www.kred.no Open in urlscan Pro
52.213.120.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kred.no/privat/login/
Effective URL:
https://www.kred.no/privat/login/
Submission: On July 22 via api (July 22nd 2022, 11:39:22 am UTC) from IE — Scanned from NO

Summary HTTP 46 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 15 domains to perform 46 HTTP transactions. The main IP is 52.213.120.81, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.kred.no.
TLS certificate: Issued by R3 on July 17th 2022. Valid for: 3 months.

This is the only time www.kred.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	52.213.120.81 52.213.120.81	16509 (AMAZON-02) (AMAZON-02)
2	104.21.63.54 104.21.63.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
2	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
3	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2 4	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	2.21.20.160 2.21.20.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
4	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
6	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
5	23.36.162.17 23.36.162.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
5	23.212.110.186 23.212.110.186	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.177.15.157 108.177.15.157	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
46	20

4 52.213.120.81 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-120-81.eu-west-1.compute.amazonaws.com

www.kred.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.63.54 (None, )

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

10465951.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-160.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.248 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.162.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-17.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.110.186 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-110-186.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

adservice.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5696 api.livechatinc.com — Cisco Umbrella Rank: 4670 secure.livechatinc.com — Cisco Umbrella Rank: 5768 accounts.livechatinc.com — Cisco Umbrella Rank: 6761	276 KB
6	gstatic.com fonts.gstatic.com	114 KB
5	doubleclick.net 2 redirects 10465951.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	935 B
4	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3758 s2.adform.net — Cisco Umbrella Rank: 5687	31 KB
4	kred.no 1 redirects www.kred.no	131 KB
3	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 371 www.linkedin.com — Cisco Umbrella Rank: 472	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	194 KB
2	google.no adservice.google.no — Cisco Umbrella Rank: 200414 www.google.no — Cisco Umbrella Rank: 26064	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 947	83 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 738	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	67 KB
46	15

	Domain	Requested by
6	fonts.gstatic.com	fonts.googleapis.com
5	cdn.livechatinc.com	www.kred.no secure.livechatinc.com
4	www.facebook.com	www.kred.no
4	10465951.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.kred.no	1 redirects www.kred.no
3	api.livechatinc.com	cdn.livechatinc.com
3	track.adform.net	2 redirects www.kred.no
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.kred.no
3	connect.facebook.net	www.kred.no connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.kred.no
2	adservice.google.com	10465951.fls.doubleclick.net
2	fonts.googleapis.com	www.kred.no secure.livechatinc.com
2	use.fontawesome.com	www.kred.no use.fontawesome.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	www.google.no	www.kred.no
1	www.google.com	www.kred.no
1	adservice.google.no	adservice.google.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	s2.adform.net	www.kred.no
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.kred.no
46	23

This site contains links to these domains. Also see Links.

Domain
d3npxl5e6k1rpa.cloudfront.net
nettkontor.kred.no
www.facebook.com
no.linkedin.com

Subject Issuer	Validity	Valid
kred.no R3	`2022-07-17` - `2022-10-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-30` - `2022-07-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
livechat.com DigiCert ECC Secure Server CA	`2022-02-25` - `2023-03-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.no GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.kred.no/privat/login/
Frame ID: 94B631D38681058563B1BACF916EA561
Requests: 33 HTTP requests in this frame

Frame: https://10465951.fls.doubleclick.net/activityi;dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
Frame ID: C856681E9AA9A634B4CBCD3EF2AD148B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
Frame ID: AC1D226DF69C4E1E14A27A508D36A456
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=8774411&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: C88D9A52E7502E810636E363C158E179
Requests: 8 HTTP requests in this frame

Frame: https://adservice.google.no/ddm/fls/i/dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
Frame ID: 19D5A56CFB77933484382A09360017AB
Requests: 1 HTTP requests in this frame

Frame: https://10465951.fls.doubleclick.net/activityi;dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
Frame ID: 0B4DD7261DA3D5F747BDB325F3E0CE88
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Kreditorforeningen

Page URL History Show full URLs

http://www.kred.no/privat/login/ HTTP 301
https://www.kred.no/privat/login/ Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

