urlscan.io logo urlscan.io
SecurityTrails logo

regnskapshus.no Open in urlscan Pro
185.58.213.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.regnskapshus.no/
Effective URL: https://regnskapshus.no/
Submission: On September 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 50 HTTP transactions. The main IP is 185.58.213.11, located in Denmark and belongs to MONO, DK. The main domain is regnskapshus.no.
TLS certificate: Issued by R3 on September 27th 2021. Valid for: 3 months.
This is the only time regnskapshus.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    185.58.213.11 (Denmark)

ASN201595 (MONO, DK)
www.regnskapshus.no
regnskapshus.no
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2600:9000:20eb:dc00:b:70f:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
site-assets.cdnmns.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    52.200.29.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-29-192.compute-1.amazonaws.com
feed.mikle.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
14    198.71.54.192 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail26.feedblitz.com
feedads.feedblitz.com
16    2.18.232.230 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-230.deploy.static.akamaitechnologies.com
spsec.feedblitz.com
c.licasd.com
14    52.22.57.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-57-165.compute-1.amazonaws.com
p.liadm.com
4    151.101.1.44 (None, )

ASN- ()
mb.taboola.com
3    54.81.204.200 (None, )

ASN- ()
i.liadm.com
1    185.29.134.248 (None, )

ASN- ()
sync.mathtag.com
2    2600:1f18:444a:4680:469d:1ee7:c700:42a5 (None, )

ASN- ()
i6.liadm.com
Domain Requested by
14 p.liadm.com 8 redirects
14 spsec.feedblitz.com 14 redirects
14 feedads.feedblitz.com 14 redirects
12 site-assets.cdnmns.com regnskapshus.no
site-assets.cdnmns.com
6 feed.mikle.com regnskapshus.no
feed.mikle.com
ajax.googleapis.com
5 regnskapshus.no regnskapshus.no
site-assets.cdnmns.com
4 mb.taboola.com
3 i.liadm.com 2 redirects
3 www.google-analytics.com regnskapshus.no
www.google-analytics.com
3 connect.facebook.net regnskapshus.no
connect.facebook.net
3 fonts.googleapis.com regnskapshus.no
2 i6.liadm.com 1 redirects
2 c.licasd.com
1 sync.mathtag.com 1 redirects
1 ajax.googleapis.com feed.mikle.com
1 www.gstatic.com www.google.com
1 www.google.com site-assets.cdnmns.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.regnskapshus.no 1 redirects
50 19

This site contains links to these domains. Also see Links.

Domain
www.idium.no
www.1881.no
Subject Issuer Validity Valid
regnskapshus.no
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
site-assets.cdnmns.com
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
feed.mikle.com
AlphaSSL CA - SHA256 - G2		 2020-04-18 -
2022-04-19		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
p.liadm.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-19 -
2022-05-30		 2 years crt.sh
li.lisecurelink.com
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://regnskapshus.no/
Frame ID: 0D17C670B5FBC51FAFCCE112E7CA867E
Requests: 30 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/88212/?id=fw-iframe2073261418null
Frame ID: 71DE90B169522A0F9C66FD6105731CDC
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Forside | Regnskapshuset Trine Mørk AS

Page URL History Show full URLs

  1. https://www.regnskapshus.no/ HTTP 301
    https://regnskapshus.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • monotracker(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

