urlscan.io logo urlscan.io
SecurityTrails logo

startmn.wpenginepowered.com Open in urlscan Pro
141.193.213.10  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://u.to/BRBXIA
Effective URL: https://startmn.wpenginepowered.com/domene/login.html
Submission: On February 07 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 7 countries across 23 domains to perform 67 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is startmn.wpenginepowered.com.
TLS certificate: Issued by E1 on January 26th 2024. Valid for: 3 months.
This is the only time startmn.wpenginepowered.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Domene AS (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 2 195.216.243.155 57724 (DDOS-GUARD)
1 141.193.213.10 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
19 185.126.36.30 34989 (SERVETHEW...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.27.94 16509 (AMAZON-02)
3 95.101.111.146 20940 (AKAMAI-ASN1)
1 2a04:4e42:400... 54113 (FASTLY)
1 162.159.152.17 13335 (CLOUDFLAR...)
2 35.242.243.47 396982 (GOOGLE-CL...)
7 91.227.202.129 31242 (TKPSA-AS)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.245.46.55 16509 (AMAZON-02)
1 34.110.154.184 396982 (GOOGLE-CL...)
1 52.206.228.23 14618 (AMAZON-AES)
2 151.101.129.140 54113 (FASTLY)
1 52.205.151.70 14618 (AMAZON-AES)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
67 27
2    195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.uid.me
u.to
1    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
startmn.wpenginepowered.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
19    185.126.36.30 (Norway)

ASN34989 (SERVETHEWORLD-AS, NO)
PTR: domene.no
www.domene.no
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    13.32.27.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-94.fra56.r.cloudfront.net
widget.intercom.io
3    95.101.111.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-146.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)
a.quora.com
2    35.242.243.47 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.243.242.35.bc.googleusercontent.com
stape.domene.no
7    91.227.202.129 (Poland)

ASN31242 (TKPSA-AS, PL)
PTR: host91227202129.3s.pl
app2.salesmanago.pl
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20c3:be00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.clickcease.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.245.46.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-55.fra56.r.cloudfront.net
js.intercomcdn.com
1    34.110.154.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.154.110.34.bc.googleusercontent.com
vc-service.saleago.com
1    52.206.228.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-228-23.compute-1.amazonaws.com
q.quora.com
2    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
conversions-config.reddit.com
alb.reddit.com
1    52.205.151.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-151-70.compute-1.amazonaws.com
api-iam.intercom.io
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.no
Apex Domain
Subdomains		 Transfer
21 domene.no
www.domene.no
stape.domene.no
327 KB
7 salesmanago.pl
app2.salesmanago.pl — Cisco Umbrella Rank: 110086
60 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2720
1003 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
992 B
3 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 628
142 KB
2 google.no
www.google.no — Cisco Umbrella Rank: 32295
515 B
2 reddit.com
conversions-config.reddit.com — Cisco Umbrella Rank: 1772
alb.reddit.com — Cisco Umbrella Rank: 1264
1 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2115
269 KB
2 gstatic.com
fonts.gstatic.com
95 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
183 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 171
69 KB
2 quora.com
a.quora.com — Cisco Umbrella Rank: 5394
q.quora.com — Cisco Umbrella Rank: 4100
15 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1618
api-iam.intercom.io — Cisco Umbrella Rank: 2057
4 KB
2 u.to
u.to — Cisco Umbrella Rank: 888728
565 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 saleago.com
vc-service.saleago.com — Cisco Umbrella Rank: 58375
2 KB
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 11350
43 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1277
9 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 wpenginepowered.com
startmn.wpenginepowered.com
11 KB
0 alexametrics.com Failed
certify-js.alexametrics.com Failed
67 23
Domain Requested by
19 www.domene.no startmn.wpenginepowered.com
www.domene.no
7 app2.salesmanago.pl startmn.wpenginepowered.com
app2.salesmanago.pl
3 analytics.tiktok.com startmn.wpenginepowered.com
2 www.google.no
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google.com 1 redirects
2 js.intercomcdn.com widget.intercom.io
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com startmn.wpenginepowered.com
2 www.google-analytics.com startmn.wpenginepowered.com
www.google-analytics.com
2 connect.facebook.net startmn.wpenginepowered.com
connect.facebook.net
2 stape.domene.no startmn.wpenginepowered.com
2 u.to 2 redirects
1 googleads.g.doubleclick.net
1 www.facebook.com startmn.wpenginepowered.com
1 api-iam.intercom.io js.intercomcdn.com
1 alb.reddit.com startmn.wpenginepowered.com
1 conversions-config.reddit.com www.redditstatic.com
1 q.quora.com startmn.wpenginepowered.com
1 vc-service.saleago.com app2.salesmanago.pl
1 www.clickcease.com startmn.wpenginepowered.com
1 a.quora.com startmn.wpenginepowered.com
1 www.redditstatic.com startmn.wpenginepowered.com
1 widget.intercom.io startmn.wpenginepowered.com
1 cdnjs.cloudflare.com startmn.wpenginepowered.com
1 fonts.googleapis.com startmn.wpenginepowered.com
1 startmn.wpenginepowered.com
0 certify-js.alexametrics.com Failed startmn.wpenginepowered.com
67 29

This site contains links to these domains. Also see Links.