46
Requests

93 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

20
IPs

6
Countries

926 kB
Transfer

2709 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://d3npxl5e6k1rpa.cloudfront.net/media/1553520243/saksnr-eksempel.jpg
Title: Her finner du saksnummeret i brevet

Search URL Search Domain Scan URL

URL: https://nettkontor.kred.no/InfocenterDebitorMidt/Login/Index?ReturnUrl=%2FInfocenterDebitorMidt%2F
Title: MIDT

Search URL Search Domain Scan URL

URL: https://d3npxl5e6k1rpa.cloudfront.net/media/1553520243/region-eksempel.jpg
Title: Her finner du region i brevet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Kreditorforeningen/

Search URL Search Domain Scan URL

URL: https://no.linkedin.com/company/kreditorforeningen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kred.no/privat/login/ HTTP 301
https://www.kred.no/privat/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://10465951.fls.doubleclick.net/activityi;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F HTTP 302
https://10465951.fls.doubleclick.net/activityi;dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

Request Chain 11

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 22

https://track.adform.net/Serving/TrackPoint/?pm=1922473&ADFdivider=%7C&ord=49964071715&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1922473&ADFdivider=%7C&ord=49964071715&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

Request Chain 24

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2944953&time=1658489957098&url=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2944953%26time%3D1658489957098%26url%3Dhttps%253A%252F%252Fwww.kred.no%252Fprivat%252Flogin%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2944953&time=1658489957098&url=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&liSync=true

Request Chain 40

https://10465951.fls.doubleclick.net/activityi;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F HTTP 302
https://10465951.fls.doubleclick.net/activityi;dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kred.no/privat/login/
Redirect Chain

http://www.kred.no/privat/login/
https://www.kred.no/privat/login/

18 KB
6 KB

676ms
525ms

Document
text/html

52.213.120.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kred.no/privat/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-120-81.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 57de7504421b029d71946355040ab6ad649665cecdaa2c74cb0e240f2d472372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 22 Jul 2022 11:39:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

Cache-Control: max-age=2592000
Connection: Keep-Alive
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 22 Jul 2022 11:39:15 GMT
Expires: Sun, 21 Aug 2022 11:39:15 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.kred.no/privat/login/
Server: Apache

GET
H2 200 main.css
www.kred.no/assets/css/ 187 KB
30 KB 163ms
162ms Stylesheet
text/css 52.213.120.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kred.no/assets/css/main.css?6f051c2a66bf235018c06ea31e94447614e2c98d
Requested by: Host: www.kred.no
URL: https://www.kred.no/privat/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-120-81.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 76770d2d2d1735f069d1e042e68d44f8899d6f44f140822635f836781c31cf1c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/privat/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:15 GMT
content-encoding: gzip
last-modified: Sun, 03 Apr 2022 21:21:20 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29976
expires: Sun, 21 Aug 2022 11:39:15 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.1/css/ 53 KB
12 KB 439ms
50ms Stylesheet
text/css 104.21.63.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by: Host: www.kred.no
URL: https://www.kred.no/privat/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://www.kred.no/
Origin: https://www.kred.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:16 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8568416
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PCDKNSJFCHPP6C4Z
x-amz-id-2: 1tJd68mNc6QlOY7rV/atsMG8vdf3WNengpM+/yP3S9vz17zpfW6pEbOciZegX2DmKNJVb8lf1Bs=
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn0sDei2hhrJG56cRU7V6WwtfR3duPk1%2Bj%2FUTq0%2BEpgigJhvq1QzK%2BXCGYjucBJixmovACzhO6w%2B8j%2FR4paQu2tPrCJAo1SlRjr2Hx7CNN%2B0s7jSiV6u6%2FA4zYaw5PFVBxHzk%2ByU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 72ebe5128e2bb51b-OSL

GET
H2 200 main.js Show response
www.kred.no/assets/js/ 296 KB
95 KB 86ms
85ms Script
application/javascript 52.213.120.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kred.no/assets/js/main.js?6f051c2a66bf235018c06ea31e94447614e2c98d
Requested by: Host: www.kred.no
URL: https://www.kred.no/privat/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.213.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-120-81.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 6f6f32bc86d02f5ce3dceb9983dbb0f8e9fc12777353b5aac047d3ad511b9bfc