50
Requests

100 %
HTTPS

53 %
IPv6

13
Domains

19
Subdomains

15
IPs

3
Countries

1620 kB
Transfer

2811 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.regnskapshus.no/ HTTP 301
    https://regnskapshus.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51043 HTTP 301
  • https://spsec.feedblitz.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqzgv26e6n64g3hezd6 HTTP 302
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=9b72ec5f-ecdf-39ef-8a1b-a25b7d71e719&widget.placement=51043&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=
Request Chain 35
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51044 HTTP 301
  • https://spsec.feedblitz.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqznbgecy6dp483knxr HTTP 302
  • https://i.liadm.com/s/section/51044?m=132cedf46be96346977c4435460486af&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&sh2=&source=safe_rtb HTTP 303
  • https://i.liadm.com/s/section/51044?sh2=&source=safe_rtb&m=132cedf46be96346977c4435460486af&_li_chk=true&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&previous_uuid=994b943ba29e4256bb630dbcc511d914 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F1267%2F0%2F64fbfbfb62ed4cdfb74857fa0766500f%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&994b943b-a29e-4256-bb63-0dbcc511d914&previous_uuid=64fbfbfb62ed4cdfb74857fa0766500f HTTP 302
  • https://i.liadm.com/s/e/1267/0/64fbfbfb62ed4cdfb74857fa0766500f?mpid=7156&muid=b8fb6152-4b97-4000-9e7e-fddfa3163563
Request Chain 36
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51045 HTTP 301
  • https://spsec.feedblitz.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqz0t67sx2h8wtjsb6m
Request Chain 37
  • https://feedads.feedblitz.com/i/116x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/44782 HTTP 301
  • https://spsec.feedblitz.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqzrwbr71fq4xtexdc9 HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Request Chain 38
  • https://feedads.feedblitz.com/i/19x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/96007 HTTP 301
  • https://spsec.feedblitz.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegrnn25zxyrwmjwxjbb0 HTTP 302
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
Request Chain 39
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137757 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137757&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137757&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegrnw9twfxvdag7nqjrd HTTP 302
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=af93c8c2-31a9-370f-a6ab-6459c67f6b49&widget.placement=137757&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=
Request Chain 40
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137758 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137758&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137758&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqy83tzz08qk7as7e2s HTTP 302
  • https://i6.liadm.com/s/section/137758?m=132cedf46be96346977c4435460486af&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&sh2=&source=safe_rtb HTTP 303
  • https://i6.liadm.com/s/section/137758?sh2=&source=safe_rtb&m=132cedf46be96346977c4435460486af&_li_chk=true&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&previous_uuid=9867d669ed99490486f7b88f6fbc21bb
Request Chain 41
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137759 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137759&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137759&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqy0hvmbfp5m9ygdtwx
Request Chain 42
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137760 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137760&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137760&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehnte0gy9ffkt7a7km15 HTTP 302
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=3eae0a13-3e70-39a1-a8e2-592faf39d7f1&widget.placement=137760&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=Phone
Request Chain 43
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137761 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137761&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137761&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehnyass2kzdzh4bj876b
Request Chain 44
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137762 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137762&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137762&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehpe608854fdvy5v62dv
Request Chain 45
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137763 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137763&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137763&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehpag36kbrntga9xnvjj HTTP 302
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7aa733b6-4a43-3465-a3c3-dc7d43276b0e&widget.placement=137763&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=Phone
Request Chain 46
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137764 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137764&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137764&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehvyk696grgkjt1dvynx
Request Chain 47
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137765 HTTP 301
  • https://spsec.feedblitz.com/imp?s=137765&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea HTTP 301
  • https://p.liadm.com/imp?s=137765&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehxnham6sgdcwkt898rs

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
regnskapshus.no/
Redirect Chain
  • https://www.regnskapshus.no/
  • https://regnskapshus.no/
55 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.58.213.11 , Denmark, ASN201595 (MONO, DK),
Reverse DNS
Software
/
Resource Hash
114fc0363df13c12cde8bc9344b60f24ee1a01286c17393546375b36c2f38bc4

Request headers

:method
GET
:authority
regnskapshus.no
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 27 Sep 2021 22:54:10 GMT
content-type
text/html; charset=UTF-8
link
</assets/user-style.css?1630935324>; rel=preload; as=style
content-encoding
gzip
x-edge-location
Mono

Redirect headers

date
Mon, 27 Sep 2021 22:54:10 GMT
content-type
text/html; charset=UTF-8
location
https://regnskapshus.no
x-edge-location
Mono
user-style.css
regnskapshus.no/assets/ 		170 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://regnskapshus.no/assets/user-style.css?1630935324
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.58.213.11 , Denmark, ASN201595 (MONO, DK),
Reverse DNS
Software
/
Resource Hash
c01bc34a247cd28662dc55f016fc01428704db9d951dec7d70480c26f2c85ecd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:10 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 13:35:24 GMT
x-edge-location
Mono
etag
W/"6136191c-2a74d"
content-type
text/css
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Tue, 27 Sep 2022 22:54:10 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,500&display=swap
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
613179fe25d2e557f93d9c36663b9feb3cd0783e6a2bbe6a55ac6097374a4f8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 21:25:28 GMT
server
ESF
date
Mon, 27 Sep 2021 22:54:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 22:54:10 GMT
external-libs.css
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/css/ 		139 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/css/external-libs.css?1632235198968
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5dfb321b13c49bb1fd9024f037eabc4cf94aebc464aeef39f34e16d4c86a5ce2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:22 GMT
server
AmazonS3
age
546036
etag
W/"9a33b1f1f73b9dde367df688320110c8"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/css
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
sNxsh0Y6tjVphE18BtlRY361-i1S0kL9-dU6DbhOETZasNXoyDNg5g==
sdk.js
connect.facebook.net/en_US/ 		263 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8aac9366aee3552f7a241f2e3fbcf226&ua=modern_es6
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98eab28ffcc4a377b33dd64b529ecb813f0c4a874974d6fbcedf931589228d8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://regnskapshus.no/
Origin
https://regnskapshus.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5XhrS2mBxGsV86nhDIbN8w==
cross-origin-resource-policy
cross-origin
expires
Tue, 27 Sep 2022 22:54:10 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76123
x-fb-rlafr
0
x-fb-debug
CWuFpshwh1twOoXrfgz+g3+7XUYQ0COHl0QrEIMMMlER+aVjxPr7/6vA2A3TtLM33ecHhEfgN4k0qA0E4PM4dA==
x-fb-trip-id
917726464
x-fb-content-md5
b9d4ac2f3634568f8419bce82ff51af8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 27 Sep 2021 22:54:10 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"e85a451284ca47cbf1163f855cb0332c"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
736920623f75a563b0d8fa7c9235006b29dd8471beaab648f79955080de4c5a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AjKziyDv/5LzqAeM6JuFZg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
d0GDk+HXf24asNHhLHcPh4j9Lf4D6GgW4Vv6rjcxsJlMIMtexJFbY1N8Mc7t2s7Ku9oEK/AntsGve4+X3kPZmQ==
x-fb-trip-id
917726464
x-fb-content-md5
68b264860eb4661191843a783257eda4
x-frame-options
DENY
date
Mon, 27 Sep 2021 22:54:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"20ccb037b9f02832f37a3dc682d554dc"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 27 Sep 2021 23:04:56 GMT
css
fonts.googleapis.com/ 		369 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Vidaloka
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d1c0688903384d5a4ac57a129b767fbd20ce4fc2019ccf7521dd7ab67b348ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 22:14:47 GMT
server
ESF
date
Mon, 27 Sep 2021 22:54:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 22:54:10 GMT
header.1417614674292.1530589543000.png
regnskapshus.no/uploads/3jc2f4S3/343x0_387x0/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regnskapshus.no/uploads/3jc2f4S3/343x0_387x0/header.1417614674292.1530589543000.png
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.58.213.11 , Denmark, ASN201595 (MONO, DK),
Reverse DNS
Software
/
Resource Hash
448bf7fa9b80f0e7a8875f15b1abe31392b0a1a90fc47294532a66b377544359

