innlogging.obos.no Open in urlscan Pro
2606:4700::6812:f458 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://arkiv.styrerommet.no/
Effective URL:
https://innlogging.obos.no/login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3RpZNkgd0RaRl9sc3ZndGct...
Submission: On November 09 via automatic, source certstream-suspicious (November 9th 2021, 1:35:41 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6812:f458, located in United States and belongs to CLOUDFLARENET, US. The main domain is innlogging.obos.no.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 16th 2021. Valid for: a year.

This is the only time innlogging.obos.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 9	2a0a:cc80:1::21 2a0a:cc80:1::21	206667 (JOTTA-AS) (JOTTA-AS)
1 2	2606:4700::68... 2606:4700::6812:f458	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	35.244.128.15 35.244.128.15	15169 (GOOGLE) (GOOGLE)
1	195.26.1.31 195.26.1.31	16150 (PORT80-GL...) (PORT80-GLOBALTRANSIT)
2	213.172.203.149 213.172.203.149	2116 (ASN-CATCHCOM) (ASN-CATCHCOM)
12	6

9 2a0a:cc80:1::21 (Norway) 3 redirects

ASN206667 (JOTTA-AS, NO)

arkiv.styrerommet.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:f458 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

innlogging.obos.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.128.15 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 15.128.244.35.bc.googleusercontent.com

cdn.sanity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.26.1.31 (Norway)

ASN16150 (PORT80-GLOBALTRANSIT, SE)
PTR: 31-1-26-195.webscape.no.1.26.195.in-addr.arpa

www.obos.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.172.203.149 (Bergen, Norway)

ASN2116 (ASN-CATCHCOM, NO)

profil-innlogging.obos.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	styrerommet.no 3 redirects arkiv.styrerommet.no	310 KB
5	obos.no 1 redirects innlogging.obos.no www.obos.no profil-innlogging.obos.no	178 KB
1	sanity.io cdn.sanity.io	2 KB
1	sentry-cdn.com browser.sentry-cdn.com	17 KB
12	4

	Domain	Requested by
9	arkiv.styrerommet.no	3 redirects arkiv.styrerommet.no
2	profil-innlogging.obos.no	innlogging.obos.no
2	innlogging.obos.no	1 redirects arkiv.styrerommet.no
1	www.obos.no	innlogging.obos.no
1	cdn.sanity.io	innlogging.obos.no
1	browser.sentry-cdn.com	innlogging.obos.no
12	6

This site contains no links.

Subject Issuer	Validity	Valid
arkiv.styrerommet.no DigiCert SHA2 Secure Server CA	`2019-11-29` - `2021-11-29`	2 years	crt.sh
innlogging.obos.no Cloudflare Inc ECC CA-3	`2021-10-16` - `2022-10-15`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.sanity.io Sectigo RSA Domain Validation Secure Server CA	`2021-09-30` - `2022-10-31`	a year	crt.sh
*.obos.no GlobalSign GCC R3 DV TLS CA 2020	`2021-09-27` - `2022-10-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://innlogging.obos.no/login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3RpZNkgd0RaRl9sc3ZndGctVEVnWl9rNDlmSWwtbjJCQzA5YlejY2lk2SBQZU5wQUY3bDEyVVdHN1loUllOd09WdVR3c21uUnJtdg&client=PeNpAF7l12UWG7YhRYNwOVuTwsmnRrmv&protocol=oauth2&scope=openid%20profile%20email%20phone%20roles%20owner%20boardmember%20employee%20app_metadata%20user_metadata%20projectMemberIn&response_type=code&redirect_uri=https%3A%2F%2Farkiv.styrerommet.no%2Fauth%2Frealms%2Fobos%2Fbroker%2Fobos%2Fendpoint&nonce=3IAxpi9IrVQwvao5aeNV&audience=https%3A%2F%2Fjottacloud.com
Frame ID: 12A8FC30CB75C4151B08EABA41510A80
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OBOS

Page URL History Show full URLs

https://arkiv.styrerommet.no/ Page URL
https://arkiv.styrerommet.no/api/login?audience=https://jottacloud.com HTTP 302
https://arkiv.styrerommet.no/auth/realms/obos/protocol/openid-connect/auth?client_id=web&scope=openid&res... HTTP 303
https://arkiv.styrerommet.no/auth/realms/obos/broker/obos/login?session_code=6DCwdU7ngk37T5u4TVgDMqO9jEXu... HTTP 303
https://innlogging.obos.no/authorize?scope=openid+profile+email+phone+roles+owner+boardmember+employee+... HTTP 302
https://innlogging.obos.no/login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3Rp... Page URL