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/privat/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:15 GMT
content-encoding: gzip
last-modified: Sun, 03 Apr 2022 21:21:20 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 11:39:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 503ms
68ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: lsuFN+gbb159Jo7Uz8wwyq/Sv2ucUdin/ijSjqK4Z6n4IHt3TN2h1Jmu4se36SJLzqVhkWgIc7O2uYhIg20SkQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Jul 2022 11:39:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
67 KB 551ms
95ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P55M863

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f085633fabfc1220fbf97aeb3d0e2a401a233a4fca5c2780d5f99d97a1f3ee27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68029
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Jul 2022 11:39:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 551ms
88ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:100,200,300,400,400i,500,800&display=swap

Requested by

Host: www.kred.no
URL: https://www.kred.no/assets/css/main.css?6f051c2a66bf235018c06ea31e94447614e2c98d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

5c4e54be6dbfc958edaa84603a07f6ad2432e742fa8e25ee1642219fe8bcc19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 11:39:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 11:39:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Jul 2022 11:39:16 GMT

GET
H2 200 230180607915681 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 67ms
66ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/230180607915681?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

1c7d3ddd39152c060e6d10d4a36ef421a8950754f4aaeb762fb57750bc9949e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85628
x-xss-protection: 0
pragma: public
x-fb-debug: z1IWKYQXmGaokXXIFhql+Q8xseyEg6KMq3pIaA1YJg2lnljRp4xnLiLONjSxR8jcjYAZ2ahe0MSufrtO/M98nw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Jul 2022 11:39:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 543ms
76ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P55M863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2000
date: Fri, 22 Jul 2022 11:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Jul 2022 13:05:57 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.7.1/webfonts/ 70 KB
71 KB 56ms
55ms Font
font/woff2 104.21.63.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5b989f374a637c1e57ab27e2aab6b5b98685249f78201ee60173a1afa52124

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Origin: https://www.kred.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:16 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1311865
cf-ray: 72ebe514b94fb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72148
x-amz-id-2: 6HnoWW8UhlyUlsuwFy3STHvegQPhK/e3kkbiHi768gILVOZzOeHLV+Hkm+XnSUjQgBJrZzZLM50=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: "662c24d02ff1711bd01ec3868df8680b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F2wAJZNcO9YV71lw5RT8VKn%2B8M7EceORnkk11O3GuVtXlMe2M1IiB0%2BHCCSTRkNjCfM52WKD5WMOwbeu3CbFdirm1tstVNisPAb35l7ZQPKdqgS0Jxty9g6x%2Bhbxp7KF5nLI8al"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 2FMXC9VNSHHWWZJE
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2

200

activityi;dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F Show response
10465951.fls.doubleclick.net/ Frame C856
Redirect Chain

https://10465951.fls.doubleclick.net/activityi;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?
https://10465951.fls.doubleclick.net/activityi;dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww...

493 B
566 B

106ms
106ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10465951.fls.doubleclick.net/activityi;dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P55M863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

b93fe91b6f70be88b82dfa2665a1b78ff7890e8503a2ecf9e42422d27b16a70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 11:39:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 11:39:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10465951.fls.doubleclick.net/activityi;dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 515ms
66ms Script
application/x-javascript 2.21.20.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P55M863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 11:39:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=77746
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
30 KB

178ms
55ms

Script
application/javascript

37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.kred.no
URL: https://www.kred.no/privat/login/
Protocol: H2
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:16 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx00000000000004b62b756-0062da868b-323354ba-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 22 Jul 2022 11:39:16 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 787334305182730 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 71ms
70ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/787334305182730?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

e97db3e3bfd17335707d2573f2e3e1130f5dd12cc9def55745b8560cf78b0ea8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85659
x-xss-protection: 0
pragma: public
x-fb-debug: tGoseACDRbVD3R+mqits9AyfWPPdNCUtW2t5k69f0Z4q5EJs2hYxogqMkS9Ey6Sl/BEoXGawZwoQdAMoiwASqQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Jul 2022 11:39:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 507ms
67ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230180607915681&ev=PageView&dl=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&rl=&if=false&ts=1658489956592&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658489956592.1547015315&it=1658489956402&coo=false&exp=u0&rqm=GET