Domain
www.domene.no
twitter.com
www.instagram.com
nb-no.facebook.com
get.teamviewer.com
Subject Issuer Validity Valid
wpenginepowered.com
E1		 2024-01-26 -
2024-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.domene.no
Sectigo RSA Domain Validation Secure Server CA		 2023-08-04 -
2024-08-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
quora.com
R3		 2024-01-07 -
2024-04-06		 3 months crt.sh
stape.domene.no
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
*.salesmanago.pl
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
clickcease.com
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
vc-service.saleago.com
GTS CA 1D4		 2023-12-14 -
2024-03-13		 3 months crt.sh
*.quora.com
R3		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.no
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://startmn.wpenginepowered.com/domene/login.html
Frame ID: 1CC89DE0B0DEEA97BE73EE0008B2C2A6
Requests: 68 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.690a8cce.js
Frame ID: CADAF3D31D0D99B3B66A7CFE0172B0D2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Innlogging Kundeweb - domene.no

Page URL History Show full URLs

  1. http://u.to/BRBXIA HTTP 301
    https://u.to/BRBXIA HTTP 302
    https://startmn.wpenginepowered.com/domene/login.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

91 %
HTTPS

52 %
IPv6

23
Domains

29
Subdomains

27
IPs

7
Countries

1257 kB
Transfer

4011 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u.to/BRBXIA HTTP 301
    https://u.to/BRBXIA HTTP 302
    https://startmn.wpenginepowered.com/domene/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1714120791.1707313451&url=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dma_cps=sypham&dma=1&npa=0&gtm=45He4250n81WTX4X8Sv810202226za200&auid=644426576.1707313451 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1714120791.1707313451&url=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dma_cps=sypham&dma=1&npa=0&gtm=45He4250n81WTX4X8Sv810202226za200&auid=644426576.1707313451

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
startmn.wpenginepowered.com/domene/
Redirect Chain
  • http://u.to/BRBXIA
  • https://u.to/BRBXIA
  • https://startmn.wpenginepowered.com/domene/login.html
54 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
745474ff6c745a04acfc67b23516a5603292c8e605b4cda2be57799479c86d1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
851c10d37908b523-OSL
content-encoding
br
content-type
text/html
date
Wed, 07 Feb 2024 13:44:07 GMT
etag
W/"d813-610bebc76d900-gzip"
last-modified
Tue, 06 Feb 2024 23:14:12 GMT
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 07 Feb 2024 13:44:05 GMT
Keep-Alive
timeout=15
Location
https://startmn.wpenginepowered.com/domene/login.html
Server
nginx/1.8.0
Transfer-Encoding
chunked
css
fonts.googleapis.com/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600%7CRaleway:400,700&display=swap
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084cc92083179b08b15db8f944b17f5d0cf2efb54be02faa77549a0476c1f742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Feb 2024 13:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 13:44:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Feb 2024 13:44:07 GMT
font-awesome.min.css
www.domene.no/klient/assets/css/ 		153 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/klient/assets/css/font-awesome.min.css
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Mon, 17 Aug 2020 08:09:56 GMT
server
Apache
etag
"3806519d-26338-5ad0e4bc67d00-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
30194
expires
Wed, 14 Feb 2024 13:44:07 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6253716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
948
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MqX3own51hd3sT4m3yBQa27S0znGR8S4tqxg%2Bqdb9%2FG3dIGmoOukZet0ftlwkO1beFHfBD%2BEF0n7tPXNePNkcynIVZUbY4Cl2mGeFPS2hxjkCAM0ZA0eoyjbVWS9E%2BHPrsMEW0IfzIlyAGnrldgz%2B%2Bc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
851c10d74f40712b-OSL
expires
Mon, 27 Jan 2025 13:44:07 GMT
all.min.css
www.domene.no/klient/templates/v801_domene_six/css/ 		210 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/klient/templates/v801_domene_six/css/all.min.css?v=18
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
c19c632fbcde7209efbb2e46484c51c8174bea0e7d3fce5fe5398dfbbcb90966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Fri, 09 Oct 2020 09:05:10 GMT
server
Apache
etag
"180208de-34906-5b1393ee4fd80-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
36613
expires
Wed, 14 Feb 2024 13:44:07 GMT
custom.css
www.domene.no/klient/templates/v801_domene_six/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/klient/templates/v801_domene_six/css/custom.css?v=18
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
6ea494c990fe66227d734b3d1c656ea42cc5bba3710ccb6bf3dd00c13ef7a9bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Thu, 01 Feb 2024 13:59:23 GMT
server
Apache
etag
"180208e1-1d8ad-610526715022b-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
18126
expires
Wed, 14 Feb 2024 13:44:07 GMT
lc_switch.css