Request headers

:path
/uploads/3jc2f4S3/343x0_387x0/header.1417614674292.1530589543000.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
regnskapshus.no
referer
https://regnskapshus.no/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
last-modified
Mon, 21 Oct 2019 08:16:40 GMT
x-amz-request-id
T50NQWDYD93DGZZD
x-edge-location
Mono
etag
"ecf53261d48497b986e5f917d0247308"
content-type
image/png
cache-control
max-age=31536000
date
Mon, 27 Sep 2021 22:54:10 GMT
content-length
29217
x-amz-id-2
Rjme0oEYG07SH1rMQ7dICWNaYMhTBhRh9TPnB2r0TLnn6a40hbs5MbJTqYpRnL3TBv7tU7qtlRs=
expires
Tue, 27 Sep 2022 22:54:10 GMT
fw-loader.js
feed.mikle.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/js/fw-loader.js
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.29.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-29-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6eb92f6bab23fe13c04bbf3c1bc6c020499dc0b6b1d4e84fa2995165013dd450

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:10 GMT
cache-control
no-cache
last-modified
Mon, 20 Sep 2021 13:40:53 GMT
server
nginx
content-encoding
gzip
etag
W/"61488f65-e09"
content-type
application/javascript; charset=UTF-8
loader.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8f9f5a3fdc293bcc24ec9a65d6cad01bd71c73fbd4b9b7734f61c4eed55905d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:34 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:39 GMT
server
AmazonS3
age
546036
etag
W/"60ff0120219e240aad7cd91ef56a3a8e"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
3HHzwIITsrEX7TbE2tiOCCDXNZZqKw5M0RBDJ6_9hQjKxfM32aw-XA==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
433
date
Mon, 27 Sep 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 28 Sep 2021 00:46:57 GMT
sdk.js
connect.facebook.net/en_US/ 		268 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ba0836fed124c60ff3c98d002f65200e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fcf27591ff341f3238ca8e9685217a4b2298c60df4e690478cb1c685e3e37027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://regnskapshus.no/
Origin
https://regnskapshus.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
H5jd/mihLoSpJFtHdW1Pgg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77563
x-fb-rlafr
0
x-fb-debug
nyATLZM+m7D7m23I9GYmXu5ek/tNEnvg94oOxl+796muSPoCIl808qfD9wjZDMeHQNYdP/Kl16kTlHC7nAgvcw==
x-fb-trip-id
917726464
x-fb-content-md5
74f71ec037a36e39c9bea439c269cd68
x-frame-options
DENY
date
Mon, 27 Sep 2021 22:54:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2acef156c5f0a2d17a9d2b9dd6beab7a"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Sep 2022 18:41:17 GMT
w-2600_718.jpg
regnskapshus.no/uploads/LHXshOc7/767x0_2560x0/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regnskapshus.no/uploads/LHXshOc7/767x0_2560x0/w-2600_718.jpg
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.58.213.11 , Denmark, ASN201595 (MONO, DK),
Reverse DNS
Software
/
Resource Hash
ad2ed37058f65b28c99b7958ea3dfdb54667d1efd00b788940c294fb32e9e7c3