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 22 Jul 2022 11:39:17 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v16/ 22 KB
22 KB 611ms
148ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:100,200,300,400,400i,500,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kred.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 20:23:57 GMT
x-content-type-options: nosniff
age: 54920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22592
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:23:57 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnWKneRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 22 KB
22 KB 539ms
77ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnWKneRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:100,200,300,400,400i,500,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

cd81cffa354dab330bbe09873f78733bd83ae82d50a07c56dcc2fb71f98ac9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kred.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 00:00:06 GMT
x-content-type-options: nosniff
age: 41951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22216
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:57:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 00:00:06 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 22 KB
22 KB 639ms
176ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:100,200,300,400,400i,500,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kred.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 20:32:33 GMT
x-content-type-options: nosniff
age: 54404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22760
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:56:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:32:33 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 22 KB
22 KB 672ms
209ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:100,200,300,400,400i,500,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

be8268fdf5d6791bc737102f1429ecd20a78d58e2a2cea7db1f614aecefc40fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kred.no
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 21:09:57 GMT
x-content-type-options: nosniff
age: 52160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22316
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 21:09:57 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 79 KB
24 KB 225ms
73ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.kred.no
URL: https://www.kred.no/privat/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4dc10e55285ed4f4c8ceb1e9103edf9b44e646d9d2e3054638e41782e5522701

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 6FjU4VEjxShjRCwe83XxhX1sb.hRoH__
content-encoding: br
last-modified: Thu, 14 Jul 2022 12:02:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"5b07b544dc64a2b6f17b7f784b782d0a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Fri, 22 Jul 2022 11:39:16 GMT
content-length: 24123
x-amz-cf-id: G1PMPXaTQc2XxZkfRMayopYXhIC7mvLnAWazwf88i29WZvWQUoAAjg==
expires: Fri, 22 Jul 2022 19:39:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 390ms
68ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=787334305182730&ev=PageView&dl=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&rl=&if=false&ts=1658489956711&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658489956592.1547015315&it=1658489956402&coo=false&exp=u0&rqm=GET

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 22 Jul 2022 11:39:17 GMT

GET
H2 200 dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F Show response
adservice.google.com/ddm/fls/i/ Frame AC1D 492 B
857 B 572ms
113ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

Requested by

Host: 10465951.fls.doubleclick.net
URL: https://10465951.fls.doubleclick.net/activityi;dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

438069b4b76f36595de848f06b7b034fa5b1079945cddca863f19c66c58f54c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10465951.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 388
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 11:39:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 269 B
473 B 416ms
243ms Script
application/javascript 23.212.110.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=8774411&url=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&channel_type=code&jsonp=__tak60bh2l1c

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.110.186 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-212-110-186.deploy.static.akamaitechnologies.com

Software

Resource Hash

43b737b1893aae8791ce0fad233b5168c2811f04e91be34c1852e8c9da78d622

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.kred.no/;
X-Frame-Options	allow-from https://www.kred.no/

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.kred.no/;
vary: Accept-Encoding
x-frame-options: allow-from https://www.kred.no/
date: Fri, 22 Jul 2022 11:39:17 GMT
content-length: 269
legacy: 2023-06-30
content-type: application/javascript; charset=UTF-8

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1922473&ADFdivider=%7C&ord=49964071715&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1922473&ADFdivider=%7C&ord=49964071715&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

121 B
600 B

53ms
53ms

Script
text/javascript

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1922473&ADFdivider=%7C&ord=49964071715&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

91bb7bb2c9824ce3500f20e0d50a19b0e298934d706d0deab54421d314d74e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 11:39:17 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 194
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 22 Jul 2022 11:39:17 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1922473&ADFdivider=%7C&ord=49964071715&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 68ms
67ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230180607915681&ev=Microdata&dl=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&rl=&if=false&ts=1658489957095&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20-%20Kreditorforeningen%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Login%20-%20Kreditorforeningen%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658489956592.1547015315&it=1658489956402&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 22 Jul 2022 11:39:17 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2944953&time=1658489957098&url=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2944953%26time%3D1658489957098%26url%3Dhttps%253A%252F%252Fwww.kred.no%252Fprivat...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2944953&time=1658489957098&url=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&liSync=true