www.domene.no/css/ 		2 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/css/lc_switch.css
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
d9b95438f675ad4e528778541285f8bcb8dc7ec029970ce6083d323c36695f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Mon, 16 Oct 2023 11:32:33 GMT
server
Apache
etag
"184f4afd-7c2-607d3c326a3e8-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
687
expires
Wed, 14 Feb 2024 13:44:07 GMT
custom-style.css
www.domene.no/css/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/css/custom-style.css?v=18
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
0cd9b3efe5ac444d8238d2500e2a0d0e0044c10b6049c457491e45d1acdc5607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Fri, 02 Feb 2024 13:09:58 GMT
server
Apache
etag
"18c2fb1c-9c5d-61065d43f32fa-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
7614
expires
Wed, 14 Feb 2024 13:44:07 GMT
checkout.css
www.domene.no/css/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/css/checkout.css?v=18
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
1e95b0c1b1f902aba528ccdc708075046b4a1c24e68066564fa4007d1053feaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Tue, 23 Jan 2024 08:27:25 GMT
server
Apache
etag
"1889fe25-aa02-60f98b757492b-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
7309
expires
Wed, 14 Feb 2024 13:44:07 GMT
f02qbgxa
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/f02qbgxa
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40edf60843d3ab3dafa086cd263ff571a9d31ac788e0dca0ef592a5b29d06a0b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
WSmOQqA0h5ZGmoIFTBXgUWaUjlVJ5VHv
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
date
Wed, 07 Feb 2024 13:42:43 GMT
x-amz-cf-pop
FRA56-C2
age
101
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2703
last-modified
Tue, 06 Feb 2024 17:12:26 GMT
server
AmazonS3
etag
"a2571da14b9621501f574aa798b48831"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
79zyFbEHUTpFygnW6TBTdxdu1e5gk-TrHQjZ0lHnI1VdzCqJpapdrg==
atrk.js
certify-js.alexametrics.com/ 		0
0
main.MTU3YmJkODI0MA.js
analytics.tiktok.com/i18n/pixel/static/ 		379 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id
4b5ed7b4
date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240125200846AA80143052C9E26A10C6
x-tt-trace-id
00-240125200846AA80143052C9E26A10C6-72EFE989141ECA80-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-23-208-146.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0173966fd660ca18b0be2ed4530cbd4b8d39d684b86baffb7d962d902d13b6ee54269c3d0b0450e454e098a5d1467ee37085cba9b49a284f1945124f31e4e2c3b2ed7a9b992d4a5d16b880f2048be31680fe4834196f9ea5758c553ee12c9b72e5
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length
104298
pixel.js
www.redditstatic.com/ads/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 30 Jan 2024 22:08:33 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"cdb613b732483a878e5e73924ee9a02f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8623
qevents.js
a.quora.com/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
x-amz-version-id
DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
5K57PBR2A0025GG8
age
6591910
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rvPsThAgQkJShQQ2J7UMgDJ+mUUBMPz6v4o52Qjy3F2U8CcHm7z1WCN2wGkAgqOAkDHbpFzSZ2Y=
last-modified
Tue, 17 Oct 2023 18:57:21 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag
W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary
Accept-Encoding
content-type
text/plain
cache-control
public, max-age=14400
cf-ray
851c10db885a56c3-OSL
expires
Wed, 07 Feb 2024 17:44:08 GMT
analytics.js
stape.domene.no/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stape.domene.no/analytics.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.242.243.47 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.243.242.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
nginx
age
4928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
x-robots-tag
noindex
content-length
20994
expires
Wed, 07 Feb 2024 14:22:00 GMT
sm.js
app2.salesmanago.pl/static/ 		127 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.salesmanago.pl/static/sm.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
29b30cd540ff354c34d42f89d5714ca9aea51d05d48e1dc4272c04a307f83419
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Wed, 24 Jan 2024 05:15:37 GMT
server
Apache
etag
"1fb20-60faa2736efa8-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
48267
expires
Wed, 07 Feb 2024 14:44:08 GMT
bslnuukd.js
stape.domene.no/ 		248 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stape.domene.no/bslnuukd.js?id=GTM-5N6KHRT
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.242.243.47 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.243.242.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
725b3fb260e0998f2e19d0b0c889a33e092208e0f4d3cea57aa28baa532fa12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
x-xss-protection
0
expires
Wed, 07 Feb 2024 13:44:08 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH92F8BC77U7A82IN6G0&lib=ttq
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9f5ca6cb14e541388731edc24773cf984eb82d4a0a26c46178df6d5e839fb5fe