Request headers

:path
/uploads/LHXshOc7/767x0_2560x0/w-2600_718.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
regnskapshus.no
referer
https://regnskapshus.no/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
null
last-modified
Mon, 21 Oct 2019 08:16:40 GMT
x-amz-request-id
T50T5D48B3KPRETY
x-edge-location
Mono
etag
"94a17f4da45ddde00e75f7bdb2cc3ad7"
content-type
image/jpeg
cache-control
max-age=31536000
date
Mon, 27 Sep 2021 22:54:10 GMT
content-length
90591
x-amz-id-2
ke5hlhiMn9dbZs11eSwRIezQOb9vTs3pfomm5R0beRvisbQpLc13v5B01LG4unkBQsVbMe6J1JY=
expires
Tue, 27 Sep 2022 22:54:10 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=886144346&t=pageview&_s=1&dl=https%3A%2F%2Fregnskapshus.no%2F&ul=en-us&de=UTF-8&dt=Forside%20%7C%20Regnskapshuset%20Trine%20M%C3%B8rk%20AS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABCAAAAC~&jid=689939968&gjid=47466814&cid=168463186.1632783251&tid=UA-60605173-30&_gid=333453295.1632783251&_r=1&_slc=1&cd1=1149453&cd2=website&z=1804174604
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://regnskapshus.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 22:54:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://regnskapshus.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=886144346&t=pageview&_s=1&dl=https%3A%2F%2Fregnskapshus.no%2F&ul=en-us&de=UTF-8&dt=Forside%20%7C%20Regnskapshuset%20Trine%20M%C3%B8rk%20AS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABCAAAAC~&jid=206304475&gjid=394356610&cid=168463186.1632783251&tid=UA-159548256-1&_gid=333453295.1632783251&_r=1&_slc=1&z=918987837
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://regnskapshus.no/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 22:54:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://regnskapshus.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fw-widget.js
feed.mikle.com/js/ Frame 71DE 		757 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/js/fw-widget.js?v=1.1
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.29.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-29-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
acaea78a93cff7633c89cc3aea32d384a83b497969c68915d0c1985660802a5c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:11 GMT
content-encoding
gzip
last-modified
Fri, 30 Apr 2021 06:50:48 GMT
server
nginx
etag
W/"608ba8c8-2f5"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
x-xss-protection
0
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/css/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/css/fonts/fontawesome-webfont.woff2
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://regnskapshus.no/
Origin
https://regnskapshus.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 06:50:49 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
vary
Origin
age
57803
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
77160
last-modified
Tue, 21 Sep 2021 15:02:22 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
JXw1Dy2tkVNgY5-MIrnJKrxEFokhBhsiRz0twx91gqtZUgB3fM1UGw==
monotracker.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/monotracker.js?
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e9698a335c4b01c749c78408806c0636c8a3cb1c04d68b351b6765b8af99330

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:40 GMT
server
AmazonS3
age
546037
etag
W/"1c58bf45c03d009532384aaf859e2110"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
FSuocG_t5qI-mHFJKVh2HXq538fab_iK3rN8YFz3tnm9ayoUUOZyhQ==
jquery-modern.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/jquery-modern.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6ef074bc942f0f96f674016b161113576983ad3623dc45fb2737dac3685e76a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:39 GMT
server
AmazonS3
age
546037
etag
W/"97ef42447e9d7f3e754a0c9bcf6ed500"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
47lcaeXk9heooq9tP8gXJLoRj438jkPPiiJsGPcFy4Z85N1ed_lKCw==
css
fonts.googleapis.com/ 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=latin,latin-ext,cyrillic-ext,greek,greek-ext,cyrillic&display=swap
Requested by
Host: regnskapshus.no
URL: https://regnskapshus.no/assets/user-style.css?1630935324
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28747012c20bc51fcd4eb20e7796cbdb8a5661943eb30621679e2a65b694c2ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 22:54:11 GMT
server
ESF
date
Mon, 27 Sep 2021 22:54:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 22:54:11 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=latin,latin-ext,cyrillic-ext,greek,greek-ext,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://regnskapshus.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 17:03:52 GMT
x-content-type-options
nosniff
age
366619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 23 Sep 2022 17:03:52 GMT
jquery-migrate.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/jquery-migrate.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a413f0a652233aa09f470605d26f683d41788abb68757b299a0e1666e8ab502

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:39 GMT
server
AmazonS3
age
546037
etag
W/"147eaa2d36832e730b835a6933fb84fa"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
PHTMhmnhtMoDTDNXT60U5IhUu1caVUuVQcFqxfq2UH8mQMCUYwQSmA==
touch-events.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/touch-events.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95eaf66565ac206a0c37a2b3f0016b9fa79d739df2ce7e8816aafaab5d8446f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:49 GMT
server
AmazonS3
age
546037
etag
W/"529422a646593468296d87df6e9660ec"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
TH0UsbCT_D7h3zLlG6Z0LrfdiMwYpmtpbXNPweNSFhSL-geSkN8S5A==
nav.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/nav.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8dd17377861cbb4a7038d9d5011f477992eef37b720ebf66369071ed454b874

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:40 GMT
server
AmazonS3
age
546037
etag
W/"2cf95bdd766eb24ac63e5423f12e9c7f"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
sTzONoD05IRamhuYcNmLoS-SyjiN2MYx6wz084_wSahtpiOsOu-duA==
jquery.serialize-object.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/jquery.serialize-object.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3b505764b64e68642b8ff3340353e6bda9fc14bc22cdd193e09b676716cbd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:39 GMT
server
AmazonS3
age
546037
etag
W/"f257c0e133cd0ada4712d5169513d201"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
AtCr1lMCiMC1Ie58UfmquGp9OsLTLrwIAW-NDijagYTZC3GQh4At6w==
headerfixed.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/headerfixed.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4828cf086c34a3158c20b0854545ed8a8450816a4bec06eb4e84a0da1cfce69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:38 GMT
server
AmazonS3
age
546037
etag
W/"5355a8da7b34577126000df84b754d26"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
p0Qz1pwg47b1yedjG52HsaxlxRIaLjJfFuNSB2OQdqC8f-MlVU7pLw==
lang.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		452 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/lang.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c824809561b26f10abe501cce19114043a538d4f06309b978a7b48c2103bd3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:35 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 15:02:39 GMT
server
AmazonS3
age
546037
etag
"302e96292ae2717f6dd95c19c213af9a"
x-edge-origin-shield-skipped
0
content-type
application/javascript
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
content-length
452
x-amz-cf-id
de2dWlwZ9srtl3zsT5lrB-lLT7gq4hdaNExAhY63G0K0K65GeoXdrA==
emailshare.js
site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/emailshare.js
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:b:70f:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72b2a77ebe0ec6107628eeedc899d9573a799b53b10a5ce2aac1de4d15488463