0
160 B

234ms
234ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2944953&time=1658489957098&url=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&liSync=true
Requested by: Host: www.kred.no
URL: https://www.kred.no/privat/login/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4E8C8AE649BA441A9A19E3E881CA5911 Ref B: OSL30EDGE0109 Ref C: 2022-07-22T11:39:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkY0jQcfmlmH1I/fcJ5w==
x-li-fabric: prod-lor1

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXkY0jMye7S4XffwGUcTQ==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D6A11849467646B0AE3DFC2AB854E03C Ref B: OSL30EDGE0109 Ref C: 2022-07-22T11:39:17Z
x-frame-options: sameorigin
date: Fri, 22 Jul 2022 11:39:17 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2944953&time=1658489957098&url=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 380ms
79ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1621192127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login%20-%20Kreditorforeningen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=362727460&gjid=1235677305&cid=1666805819.1658489957&tid=UA-16018272-1&_gid=1675719204.1658489957&_r=1&gtm=2wg7k0P55M863&z=1018051337

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kred.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 11:39:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kred.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 373ms
72ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=787334305182730&ev=Microdata&dl=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&rl=&if=false&ts=1658489957212&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20-%20Kreditorforeningen%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Login%20-%20Kreditorforeningen%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658489956592.1547015315&it=1658489956402&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 22 Jul 2022 11:39:17 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 5 KB
2 KB 135ms
135ms Script
application/javascript 23.212.110.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=8774411&version=2049.11.11.1476.95.61.42.11.7.17.7.63&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.186 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-110-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc8d06bd60fef6ea6d0dd407c8dbb263d3d6ea8238fa91ca37a626dd82db624a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:17 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=544
content-length: 1744
expires: Fri, 22 Jul 2022 11:48:21 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 524ms
77ms XHR
text/plain 108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16018272-1&cid=1666805819.1658489957&jid=362727460&gjid=1235677305&_gid=1675719204.1658489957&_u=YEBAAEAAAAAAAC~&z=83293618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kred.no/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Jul 2022 11:39:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.kred.no
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame C88D 4 KB
2 KB 107ms
106ms Document
text/html 23.212.110.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8774411&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.186 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-110-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8b87695aeedab17741b98b67bbcc7b3bec2de278664e6022fef593436a3341a9

Request headers

Referer: https://www.kred.no/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

content-encoding: gzip
content-length: 1987
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 11:39:17 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 141ms
140ms Script
application/javascript 23.212.110.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=8774411&version=a2fb162d3655d456397b7117a50bebbc_29ab4c4e4615a0d2ef200d4a1d4f923f&language=nb&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.186 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-110-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1eaa976b4ee260afd8c8300a6b02ba2798f0ee6d86a078c8f1c17c1259273264

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 11:39:17 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=585
content-length: 4224
expires: Fri, 22 Jul 2022 11:49:02 GMT

GET
H2 200 dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F Show response
adservice.google.no/ddm/fls/i/ Frame 19D5 194 B
870 B 600ms
117ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.no/ddm/fls/i/dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKO29cW0jPkCFaOd7QodricPBQ;src=10465951;type=pagev1;cat=pagev0;ord=6576406947818;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 11:39:18 GMT
expires: Fri, 22 Jul 2022 11:39:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C88D 5 KB
809 B 389ms
87ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8774411&group=0&embedded=1&widget_version=3&unique_groups=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 11:14:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 11:39:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Jul 2022 11:39:18 GMT

GET
H2 200 0.5d78072a.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame C88D 208 KB
65 KB 72ms
71ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.5d78072a.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8774411&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 25cce8746c7e62ba306f2626742c0d4a9d785fc05444f39479f41e57d261b6be