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id
e65debf0.4b5ed7b5
date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2402071344082F299EABF04C4C4EAA38-6AF13DA74CC5824E-00
x-cache
TCP_MISS from a2-23-208-146.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
94,2.23.208.146
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
202402071344082F299EABF04C4C4EAA38
x-cache-remote
TCP_MISS from a23-220-104-198.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.104.198
x-tt-trace-host
01e04c58e9aeb7216f9f766de8f1721dc04875187d7f25cd7f546904cc96978722b2ae065bd5bad7bfd68445c2b97480b7e26641e83623df58e3316b9ea5c9fafae74b50e5d90184cadf7dffdaa48e814c8e79e455098adff3e6d87c500fa5a16367d0785ce69641a15f196a8667499773
expires
Wed, 07 Feb 2024 13:44:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Feb 2024 13:44:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
61wsQsJNRF9XBTRh2nUa1SDEB2LWQwhSNiC3+UgOC1XWns8nOt2Y04UcVU2pMX9T7/d3314EmEK/v39neRkynA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Feb 2024 13:30:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
805
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 07 Feb 2024 15:30:43 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RLS1LS63D8&l=dataLayer&cx=c
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30b2c80899cd61fe2d78f8e7dfda1b651a786d7edc78d18a9c11dab81bf1f553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96814
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Feb 2024 13:44:08 GMT
gtm.js
www.googletagmanager.com/ 		252 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTX4X8S
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d24e9dbbdc669b9f2c5e96cdebc3a12af8508b0a061b23b01298ecab0a9ce3fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90390
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Feb 2024 13:44:08 GMT
modernizr-custom.js
www.domene.no/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/modernizr-custom.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
e9b5b02e985a9d7e6c1e00e1f44ca3eb61a2bc33cddb9a0a3f058558da3aa876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:48 GMT
server
Apache
etag
"2824c2-e81-5ff02f02c45a6-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1574
expires
Wed, 14 Feb 2024 13:44:08 GMT
jquery-3.5.1.min.js
www.domene.no/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/jquery-3.5.1.min.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Mon, 26 Jun 2023 07:02:48 GMT
server
Apache
etag
"281ff4-15d83-5ff02f02c41be-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
30908
expires
Wed, 14 Feb 2024 13:44:07 GMT
jquery.validate.js
www.domene.no/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/jquery.validate.js?v=18
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:48 GMT
server
Apache
etag
"2405ea-5461-5ff02f02c45a6-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
6503
expires
Wed, 14 Feb 2024 13:44:08 GMT
jquery.validate_no.js
www.domene.no/js/ 		1022 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/jquery.validate_no.js?v=18
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
28fa815405357cbf5092aa0a7a99bc8cb71657cf48da406d18eee54b37d3c9e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:48 GMT
server
Apache
etag
"281ff8-3fe-5ff02f02c45a6-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
427
expires
Wed, 14 Feb 2024 13:44:08 GMT
sweetalert.min.js
www.domene.no/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/sweetalert.min.js?v=18
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:07 GMT
last-modified
Mon, 26 Jun 2023 07:02:48 GMT
server
Apache
etag
"2405ed-9f68-5ff02f02c498e-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
11867
expires
Wed, 14 Feb 2024 13:44:07 GMT
sm_war.6ea6cc2dec716b451eae.js
app2.salesmanago.pl/static/chunk/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.salesmanago.pl/static/chunk/sm_war.6ea6cc2dec716b451eae.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
a4b9a8d8bedd32188375912e7ef118adef7e215b396e2d976edebebc90dff322
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Mon, 22 Jan 2024 13:22:46 GMT
server
Apache
etag
"14b5-60f88b9c02b58-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=216000, public
accept-ranges
bytes
content-length
2074
expires
Wed, 07 Feb 2024 14:44:08 GMT
popup.d5eaeb2880f8a36d525d.js
app2.salesmanago.pl/static/chunk/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.salesmanago.pl/static/chunk/popup.d5eaeb2880f8a36d525d.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
bcd3bdc0c9bcf890ed12ecb17cecd17f5f0817562dfc7601919840dcae785e92
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Mon, 22 Jan 2024 13:37:38 GMT
server
Apache
etag
"41a5-60f88eee77118-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=216000, public
accept-ranges
bytes
content-length
5218
expires
Wed, 07 Feb 2024 14:44:08 GMT
identify_0a875.js
analytics.tiktok.com/i18n/pixel/static/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-akamai-request-id
4b5ed453
date
Wed, 07 Feb 2024 13:44:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401231543130691D4023EDFF596C62C
x-tt-trace-id
00-2401231543130691D4023EDFF596C62C-57B041569ABECC88-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-23-208-146.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e3c10b51c601ac41acaaf1ddfbc0ab0abe6c60dd6b49636467477c3e13484f7be68c71308a34c4b9a89beb2a163fe1564026cf1b904c506d96b58bdf62815884968a7d06ad2caf699baa74e9d072e42943a93037e60303e4d01feb587001e247
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
37002
stat.js
www.clickcease.com/monitor/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:be00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding
gzip
via
1.1 d0b8b50936db949f99b5544ecb5eda1c.cloudfront.net (CloudFront)
date
Wed, 07 Feb 2024 13:44:08 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop
MUC50-C1
age
15
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Sep 2023 09:05:15 GMT
server
AmazonS3
etag
W/"e112b8bf96f23bc2970347a3c98e37fc"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-id
iw94IXL10gA_lg8SL-xbkHvtyBbHAg-fNyrWGiD12mVqRs9iPzz53w==
domenelogo.webp
www.domene.no/images/ 		17 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.domene.no/images/domenelogo.webp
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
cb5c64a99b93f0095cf7ae550ef5b25dd5f2ced11399442308388bfeac664caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:47 GMT
server
Apache
etag
"181e830d-4226-5ff02f029dc76-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2925
expires
Thu, 06 Feb 2025 13:44:08 GMT
blogo.png
www.domene.no/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.domene.no/images/blogo.png
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
167f9515361895cffa2458963bd33ac0703fb447b1743f7bf302ed88eb79449e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:47 GMT
server
Apache
etag
"1831110f-8b4-5ff02f029bd36"
x-frame-options
sameorigin
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2228
expires
Thu, 06 Feb 2025 13:44:08 GMT
domenebetaling.webp
www.domene.no/images/ 		26 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.domene.no/images/domenebetaling.webp
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
8f1d4995abae401a947b7d4522648f49a7e96afffbb768f104cc061ba656c020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:47 GMT
server
Apache
etag
"18591a1f-683c-5ff02f029d88e-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
12110
expires
Thu, 06 Feb 2025 13:44:08 GMT
persvern.min.js
www.domene.no/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/persvern.min.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
633114309e7b9334e12188f9842faafcac98ff8d6911d50f0cbd8cc385b4ba01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:48 GMT
server
Apache
etag
"2824cf-4d5c-5ff02f02c45a6-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
6515
expires
Wed, 14 Feb 2024 13:44:08 GMT
lc_switch.js
www.domene.no/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/lc_switch.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
131d375143dae23b3ad7fa8b0adfac509daa7be63397c575cd7fe9d42c0d2664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 16 Oct 2023 11:32:33 GMT
server
Apache
etag
"54408b-e64-607d3c326b388-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1157
expires
Wed, 14 Feb 2024 13:44:08 GMT
bootstrap.min.js
www.domene.no/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.domene.no/js/bootstrap.min.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
8843f0a6349a47906e1db382371890a8d14732eb40404f2eee596378ae89c5e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:47 GMT
server
Apache
etag
"240609-7c4c-5ff02f02c321e-gzip"
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
8533
expires
Wed, 14 Feb 2024 13:44:08 GMT
popups.js
app2.salesmanago.pl/dynamic/4ea8c48f789f46c2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app2.salesmanago.pl/dynamic/4ea8c48f789f46c2/popups.js
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
bc2e3fdcf3066f61f87d492a829011d8a7bc8bffa5f59c8c8cbb673ff3961e93
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
server
Apache
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
access-control-allow-headers
x-requested-with, content-type, accept
content-length
3964
expires
Wed, 07 Feb 2024 14:44:08 GMT
loading.gif
www.domene.no/images/ 		1003 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.domene.no/images/loading.gif
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
c3cc67df35d910d0caf073d95e7b0793dacea0c4a64253531d781b223878e972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:47 GMT
server
Apache
etag
"18595ea8-3eb-5ff02f02a7c9e"
x-frame-options
sameorigin
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1003
expires
Fri, 08 Mar 2024 13:44:08 GMT
bakgrunn3.jpg
www.domene.no/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.domene.no/images/bakgrunn3.jpg
Requested by
Host: www.domene.no
URL: https://www.domene.no/klient/templates/v801_domene_six/css/custom.css?v=18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.126.36.30 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS
domene.no
Software
Apache /
Resource Hash
879334f6d267414e95a0901a20c5595460cfcabd8458a1d6b44e5c14b330aaeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options sameorigin