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 15:13:41 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:02:38 GMT
server
AmazonS3
age
546031
etag
W/"5a4fcd568fb1cfccf9216615141f29f4"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
hr8Jx2cn1e_OzKpMsjZmiSRRr-09TTux0ynnBnB5GtUdzoCTJYZuKg==
api.js
www.google.com/recaptcha/ 		852 B
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/loader.js?1632235198968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de4c939e053d48aa3ce8bdb1f065c5387c28d595c85adb47143a05052f3fe339
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Mon, 27 Sep 2021 22:54:11 GMT
lang
regnskapshus.no/api.php/utils/ 		34 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://regnskapshus.no/api.php/utils/lang?lang=no
Requested by
Host: site-assets.cdnmns.com
URL: https://site-assets.cdnmns.com/18f2b3fe2df509f8e896f7cbff6db8e4/js/jquery-modern.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.58.213.11 , Denmark, ASN201595 (MONO, DK),
Reverse DNS
Software
/
Resource Hash
c6d60b8ef539f7d955aac5190080b26e1eccfcc84da630d4bff4ba4b40a9f826

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.168463186.1632783251; _gid=GA1.2.333453295.1632783251; _gat=1; _gat_custGa0=1
:path
/api.php/utils/lang?lang=no
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
regnskapshus.no
referer
https://regnskapshus.no/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://regnskapshus.no/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:11 GMT
content-encoding
gzip
access-control-allow-credentials
true
x-edge-location
Mono
access-control-allow-methods
GET, POST, OPTIONS,PATCH,PUT,DELETE
content-type
application/json
/
feed.mikle.com/widget/v2/88212/ Frame 71DE 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/widget/v2/88212/?id=fw-iframe2073261418null
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/js/fw-widget.js?v=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.29.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-29-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
02d5c2fdd98a10c5bf30415ed22d00e0cd822e0ab37a0053244ea60214f1d1d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
feed.mikle.com
:scheme
https
:path
/widget/v2/88212/?id=fw-iframe2073261418null
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://regnskapshus.no/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://regnskapshus.no/

Response headers

date
Mon, 27 Sep 2021 22:54:11 GMT
content-type
text/html;charset=UTF-8
server
nginx
expires
Mon, 27 Sep 2021 22:57:11 GMT
cache-control
max-age=180
x-xss-protection
0
content-encoding
gzip
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://regnskapshus.no/
Origin
https://regnskapshus.no
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 21:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 27 Sep 2022 21:03:39 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 71DE 		95 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/88212/?id=fw-iframe2073261418null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 06:27:51 GMT
x-content-type-options
nosniff
age
231980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 25 Sep 2022 06:27:51 GMT
squares.svg
feed.mikle.com/images/ Frame 71DE 		707 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feed.mikle.com/images/squares.svg?v=1580871352
Requested by
Host: feed.mikle.com
URL: https://feed.mikle.com/widget/v2/88212/?id=fw-iframe2073261418null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.29.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-29-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/88212/?id=fw-iframe2073261418null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:11 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 02:55:52 GMT
server
nginx
etag
W/"5e3a2eb8-2c3"
content-type
image/svg+xml
cache-control
max-age=315360000
x-xss-protection
0
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
feed.mikle.com/api/widget/read/body/ Frame 71DE 		109 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.mikle.com/api/widget/read/body/?widget_id=88212&widget_parameter=%7B%7D
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.29.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-29-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5ddd91ee47e5c6307e09b1039582fcc2d9598335ec82ac862068830765d7ec77

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://feed.mikle.com/widget/v2/88212/?id=fw-iframe2073261418null
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:13 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://feed.mikle.com
cache-control
max-age=180
access-control-allow-credentials
true
access-control-allow-headers
Origin, Authorization, Accept, X-Requested-With
expires
Mon, 27 Sep 2021 22:57:13 GMT
recommendations.get
mb.taboola.com/server/1.1/jpg/liveintent-ron-row/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51043
  • https://spsec.feedblitz.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=51043&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc3...
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=9b72ec5f-ecdf-39ef-8...
47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=9b72ec5f-ecdf-39ef-8a1b-a25b7d71e719&widget.placement=51043&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
7b8974862f3a6e6dcac5090e357325bf9e6225e311cf79670f1c0ad3e38e734c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1632783255.689249,VS0,VE386
x-served-by
cache-hhn4055-HHN
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
47865
x-application-context
application:fe,capture-cache-remote-hz,capture-remote-hz:8080
x-cache-hits
0