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: EMe9Kjm9mCOuqSHGg10pNdGYPTfaDb9H
content-encoding: br
last-modified: Mon, 20 Jun 2022 07:59:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"1bde97faedc5ac4b38bcb2817e72a498"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 22 Jul 2022 11:39:17 GMT
content-length: 65906
x-amz-cf-id: JVZ-yXc3NQqWRZElqq-TlKzFZVAjhOmbu0xsfW5DMFU5vSd0zbZt9A==
expires: Sat, 22 Jul 2023 11:39:17 GMT

GET
H2 200 2.288ab811.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame C88D 218 KB
62 KB 137ms
137ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/2.288ab811.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8774411&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f056a9a81a10045b0ea54105a42a825d7631fe09753efaf2bc2b5916e96b558c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 9uci2BncrTKkALnRYjTqUZaXaFVDHsmg
content-encoding: br
last-modified: Mon, 20 Jun 2022 07:59:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"9dbbb1e76379bfb7753f80f52e3c0f87"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 22 Jul 2022 11:39:17 GMT
content-length: 63059
x-amz-cf-id: txxhzhJhrJ4mmaZih9OrYunAtxvNnfeRB4bHSoesKXbeos6eYyuB9g==
expires: Sat, 22 Jul 2023 11:39:17 GMT

GET
H2 200 iframe.fb34c665.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame C88D 413 KB
111 KB 143ms
142ms Script
application/javascript 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.fb34c665.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=8774411&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5ccace2a4ddd4ca44c198cf231ffe70ddd2043513a0bbb3e555aeb2840ec4e05

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: F8fShGG.qBbmLLsqziUvJoR4R74HMKcX
content-encoding: br
last-modified: Thu, 14 Jul 2022 12:02:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"d8aec2129abcc5ae8cf616fcd415a756"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 22 Jul 2022 11:39:17 GMT
content-length: 113487
x-amz-cf-id: _5WqvKeUzJnKetkbsu41FI4XpH5VqY2qcXQAkArbgdeMsD3rxyLMhg==
expires: Sat, 22 Jul 2023 11:39:17 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 565ms
100ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16018272-1&cid=1666805819.1658489957&jid=362727460&_u=YEBAAEAAAAAAAC~&z=1683499345

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 11:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
501 B 572ms
105ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16018272-1&cid=1666805819.1658489957&jid=362727460&_u=YEBAAEAAAAAAAC~&z=1683499345

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 11:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame C88D 13 KB
13 KB 383ms
81ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 137775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 21:23:03 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame C88D 12 KB
13 KB 376ms
76ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 20:52:35 GMT
x-content-type-options: nosniff
age: 312403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 20:52:35 GMT

GET
H3

200

activityi;dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F Show response
10465951.fls.doubleclick.net/ Frame 0B4D
Redirect Chain

https://10465951.fls.doubleclick.net/activityi;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?
https://10465951.fls.doubleclick.net/activityi;dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fww...

406 B
362 B

152ms
151ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10465951.fls.doubleclick.net/activityi;dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P55M863

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

6652f6e8eda5f8cf491781c552cdb862429b68146b9950ab010733f81f506525

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 337
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 11:39:18 GMT
expires: Fri, 22 Jul 2022 11:39:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 11:39:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10465951.fls.doubleclick.net/activityi;dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 374ms
74ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1621192127&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F&ul=en-us&de=UTF-8&dt=Login%20-%20Kreditorforeningen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engasjement&ea=tid%20p%C3%A5%20side&el=sidevisning%2015%20sek&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1666805819.1658489957&tid=UA-16018272-1&_gid=1675719204.1658489957&gtm=2wg7k0P55M863&z=966500040

Requested by

Host: www.kred.no
URL: https://www.kred.no/privat/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 22:35:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47038
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=*;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F
adservice.google.com/ddm/fls/z/ Frame 0B4D 42 B
118 B 413ms
111ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=*;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F

Requested by

Host: 10465951.fls.doubleclick.net
URL: https://10465951.fls.doubleclick.net/activityi;dc_pre=CPTHyca0jPkCFQaS7QodHkIAAA;src=10465951;type=pagev1;cat=pagev00;ord=4241188206353;gtm=2wg7k0;auiddc=199747001.1658489957;~oref=https%3A%2F%2Fwww.kred.no%2Fprivat%2Flogin%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://10465951.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 11:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame C88D 138 B
1 KB 234ms
233ms XHR
application/json 23.212.110.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.5d78072a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.186 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-110-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a08b0924f4e898d27c55f83fc1ee58d4a1d25c3b2ae5242009ccc883a858d00