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.domene.no/klient/templates/v801_domene_six/css/custom.css?v=18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
date
Wed, 07 Feb 2024 13:44:08 GMT
last-modified
Mon, 26 Jun 2023 07:02:47 GMT
server
Apache
etag
"18590920-acfa-5ff02f0299a0e"
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
44282
expires
Fri, 08 Mar 2024 13:44:08 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600%7CRaleway:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://startmn.wpenginepowered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 18:59:51 GMT
x-content-type-options
nosniff
age
67457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 18:59:51 GMT
fa-solid-900.woff2
www.domene.no/klient/assets/webfonts/ 		0
0
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600%7CRaleway:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://startmn.wpenginepowered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 22:26:00 GMT
x-content-type-options
nosniff
age
55088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 22:26:00 GMT
fa-solid-900.woff
www.domene.no/klient/assets/webfonts/ 		0
0
frame-modern.690a8cce.js
js.intercomcdn.com/ Frame CADA 		516 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.690a8cce.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/f02qbgxa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34e8036269d41567ffbdbe2e0a520240885d996b672116126d445eb8761ad146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
KcpUwNc.KL3bDH.HN8cmWTmM1HW.wmSm
content-encoding
gzip
via
1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
date
Wed, 07 Feb 2024 13:12:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
1898
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145535
last-modified
Tue, 06 Feb 2024 17:09:19 GMT
server
AmazonS3
etag
"41611b5e5f37de7ad750f9bcebb33b6d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
8jrKRot-RBZoQGzaSSak25X-hz7adKtVCGVaTPzI7sp3n0lindKV3A==
vendor-modern.af6641c5.js
js.intercomcdn.com/ Frame CADA 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.af6641c5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/f02qbgxa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6376e264ac24e50f7ac1866a86e23a3c0134ce82d6b059aefee2177b211effa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
3J.IJPaqOhofQQSf2v2RAGLxretN6Z0i
content-encoding
gzip
via
1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
date
Wed, 07 Feb 2024 12:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
5404
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
128603
last-modified
Tue, 06 Feb 2024 17:09:19 GMT
server
AmazonS3
etag
"ceb2be930e6354b8c59b3cf04a3f088b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
v50J1kTT5t9mEN3p4On5-Ukuwzd8gK4IEkWrv27r40L6xVmnSzgfww==
fa-solid-900.ttf
www.domene.no/klient/assets/webfonts/ 		0
0
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/webp
vc.json
vc-service.saleago.com/api/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc-service.saleago.com/api/vc.json?s=4ea8c48f789f46c2&i=2
Requested by
Host: app2.salesmanago.pl
URL: https://app2.salesmanago.pl/static/sm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.154.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.154.110.34.bc.googleusercontent.com
Software
/
Resource Hash
25a39ba1fab0008c8665afa8a46eb12972d8efa130d6b479aefc676a354fb9aa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Feb 2024 13:44:08 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2043
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=utf-8
vs
app2.salesmanago.pl/api/ 		24 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app2.salesmanago.pl/api/vs?location=startmn.wpenginepowered.com&referrer=
Requested by
Host: app2.salesmanago.pl
URL: https://app2.salesmanago.pl/static/sm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
ad90eed55da429579ff1f8e62cc1c23eaa5dd62b74cae29c83a777bc25a7623b
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
server
Apache
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
expires
Wed, 07 Feb 2024 13:44:09 GMT
r.gif
app2.salesmanago.pl/api/ 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app2.salesmanago.pl/api/r.gif?uri=%2Fdomene%2Flogin.html&location=startmn.wpenginepowered.com&uuid=18d83cfc656-9633917ed785-1015ac17-c645e2e8-e67f47ba-98896e6512c0&referrer=&smid=4ea8c48f789f46c2&time=2024-02-07T13%3A44%3A08Z&timestamp=1707313448539&session=1&title=Innlogging%20Kundeweb%20-%20domene.no&cp=1707313448539&ns=true&fp=bd0754c73f3723ae41857b025bb87481
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
server
Apache
vary
Accept-Encoding
content-type
image/gif;charset=UTF-8
cache-control
max-age=0
expires
Wed, 07 Feb 2024 13:44:08 GMT
err.gif
app2.salesmanago.pl/api/ 		43 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app2.salesmanago.pl/api/err.gif?m=Second%20SALESmanago%20code%20detected.%20Remove%20duplicated%20code.&u=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&v=4ea8c48f789f46c2
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
server
Apache
vary
Accept-Encoding
content-type
image/gif;charset=UTF-8
cache-control
max-age=0
expires
Wed, 07 Feb 2024 13:44:08 GMT
pixel
q.quora.com/_/ad/null/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/null/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.228.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-228-23.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Wed, 07 Feb 2024 13:44:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,d580693fcd2d258c3a14731c8c7f682f,10.0.0.100,42790,178.255.148.167,,334468665087,1,1707313449.213,0.001,,.,0,0,0.000,0.000,-,0,0,203,211,105,10,26847,,,,,,-,
Content-Type
image/gif
atrk.js
certify-js.alexametrics.com/ 		0
0
null_telemetry
conversions-config.reddit.com/v1/pixel/config/ 		86 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://conversions-config.reddit.com/v1/pixel/config/null_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
nel
{"report_to":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"success_fraction":0.3,"failure_fraction":0.3}
report-to
{"group":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"endpoints":[{"url":"https://w3-reporting-nel.reddit.com/reports"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
content-length
86
x-served-by
cache-bma1652-BMA
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1707313448760&id=null&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0d0c016e-2fef-4128-b8b8-462730c4d3bc&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_26e8ea0f&dpm=&dpcc=&dprc=
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 13:44:08 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
295307027971240
connect.facebook.net/signals/config/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/295307027971240?v=2.9.145&r=stable&domain=startmn.wpenginepowered.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d46a48af39a97ffc8d38b2214781f9d23fe67c4680c829222dfaa1b2fe5c75d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Feb 2024 13:44:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
zyOHgdWOh/+4Pih0ajaqKPgagynDGTxnNDvadLycn92VbNH7X4b9dGDOuuV09+KW4weQvIFkoOx9vRWQlk09tQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ping
api-iam.intercom.io/messenger/web/ Frame CADA 		166 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.690a8cce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.205.151.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-151-70.compute-1.amazonaws.com