Redirect headers

Location
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=9b72ec5f-ecdf-39ef-8a1b-a25b7d71e719&widget.placement=51043&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=
Date
Mon, 27 Sep 2021 22:54:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
64fbfbfb62ed4cdfb74857fa0766500f
i.liadm.com/s/e/1267/0/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51044
  • https://spsec.feedblitz.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=51044&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301ba...
  • https://i.liadm.com/s/section/51044?m=132cedf46be96346977c4435460486af&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&sh2=&source=safe_rtb
  • https://i.liadm.com/s/section/51044?sh2=&source=safe_rtb&m=132cedf46be96346977c4435460486af&_li_chk=true&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&previous_uuid=994b943ba29e4256bb630dbcc511d914
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F1267%2F0%2F64fbfbfb62ed4cdfb74857fa0766500f%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&994b943b-a29e-4256-bb63-0dbcc...
  • https://i.liadm.com/s/e/1267/0/64fbfbfb62ed4cdfb74857fa0766500f?mpid=7156&muid=b8fb6152-4b97-4000-9e7e-fddfa3163563
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/1267/0/64fbfbfb62ed4cdfb74857fa0766500f?mpid=7156&muid=b8fb6152-4b97-4000-9e7e-fddfa3163563
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.204.200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
3e7608e0d4d6d074
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/1267/0/64fbfbfb62ed4cdfb74857fa0766500f?mpid=7156&muid=b8fb6152-4b97-4000-9e7e-fddfa3163563
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Sep 2021 22:54:14 GMT
imp
p.liadm.com/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/51045
  • https://spsec.feedblitz.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301ba...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqz0t67sx2h8wtjsb6m
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.22.57.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-57-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 22:54:14 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=51045&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqz0t67sx2h8wtjsb6m
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 27 Sep 2021 22:54:14 GMT
94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/116x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/44782
  • https://spsec.feedblitz.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=44782&t=newsletter&sz=116x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc30...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Last-Modified
Tue, 06 Aug 2019 20:24:36 GMT
Server
AmazonS3
x-amz-request-id
D97D81VAR2573A3S
ETag
"6956da20f9d008ec379926ee358e5594"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1255
x-amz-id-2
e6ZyE1BrrLeXKTYAnhXDvlr8DMRn/MHuBN+o1LSbXo7824ovhU2gm6bTqN91tguaSSKz+5k3l+c=

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date
Mon, 27 Sep 2021 22:54:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
610d3e8fea8a3752ada74ad0668f5b97.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/19x15/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/96007
  • https://spsec.feedblitz.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=96007&t=newsletter&sz=19x15&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301...
  • https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6582ac9001c322e1d97de3bec72bd7f8af1a8f80b98e4d6db1ac07f52ee78e1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Last-Modified
Wed, 17 Feb 2016 22:44:11 GMT
Server
AmazonS3
x-amz-request-id
FZXJ79KME2JHK5MW
ETag
"dc4dc461c71bf6ee5ab2e57ad7b87651"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1733
x-amz-id-2
7+pmR7HdgxURf3QLaiChF+CSqZ4bMLBWk3YDDP/N5Utydn2nLKqEk38v25Kp/pEaTfsIl4fBcbM=

Redirect headers

Location
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/610d3e8fea8a3752ada74ad0668f5b97.png
Date
Mon, 27 Sep 2021 22:54:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
recommendations.get
mb.taboola.com/server/1.1/jpg/liveintent-ron-row/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137757
  • https://spsec.feedblitz.com/imp?s=137757&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137757&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc...
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=af93c8c2-31a9-370f-a...
74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=af93c8c2-31a9-370f-a6ab-6459c67f6b49&widget.placement=137757&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
59765b9d017220be9e031d7f47915dfe49d022482f33601b01b54ad9b01fa516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1632783255.727132,VS0,VE346
x-served-by
cache-hhn4055-HHN
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
75357
x-application-context
application:fe,capture-cache-remote-hz,capture-remote-hz:8080
x-cache-hits
0

