871ad2b1329ce422e7b20977d69ea37971f520ac8d
6a585d14f6abbb58c5629657dd3e8d9aa7c115c5a42b85b59552e2b4ec85441d
725a31c4944ee8d1b3163764fd25d3838de3a273933cd1a73032757355c3335a
771734c370b0eed1b8a827bffc28f06a5fc40c25b36dba6b2fbaf61da35a498c
916e956cb53230b9937b74b15170427b7c5c74cf719c71d41978797d061be28e
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ac91dda335978320087bb1d09a199f8e1f09d7f6c22b8130b3bb04448e977fcf
ada039d4d97f4ea3baba0e6e68ee32115a443aa05ac546170462e018171e7f1f
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
b51e585b7c171eb0eebf96d5f4bc14e801bcbba8f93bdb6e8b30eaceac145b0b
b85f2bf5aaa0d360180106bd971575db37389cbc173b99f61f7e601ea82cb815
c58f4643e89d936bc09debdacc42f38b46607255ca7f8bd60cd46180b7ad4277
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83baeed5f6110c9523088fbea3fcfbc2ad07a0c27a40e5a729e5389cfbbf41b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bd546a9791a0551623e185b85aaaa7f32186831d48462d4d7fdd0c980ab8cf