Software
nginx /
Resource Hash
607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Feb 2024 13:44:09 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
status
403 Forbidden
x-xss-protection
1; mode=block
x-request-id
005pfvov8i2h7deg7tvg
x-runtime
0.080673
server
nginx
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://startmn.wpenginepowered.com
x-intercom-version
fbb93091d15d957d7fee95432391ee4dff18654e
cache-control
no-cache
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=295307027971240&ev=PageView&dl=https%3A%2F%2Fstartmn.wpenginepowered.com&rl=&if=false&ts=1707313448925&sw=1600&sh=1200&v=2.9.145&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.2.1707313448923.1817075544&pm=1&hrl=cb7309&ler=empty&cdl=API_unavailable&it=1707313448785&coo=false&cs_cc=1&exp=e1&rqm=GET
Requested by
Host: startmn.wpenginepowered.com
URL: https://startmn.wpenginepowered.com/domene/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Feb 2024 13:44:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1714120791.1707313451&url=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dma_cps=sypham&dma=1&npa=0&gtm=45He4250n8...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1714120791.1707313451&url=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dma_cps=sypham&dma=1&npa=0&g...
42 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1714120791.1707313451&url=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dma_cps=sypham&dma=1&npa=0&gtm=45He4250n81WTX4X8Sv810202226za200&auid=644426576.1707313451
Protocol
H2
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1714120791.1707313451&url=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dma_cps=sypham&dma=1&npa=0&gtm=45He4250n81WTX4X8Sv810202226za200&auid=644426576.1707313451
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=991113697&t=pageview&_s=1&dl=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&ul=en-us&de=UTF-8&dt=Innlogging%20Kundeweb%20-%20domene.no&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=385430114&gjid=2099573409&cid=1525671298.1707313451&tid=UA-709136-1&_gid=289448436.1707313451&_r=1&_slc=1&gtm=45He4250n81WTX4X8Sv810202226za200&gcs=G111&gcd=13t3t3l3l5&dma_cps=sypham&dma=1&z=360833331
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://startmn.wpenginepowered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://startmn.wpenginepowered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RLS1LS63D8&gtm=45je4250v894543708z8810202226za200&_p=1707313448101&_gaz=1&gcs=G111&gcd=13t3t3l3l5&npa=0&dma_cps=sypham&dma=1&cid=1525671298.1707313451&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707313448&sct=1&seg=0&dl=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dt=Innlogging%20Kundeweb%20-%20domene.no&en=page_view&_fv=1&_ss=1&tfd=4427
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLS1LS63D8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://startmn.wpenginepowered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RLS1LS63D8&cid=1525671298.1707313451&gtm=45je4250v894543708z8810202226za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3l3l5&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLS1LS63D8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://startmn.wpenginepowered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RLS1LS63D8&gtm=45je4250v894543708z8810202226za200&_p=1707313448101&gcs=G111&gcd=13t3t3l3l5&npa=0&dma_cps=sypham&dma=1&cid=1525671298.1707313451&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1707313448&sct=1&seg=0&dl=https%3A%2F%2Fstartmn.wpenginepowered.com%2Fdomene%2Flogin.html&dt=Innlogging%20Kundeweb%20-%20domene.no&en=Analytics%20%E2%80%93%20tell%20alle%20sider&ep.gtm=%5Bobject%20Object%5D&_et=4&tfd=4446
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLS1LS63D8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://startmn.wpenginepowered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RLS1LS63D8&cid=1525671298.1707313451&gtm=45je4250v894543708z8810202226za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3l3l5&npa=0&z=590538782
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-709136-1&cid=1525671298.1707313451&jid=385430114&gjid=2099573409&_gid=289448436.1707313451&_u=aEBAAEAAEAAAACAAI~&z=1624149269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://startmn.wpenginepowered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Feb 2024 13:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://startmn.wpenginepowered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-709136-1&cid=1525671298.1707313451&jid=385430114&_u=aEBAAEAAEAAAACAAI~&z=1291495842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-709136-1&cid=1525671298.1707313451&jid=385430114&_u=aEBAAEAAEAAAACAAI~&z=1291495842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://startmn.wpenginepowered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 13:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js
Domain
www.domene.no
URL
https://www.domene.no/klient/assets/webfonts/fa-solid-900.woff2
Domain
www.domene.no
URL
https://www.domene.no/klient/assets/webfonts/fa-solid-900.woff
Domain
www.domene.no
URL
https://www.domene.no/klient/assets/webfonts/fa-solid-900.ttf
Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Domene AS (Telecommunication)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert object| dataLayer function| gtag string| SITE_URL string| VERSION string| IMG_VERSION string| last_page object| webpackJsonp.TiktTokAnalytics object| intercomSettings function| Intercom string| _smid string| SalesmanagoObject function| sm object| cookieconsent object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| __intercomAssignLocation function| __intercomReloadLocation object| google_tag_data function| ga object| gaplugins undefined| smclt number| NEW_VISIT_MILLISECONDS object| popupCookie object| popupVisitStats object| popup string| sm_client_params object| smclientCookie object| uuid function| PopupCookie function| Popup function| PopupVisitStats function| htmlContent function| isLoadedPopup function| isObject function| addTime function| onReady function| smPopupOnExitEvent function| getUrlParam function| addUrlParam function| shouldShowForm function| isIdentified function| listener function| initPopup function| updateFormCookie function| checkUrls function| checkExcludedUrls function| buildPopupClientParams function| buildPopupHtml function| buildMicroSiteHtml function| smPopupTools function| elementHeight function| getMaxHeight function| sendGtmEvent object| Modernizr function| __smjsonp__ object| ___sm.js___ object| smLiveChat function| smCreateCookie function| smReadCookie function| smFindContactIdByExternalId function| smEvent function| buildEventUrl undefined| client undefined| conversation undefined| smlid undefined| smpid object| storedClient object| smQueue object| google_tag_manager function| onYouTubeIframeAPIReady function| qp string| qpGtm function| rdt string| GoogleAnalyticsObject function| fbq function| _fbq object| _atrk_opts object| script string| target object| elem boolean| SalesmanagoInitPopup object| regeneratorRuntime object| ccConsole function| getBrowserFingerprint boolean| ccinstalled object| qevents object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| gaGlobal object| gaData