Redirect headers

Location
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=af93c8c2-31a9-370f-a6ab-6459c67f6b49&widget.placement=137757&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=
Date
Mon, 27 Sep 2021 22:54:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
137758
i6.liadm.com/s/section/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137758
  • https://spsec.feedblitz.com/imp?s=137758&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137758&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301b...
  • https://i6.liadm.com/s/section/137758?m=132cedf46be96346977c4435460486af&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&sh2=&source=safe_rtb
  • https://i6.liadm.com/s/section/137758?sh2=&source=safe_rtb&m=132cedf46be96346977c4435460486af&_li_chk=true&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&previous_uuid=9867d669ed99490486f7b88f6fbc21bb
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/section/137758?sh2=&source=safe_rtb&m=132cedf46be96346977c4435460486af&_li_chk=true&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&previous_uuid=9867d669ed99490486f7b88f6fbc21bb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4680:469d:1ee7:c700:42a5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
553fcef751ce2c19
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
/s/section/137758?sh2=&source=safe_rtb&m=132cedf46be96346977c4435460486af&_li_chk=true&sh1=dc59fdadbc8c28cdeddf59f9061552180f9424b0&previous_uuid=9867d669ed99490486f7b88f6fbc21bb
Date
Mon, 27 Sep 2021 22:54:15 GMT
Connection
keep-alive
trace-id
b9d646637d9e5ba9
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
imp
p.liadm.com/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137759
  • https://spsec.feedblitz.com/imp?s=137759&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137759&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301b...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=137759&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqy0hvmbfp5m9ygdtwx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.22.57.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-57-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 22:54:14 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=137759&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqegqy0hvmbfp5m9ygdtwx
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 27 Sep 2021 22:54:14 GMT
recommendations.get
mb.taboola.com/server/1.1/jpg/liveintent-ron-row/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137760
  • https://spsec.feedblitz.com/imp?s=137760&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137760&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc...
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=3eae0a13-3e70-39a1-a...
277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=3eae0a13-3e70-39a1-a8e2-592faf39d7f1&widget.placement=137760&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=Phone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a56dd404b3f57dde6219f7ec0b8425dd1dd181c60f8d5c2fc4e985e740eb292b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1632783255.358201,VS0,VE425
x-served-by
cache-hhn4055-HHN
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
283392
x-application-context
application:fe,capture-cache-remote-hz,capture-remote-hz:8080
x-cache-hits
0

Redirect headers

Location
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=3eae0a13-3e70-39a1-a8e2-592faf39d7f1&widget.placement=137760&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=Phone
Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
imp
p.liadm.com/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137761
  • https://spsec.feedblitz.com/imp?s=137761&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137761&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301b...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=137761&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehnyass2kzdzh4bj876b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.22.57.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-57-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 22:54:15 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=137761&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehnyass2kzdzh4bj876b
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 27 Sep 2021 22:54:15 GMT
imp
p.liadm.com/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137762
  • https://spsec.feedblitz.com/imp?s=137762&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137762&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301b...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=137762&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehpe608854fdvy5v62dv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.22.57.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-57-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 22:54:15 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=137762&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehpe608854fdvy5v62dv
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 27 Sep 2021 22:54:15 GMT
recommendations.get
mb.taboola.com/server/1.1/jpg/liveintent-ron-row/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/300x250/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137763
  • https://spsec.feedblitz.com/imp?s=137763&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137763&t=newsletter&sz=300x250&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc...
  • https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7aa733b6-4a43-3465-a...
406 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7aa733b6-4a43-3465-a3c3-dc7d43276b0e&widget.placement=137763&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=Phone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
60b545c3658103e723f43c79307c0e18a4b2c33ec9ddec069bb71cb4311dfcc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1632783255.372487,VS0,VE421
x-served-by
cache-hhn4055-HHN
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
415599
x-application-context
application:fe,capture-cache-remote-hz,capture-remote-hz:8080
x-cache-hits
0

Redirect headers

Location
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7aa733b6-4a43-3465-a3c3-dc7d43276b0e&widget.placement=137763&widget.slot=1&widget.mode=mobile-marquee&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=3146&recipient.user.agent=&recipient.ipv4=185.232.23.178&widget.alternative=Phone
Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
imp
p.liadm.com/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137764
  • https://spsec.feedblitz.com/imp?s=137764&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137764&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301b...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=137764&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehvyk696grgkjt1dvynx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.22.57.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-57-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 22:54:15 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=137764&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehvyk696grgkjt1dvynx
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 27 Sep 2021 22:54:15 GMT
imp
p.liadm.com/ Frame 71DE
Redirect Chain
  • https://feedads.feedblitz.com/i/1x1/9d2b1ad5bbc16c44d49116dc213c53f2/78507355/ca06b3629fcb6868c0f796b240531fea/oem/137765
  • https://spsec.feedblitz.com/imp?s=137765&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea
  • https://p.liadm.com/imp?s=137765&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301b...
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.liadm.com/imp?s=137765&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehxnham6sgdcwkt898rs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.22.57.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-57-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 22:54:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 22:54:15 GMT
Content-Type
text/html
Location
https://p.liadm.com/imp?s=137765&t=newsletter&sz=1x1&li=78507355&m=132cedf46be96346977c4435460486af&sh=dc59fdadbc8c28cdeddf59f9061552180f9424b0&p=ca06b3629fcb6868c0f796b240531fea&_lc2_fpi=fdbfc301baa5--01fgmqehxnham6sgdcwkt898rs
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Mon, 27 Sep 2021 22:54:15 GMT
branding-icon.png
feed.mikle.com/images/ Frame 71DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feed.mikle.com/images/branding-icon.png?v=1580871352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.29.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-29-192.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2608889fe1fc07e81dbb2ba0131ef3141484a03213a872b393cc5750b43d4650
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feed.mikle.com/widget/v2/88212/?id=fw-iframe2073261418null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 22:54:13 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 02:55:52 GMT
server
nginx
etag
W/"5e3a2eb8-928"
content-type
image/png
cache-control
max-age=315360000
x-xss-protection
0
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| _mtr string| GoogleAnalyticsObject function| _mga object| FB string| ASSETSURL object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| onClickBack function| _fwMsg function| cb function| raf function| getAbsoluteAssetUrl function| _typeof number| bufferHeight object| deferModules object| requiredLibs object| requiredExtLibs boolean| isInTool boolean| isSandbox boolean| isPhantomJS boolean| isSitePageVisitor number| releaseTimestamp object| _monoLoader object| _monoInView boolean| deferCSSEnabled object| Modernizr function| yepnope function| $ function| jQuery function| FormSerializer object| _monoNav object| _monoFixedHeader object| _monoLang object| _monoEmailShare object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