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

501 kB
Transfer

1784 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://arkiv.styrerommet.no/ Page URL
https://arkiv.styrerommet.no/api/login?audience=https://jottacloud.com HTTP 302
https://arkiv.styrerommet.no/auth/realms/obos/protocol/openid-connect/auth?client_id=web&scope=openid&response_type=code&response_mode=form_post&redirect_uri=https://arkiv.styrerommet.no/api/login&state=fAXzK4pVHZJBIIEyQobc&nonce=3IAxpi9IrVQwvao5aeNV&audience=https://jottacloud.com HTTP 303
https://arkiv.styrerommet.no/auth/realms/obos/broker/obos/login?session_code=6DCwdU7ngk37T5u4TVgDMqO9jEXu1ce3vqf0j5oxWbA&client_id=web&tab_id=lZIeexTBy6w HTTP 303
https://innlogging.obos.no/authorize?scope=openid+profile+email+phone+roles+owner+boardmember+employee+app_metadata+user_metadata+projectMemberIn&state=VT903S3TBC9P2ufAybU61f-nU4KbIPKfKGdlgDifVxo.lZIeexTBy6w.web&response_type=code&client_id=PeNpAF7l12UWG7YhRYNwOVuTwsmnRrmv&redirect_uri=https%3A%2F%2Farkiv.styrerommet.no%2Fauth%2Frealms%2Fobos%2Fbroker%2Fobos%2Fendpoint&nonce=3IAxpi9IrVQwvao5aeNV&audience=https%3A%2F%2Fjottacloud.com HTTP 302
https://innlogging.obos.no/login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3RpZNkgd0RaRl9sc3ZndGctVEVnWl9rNDlmSWwtbjJCQzA5YlejY2lk2SBQZU5wQUY3bDEyVVdHN1loUllOd09WdVR3c21uUnJtdg&client=PeNpAF7l12UWG7YhRYNwOVuTwsmnRrmv&protocol=oauth2&scope=openid%20profile%20email%20phone%20roles%20owner%20boardmember%20employee%20app_metadata%20user_metadata%20projectMemberIn&response_type=code&redirect_uri=https%3A%2F%2Farkiv.styrerommet.no%2Fauth%2Frealms%2Fobos%2Fbroker%2Fobos%2Fendpoint&nonce=3IAxpi9IrVQwvao5aeNV&audience=https%3A%2F%2Fjottacloud.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
arkiv.styrerommet.no/ 3 KB
2 KB 114ms
33ms Document
text/html 2a0a:cc80:1::21
JOTTA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arkiv.styrerommet.no/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a0a:cc80:1::21 , Norway, ASN206667 (JOTTA-AS, NO),

Reverse DNS

Software

Resource Hash

c22fdcd2eb4a5c9a8e4d800873a7dc033170b974642cb87d3db948316174b89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-id: 492989731716
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Content-Type: text/html
content-encoding: gzip
content-length: 1393
X-RESP: 1
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK main.97ac8a4c.chunk.css
arkiv.styrerommet.no/static/css/ 2 KB
701 B 33ms
33ms Stylesheet
text/css 2a0a:cc80:1::21
JOTTA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arkiv.styrerommet.no/static/css/main.97ac8a4c.chunk.css

Requested by

Host: arkiv.styrerommet.no
URL: https://arkiv.styrerommet.no/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a0a:cc80:1::21 , Norway, ASN206667 (JOTTA-AS, NO),

Reverse DNS

Software

Resource Hash

b83ad51b82ca239d28f7e98188fc1cd1735c1ad768ea4a2e70b5f690ed3032b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arkiv.styrerommet.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: 713241809845
Strict-Transport-Security: max-age=31536000
content-encoding: gzip
Cache-Control: public, max-age=31536000
content-length: 496
X-RESP: 0
Content-Type: text/css

GET
H/1.1 200
OK 2.9877ee1e.chunk.js Show response
arkiv.styrerommet.no/static/js/ 1 MB
232 KB 108ms
75ms Script
application/javascript 2a0a:cc80:1::21
JOTTA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arkiv.styrerommet.no/static/js/2.9877ee1e.chunk.js

Requested by

Host: arkiv.styrerommet.no
URL: https://arkiv.styrerommet.no/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a0a:cc80:1::21 , Norway, ASN206667 (JOTTA-AS, NO),

Reverse DNS

Software

Resource Hash

074cd8a43b9612f034cbf5856cd66670d14765f1c2ebcb1d91c22c663075d199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arkiv.styrerommet.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: 833332095683
Strict-Transport-Security: max-age=31536000
content-encoding: gzip
Cache-Control: public, max-age=31536000
content-length: 237846
X-RESP: 44
Content-Type: application/javascript