13 Cookies

Domain/Path Name / Value
.u.to/ Name: lng
Value: en
.tiktok.com/ Name: _ttp
Value: 2c2d8Y18XbqwbWKGT0rmJzXxp7J
.startmn.wpenginepowered.com/ Name: smvr
Value: eyJ2aXNpdHMiOjEsInZpZXdzIjoxLCJ0cyI6MTcwNzMxMzQ0ODUzMiwiaXNOZXdTZXNzaW9uIjp0cnVlfQ==
.startmn.wpenginepowered.com/ Name: smuuid
Value: 18d83cfc656-9633917ed785-1015ac17-c645e2e8-e67f47ba-98896e6512c0
.startmn.wpenginepowered.com/ Name: _rdt_uuid
Value: 1707313448759.0d0c016e-2fef-4128-b8b8-462730c4d3bc
.startmn.wpenginepowered.com/ Name: _smvs
Value: DIRECT
.startmn.wpenginepowered.com/ Name: _fbp
Value: fb.2.1707313448923.1817075544
.startmn.wpenginepowered.com/ Name: _gcl_au
Value: 1.1.644426576.1707313451
.startmn.wpenginepowered.com/ Name: _gid
Value: GA1.3.289448436.1707313451
.startmn.wpenginepowered.com/ Name: _gat_UA-709136-1
Value: 1
.startmn.wpenginepowered.com/ Name: _ga
Value: GA1.1.1525671298.1707313451
.startmn.wpenginepowered.com/ Name: _ga_RLS1LS63D8
Value: GS1.1.1707313448.1.0.1707313448.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