4 Cookies

Domain/Path Name / Value
.regnskapshus.no/ Name: _ga
Value: GA1.2.168463186.1632783251
.regnskapshus.no/ Name: _gid
Value: GA1.2.333453295.1632783251
.regnskapshus.no/ Name: _gat
Value: 1
.regnskapshus.no/ Name: _gat_custGa0
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.licasd.com
connect.facebook.net
feed.mikle.com
feedads.feedblitz.com
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
i6.liadm.com
mb.taboola.com
p.liadm.com
regnskapshus.no
site-assets.cdnmns.com
spsec.feedblitz.com
sync.mathtag.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.regnskapshus.no
151.101.1.44
185.29.134.248
185.58.213.11
198.71.54.192
2.18.232.230
2600:1f18:444a:4680:469d:1ee7:c700:42a5
2600:9000:20eb:dc00:b:70f:1fc0:93a1
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a03:2880:f02d:12:face:b00c:0:3
52.200.29.192
52.22.57.165
54.81.204.200
02d5c2fdd98a10c5bf30415ed22d00e0cd822e0ab37a0053244ea60214f1d1d4
0e9698a335c4b01c749c78408806c0636c8a3cb1c04d68b351b6765b8af99330
114fc0363df13c12cde8bc9344b60f24ee1a01286c17393546375b36c2f38bc4
1c824809561b26f10abe501cce19114043a538d4f06309b978a7b48c2103bd3c
2608889fe1fc07e81dbb2ba0131ef3141484a03213a872b393cc5750b43d4650
28747012c20bc51fcd4eb20e7796cbdb8a5661943eb30621679e2a65b694c2ae
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c7f78291ae70d6b87b58b10e145614685e4e32bcc38b60ca31d77124472857d
448bf7fa9b80f0e7a8875f15b1abe31392b0a1a90fc47294532a66b377544359
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59765b9d017220be9e031d7f47915dfe49d022482f33601b01b54ad9b01fa516
5a413f0a652233aa09f470605d26f683d41788abb68757b299a0e1666e8ab502
5d1c0688903384d5a4ac57a129b767fbd20ce4fc2019ccf7521dd7ab67b348ae
5ddd91ee47e5c6307e09b1039582fcc2d9598335ec82ac862068830765d7ec77
5dfb321b13c49bb1fd9024f037eabc4cf94aebc464aeef39f34e16d4c86a5ce2
60b545c3658103e723f43c79307c0e18a4b2c33ec9ddec069bb71cb4311dfcc3
613179fe25d2e557f93d9c36663b9feb3cd0783e6a2bbe6a55ac6097374a4f8c
6582ac9001c322e1d97de3bec72bd7f8af1a8f80b98e4d6db1ac07f52ee78e1a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6eb92f6bab23fe13c04bbf3c1bc6c020499dc0b6b1d4e84fa2995165013dd450
72b2a77ebe0ec6107628eeedc899d9573a799b53b10a5ce2aac1de4d15488463
736920623f75a563b0d8fa7c9235006b29dd8471beaab648f79955080de4c5a1
7b8974862f3a6e6dcac5090e357325bf9e6225e311cf79670f1c0ad3e38e734c
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff
8a3b505764b64e68642b8ff3340353e6bda9fc14bc22cdd193e09b676716cbd2
95eaf66565ac206a0c37a2b3f0016b9fa79d739df2ce7e8816aafaab5d8446f1
98eab28ffcc4a377b33dd64b529ecb813f0c4a874974d6fbcedf931589228d8e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a56dd404b3f57dde6219f7ec0b8425dd1dd181c60f8d5c2fc4e985e740eb292b
acaea78a93cff7633c89cc3aea32d384a83b497969c68915d0c1985660802a5c
ad2ed37058f65b28c99b7958ea3dfdb54667d1efd00b788940c294fb32e9e7c3
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
c01bc34a247cd28662dc55f016fc01428704db9d951dec7d70480c26f2c85ecd
c6d60b8ef539f7d955aac5190080b26e1eccfcc84da630d4bff4ba4b40a9f826
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d4828cf086c34a3158c20b0854545ed8a8450816a4bec06eb4e84a0da1cfce69
de4c939e053d48aa3ce8bdb1f065c5387c28d595c85adb47143a05052f3fe339
e6ef074bc942f0f96f674016b161113576983ad3623dc45fb2737dac3685e76a
f8dd17377861cbb4a7038d9d5011f477992eef37b720ebf66369071ed454b874
f8f9f5a3fdc293bcc24ec9a65d6cad01bd71c73fbd4b9b7734f61c4eed55905d
fcf27591ff341f3238ca8e9685217a4b2298c60df4e690478cb1c685e3e37027
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62