Request headers

Referer: https://secure.livechatinc.com/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 11:39:18 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cdn.livechatinc.com/cloud/ 4 KB
4 KB 66ms
66ms Image
image/png 23.36.162.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F8774411%2F0%2Fec%2F326871661c8cdafd1de56a27ea90c829.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-17.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f95cc51678d9136956653de39249dece97b90d36f752ec27865daddc17804f50

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.kred.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *, *
date: Fri, 22 Jul 2022 11:39:19 GMT
cache-control: public, max-age=61085329
server: Apache
content-type: image/png
content-length: 3668
expires: Fri, 28 Jun 2024 11:48:08 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 22:12:41	Name: __lc_cid Value: 44fab8f4-f1ed-4dfe-754d-542ec8f8bc43
.accounts.livechatinc.com/v2/customer/token	1970-01-20 22:12:41	Name: __lc_cst Value: 6bc10f7e18d08fbd4f3109256f88a898aa073384ff093460848a543641406829175a75795e5c78b9296fb711192c3a61635d692491bf565ba78a7bda5292
.accounts.livechatinc.com/customer/token	1970-01-20 22:12:41	Name: __lc_cid Value: 44fab8f4-f1ed-4dfe-754d-542ec8f8bc43
.accounts.livechatinc.com/customer/token	1970-01-20 22:12:41	Name: __lc_cst Value: 6bc10f7e18d08fbd4f3109256f88a898aa073384ff093460848a543641406829175a75795e5c78b9296fb711192c3a61635d692491bf565ba78a7bda5292
www.kred.no/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8c58362adcea743184c11e0a323be964
.kred.no/	1970-01-20 06:51:05	Name: _gcl_au Value: 1.1.199747001.1658489957
.kred.no/	1970-01-20 06:51:05	Name: _fbp Value: fb.1.1658489956592.1547015315
.adform.net/	1970-01-20 05:26:08	Name: C Value: 1
.kred.no/	1970-01-20 22:12:41	Name: _ga Value: GA1.2.1666805819.1658489957
.kred.no/	1970-01-20 04:42:56	Name: _gid Value: GA1.2.1675719204.1658489957
.kred.no/	1970-01-20 04:41:30	Name: _gat_UA-16018272-1 Value: 1
.adform.net/	1970-01-20 06:07:53	Name: uid Value: 5977288228150808908
.facebook.com/	1970-01-20 06:51:05	Name: fr Value: 03t3nQuXf9hKEp2bj..Bi2oxl...1.0.Bi2oxl.
.linkedin.com/	1970-01-20 05:24:41	Name: UserMatchHistory Value: AQIvrtbF3sIU2wAAAYIltGznuof_6CfyZFzk0aDJyKfBrb4VKGa06JiuaCZ6ZEiH_NB1QsNbGucQMA
.linkedin.com/	1970-01-20 05:24:41	Name: AnalyticsSyncHistory Value: AQKdUjuBMCgFVgAAAYIltGznvWbEczXz2FAukfVp33eGI40M35_qJZzG4bqTtApsI8A4KJPlWOxjylqaaIUSRQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:13:23	Name: bcookie Value: "v=2&0a598348-ba10-4884-888f-0ad9157eb170"
.linkedin.com/	1970-01-20 04:42:56	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2709:u=1:x=1:i=1658489957:t=1658576357:v=2:sig=AQHMTgd_a9LMxvd8j1pINH4a_niwEImz"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=no-no
.www.linkedin.com/	1970-01-20 22:13:23	Name: bscookie Value: "v=1&20220722113917cc450e30-253a-496b-88f0-bb723bca847dAQFbHXbaehU4L9ihhujwC9vjrNkJRoCy"
.linkedin.com/	1970-01-20 22:05:30	Name: li_gc Value: MTswOzE2NTg0ODk5NTc7MjswMjGz61MdzyjaQPHUfiq8Y7bcEycvBwt8Og8FwxCay/4X4g==
.doubleclick.net/	1970-01-20 22:12:41	Name: IDE Value: AHWqTUmBLfVyzZJIK_cIHdA3V8gzuHRncROEJCEYn_yYvq6Hz-6MdiMgktLsm5h6-nY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10465951.fls.doubleclick.net