12 Console Messages

Source Level URL
Text
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://startmn.wpenginepowered.com/domene/login.html
Message:
Access to font at 'https://www.domene.no/klient/assets/webfonts/fa-solid-900.woff2' from origin 'https://startmn.wpenginepowered.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.domene.no/klient/assets/webfonts/fa-solid-900.woff2
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://startmn.wpenginepowered.com/domene/login.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://startmn.wpenginepowered.com/domene/login.html
Message:
Access to font at 'https://www.domene.no/klient/assets/webfonts/fa-solid-900.woff' from origin 'https://startmn.wpenginepowered.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.domene.no/klient/assets/webfonts/fa-solid-900.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://startmn.wpenginepowered.com/domene/login.html
Message:
Access to font at 'https://www.domene.no/klient/assets/webfonts/fa-solid-900.ttf' from origin 'https://startmn.wpenginepowered.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.domene.no/klient/assets/webfonts/fa-solid-900.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://connect.facebook.net/signals/config/295307027971240?v=2.9.145&r=stable&domain=startmn.wpenginepowered.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 80)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://api-iam.intercom.io/messenger/web/ping
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://startmn.wpenginepowered.com/domene/login.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
alb.reddit.com
analytics.tiktok.com
api-iam.intercom.io
app2.salesmanago.pl
cdnjs.cloudflare.com
certify-js.alexametrics.com
connect.facebook.net
conversions-config.reddit.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.intercomcdn.com
q.quora.com
region1.analytics.google.com
stape.domene.no
startmn.wpenginepowered.com
stats.g.doubleclick.net
u.to
vc-service.saleago.com
widget.intercom.io
www.clickcease.com
www.domene.no
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
www.redditstatic.com
certify-js.alexametrics.com
www.domene.no
13.32.27.94
141.193.213.10
151.101.129.140
162.159.152.17
18.245.46.55
185.126.36.30
195.216.243.155
2001:4860:4802:34::36
2600:9000:20c3:be00:15:a0d3:77c0:93a1
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::396
34.110.154.184
35.242.243.47
52.205.151.70
52.206.228.23
91.227.202.129
95.101.111.146
084cc92083179b08b15db8f944b17f5d0cf2efb54be02faa77549a0476c1f742
0cd9b3efe5ac444d8238d2500e2a0d0e0044c10b6049c457491e45d1acdc5607
0d46a48af39a97ffc8d38b2214781f9d23fe67c4680c829222dfaa1b2fe5c75d
131d375143dae23b3ad7fa8b0adfac509daa7be63397c575cd7fe9d42c0d2664
167f9515361895cffa2458963bd33ac0703fb447b1743f7bf302ed88eb79449e
1e95b0c1b1f902aba528ccdc708075046b4a1c24e68066564fa4007d1053feaa
25a39ba1fab0008c8665afa8a46eb12972d8efa130d6b479aefc676a354fb9aa
28fa815405357cbf5092aa0a7a99bc8cb71657cf48da406d18eee54b37d3c9e0
29b30cd540ff354c34d42f89d5714ca9aea51d05d48e1dc4272c04a307f83419
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2c694cfafd5c00ba4a7a2110060eb937afccfc1d7b745a319c49764fe4ef017c
30b2c80899cd61fe2d78f8e7dfda1b651a786d7edc78d18a9c11dab81bf1f553
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
34e8036269d41567ffbdbe2e0a520240885d996b672116126d445eb8761ad146
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e
40edf60843d3ab3dafa086cd263ff571a9d31ac788e0dca0ef592a5b29d06a0b
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
633114309e7b9334e12188f9842faafcac98ff8d6911d50f0cbd8cc385b4ba01
6376e264ac24e50f7ac1866a86e23a3c0134ce82d6b059aefee2177b211effa9
6ea494c990fe66227d734b3d1c656ea42cc5bba3710ccb6bf3dd00c13ef7a9bb
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
725b3fb260e0998f2e19d0b0c889a33e092208e0f4d3cea57aa28baa532fa12b
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
745474ff6c745a04acfc67b23516a5603292c8e605b4cda2be57799479c86d1a
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
879334f6d267414e95a0901a20c5595460cfcabd8458a1d6b44e5c14b330aaeb
8843f0a6349a47906e1db382371890a8d14732eb40404f2eee596378ae89c5e1
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8f1d4995abae401a947b7d4522648f49a7e96afffbb768f104cc061ba656c020
9f5ca6cb14e541388731edc24773cf984eb82d4a0a26c46178df6d5e839fb5fe
a4b9a8d8bedd32188375912e7ef118adef7e215b396e2d976edebebc90dff322
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
ad90eed55da429579ff1f8e62cc1c23eaa5dd62b74cae29c83a777bc25a7623b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc2e3fdcf3066f61f87d492a829011d8a7bc8bffa5f59c8c8cbb673ff3961e93
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
bcd3bdc0c9bcf890ed12ecb17cecd17f5f0817562dfc7601919840dcae785e92
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c19c632fbcde7209efbb2e46484c51c8174bea0e7d3fce5fe5398dfbbcb90966
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c3cc67df35d910d0caf073d95e7b0793dacea0c4a64253531d781b223878e972
cb5c64a99b93f0095cf7ae550ef5b25dd5f2ced11399442308388bfeac664caf
d24e9dbbdc669b9f2c5e96cdebc3a12af8508b0a061b23b01298ecab0a9ce3fd
d9b95438f675ad4e528778541285f8bcb8dc7ec029970ce6083d323c36695f45
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b5b02e985a9d7e6c1e00e1f44ca3eb61a2bc33cddb9a0a3f058558da3aa876
eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629