accounts.livechatinc.com
adservice.google.com
adservice.google.no
api.livechatinc.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
s2.adform.net
secure.livechatinc.com
snap.licdn.com
stats.g.doubleclick.net
track.adform.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
www.kred.no
www.linkedin.com
104.21.63.54
108.177.15.157
13.107.42.14
142.250.185.130
142.250.185.202
142.250.185.68
142.250.186.102
142.250.186.130
142.250.186.131
142.250.186.168
142.250.186.78
157.240.20.19
157.240.20.35
2.21.20.160
216.58.212.163
23.212.110.186
23.36.162.17
37.157.6.236
37.157.6.248
52.213.120.81
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1c7d3ddd39152c060e6d10d4a36ef421a8950754f4aaeb762fb57750bc9949e5
1eaa976b4ee260afd8c8300a6b02ba2798f0ee6d86a078c8f1c17c1259273264
25cce8746c7e62ba306f2626742c0d4a9d785fc05444f39479f41e57d261b6be
438069b4b76f36595de848f06b7b034fa5b1079945cddca863f19c66c58f54c9
43b737b1893aae8791ce0fad233b5168c2811f04e91be34c1852e8c9da78d622
4b5b989f374a637c1e57ab27e2aab6b5b98685249f78201ee60173a1afa52124
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
4dc10e55285ed4f4c8ceb1e9103edf9b44e646d9d2e3054638e41782e5522701
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
57de7504421b029d71946355040ab6ad649665cecdaa2c74cb0e240f2d472372
5c4e54be6dbfc958edaa84603a07f6ad2432e742fa8e25ee1642219fe8bcc19d
5ccace2a4ddd4ca44c198cf231ffe70ddd2043513a0bbb3e555aeb2840ec4e05
6652f6e8eda5f8cf491781c552cdb862429b68146b9950ab010733f81f506525
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f6f32bc86d02f5ce3dceb9983dbb0f8e9fc12777353b5aac047d3ad511b9bfc
76770d2d2d1735f069d1e042e68d44f8899d6f44f140822635f836781c31cf1c
7a08b0924f4e898d27c55f83fc1ee58d4a1d25c3b2ae5242009ccc883a858d00
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
8b87695aeedab17741b98b67bbcc7b3bec2de278664e6022fef593436a3341a9
91bb7bb2c9824ce3500f20e0d50a19b0e298934d706d0deab54421d314d74e37
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b93fe91b6f70be88b82dfa2665a1b78ff7890e8503a2ecf9e42422d27b16a70c
be8268fdf5d6791bc737102f1429ecd20a78d58e2a2cea7db1f614aecefc40fb
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
cd81cffa354dab330bbe09873f78733bd83ae82d50a07c56dcc2fb71f98ac9fc
dc8d06bd60fef6ea6d0dd407c8dbb263d3d6ea8238fa91ca37a626dd82db624a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97db3e3bfd17335707d2573f2e3e1130f5dd12cc9def55745b8560cf78b0ea8
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f056a9a81a10045b0ea54105a42a825d7631fe09753efaf2bc2b5916e96b558c
f085633fabfc1220fbf97aeb3d0e2a401a233a4fca5c2780d5f99d97a1f3ee27
f95cc51678d9136956653de39249dece97b90d36f752ec27865daddc17804f50

www.kred.no Open in urlscan Pro 52.213.120.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

93 %HTTPS

0 %IPv6

15 Domains

23 Subdomains

20 IPs

6 Countries

926 kBTransfer

2709 kBSize

22 Cookies

5 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.kred.no Open in urlscan Pro
52.213.120.81 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

93 %
HTTPS

0 %
IPv6

15
Domains

23
Subdomains

20
IPs

6
Countries

926 kB
Transfer

2709 kB
Size

22
Cookies

46 HTTP transactions
0 data transactions