GET
H/1.1 200
OK main.5b8bcdbd.chunk.js Show response
arkiv.styrerommet.no/static/js/ 189 KB
55 KB 110ms
44ms Script
application/javascript 2a0a:cc80:1::21
JOTTA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arkiv.styrerommet.no/static/js/main.5b8bcdbd.chunk.js

Requested by

Host: arkiv.styrerommet.no
URL: https://arkiv.styrerommet.no/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a0a:cc80:1::21 , Norway, ASN206667 (JOTTA-AS, NO),

Reverse DNS

Software

Resource Hash

ceb566dadd733cbc1c8f45e4a189274bc05cc357578b956f20fc147698850b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arkiv.styrerommet.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: 812532148236
Strict-Transport-Security: max-age=31536000
content-encoding: gzip
Cache-Control: public, max-age=31536000
content-length: 56155
X-RESP: 12
Content-Type: application/javascript

GET
H/1.1 401
Unauthorized refresh
arkiv.styrerommet.no/api/ 60 B
237 B 33ms
32ms Fetch 2a0a:cc80:1::21
JOTTA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arkiv.styrerommet.no/api/refresh

Requested by

Host: arkiv.styrerommet.no
URL: https://arkiv.styrerommet.no/static/js/main.5b8bcdbd.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a0a:cc80:1::21 , Norway, ASN206667 (JOTTA-AS, NO),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json
Referer: https://arkiv.styrerommet.no/
X-ID: RxYKncLUqo5cPR3ILA7gM
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: RxYKncLUqo5cPR3ILA7gM
Strict-Transport-Security: max-age=31536000
content-encoding: gzip
content-length: 79
X-RESP: 1

GET
H/1.1 200
OK gordita-regular.32c3ea6a.woff2
arkiv.styrerommet.no/static/media/ 18 KB
18 KB 34ms
33ms Font
font/woff2 2a0a:cc80:1::21
JOTTA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arkiv.styrerommet.no/static/media/gordita-regular.32c3ea6a.woff2

Requested by

Host: arkiv.styrerommet.no
URL: https://arkiv.styrerommet.no/static/css/main.97ac8a4c.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a0a:cc80:1::21 , Norway, ASN206667 (JOTTA-AS, NO),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://arkiv.styrerommet.no/static/css/main.97ac8a4c.chunk.css
Origin: https://arkiv.styrerommet.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: 278436235281
Strict-Transport-Security: max-age=31536000
content-encoding: gzip
Cache-Control: public, max-age=31536000
content-length: 17924
X-RESP: 2
Content-Type: font/woff2

GET
H2

200

Primary Request login Show response
innlogging.obos.no/
Redirect Chain

https://arkiv.styrerommet.no/api/login?audience=https://jottacloud.com
https://arkiv.styrerommet.no/auth/realms/obos/protocol/openid-connect/auth?client_id=web&scope=openid&response_type=code&response_mode=form_post&redirect_uri=https://arkiv.styrerommet.no/api/login&...
https://arkiv.styrerommet.no/auth/realms/obos/broker/obos/login?session_code=6DCwdU7ngk37T5u4TVgDMqO9jEXu1ce3vqf0j5oxWbA&client_id=web&tab_id=lZIeexTBy6w
https://innlogging.obos.no/authorize?scope=openid+profile+email+phone+roles+owner+boardmember+employee+app_metadata+user_metadata+projectMemberIn&state=VT903S3TBC9P2ufAybU61f-nU4KbIPKfKGdlgDifVxo.l...
https://innlogging.obos.no/login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3RpZNkgd0RaRl9sc3ZndGctVEVnWl9rNDlmSWwtbjJCQzA5YlejY2lk2SBQZU5wQUY3bDEyVVdHN1loUllOd09WdVR3c21uUn...

302 KB
95 KB

186ms
185ms

Document
text/html

2606:4700::6812:f458
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://innlogging.obos.no/login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3RpZNkgd0RaRl9sc3ZndGctVEVnWl9rNDlmSWwtbjJCQzA5YlejY2lk2SBQZU5wQUY3bDEyVVdHN1loUllOd09WdVR3c21uUnJtdg&client=PeNpAF7l12UWG7YhRYNwOVuTwsmnRrmv&protocol=oauth2&scope=openid%20profile%20email%20phone%20roles%20owner%20boardmember%20employee%20app_metadata%20user_metadata%20projectMemberIn&response_type=code&redirect_uri=https%3A%2F%2Farkiv.styrerommet.no%2Fauth%2Frealms%2Fobos%2Fbroker%2Fobos%2Fendpoint&nonce=3IAxpi9IrVQwvao5aeNV&audience=https%3A%2F%2Fjottacloud.com

Requested by

Host: arkiv.styrerommet.no
URL: https://arkiv.styrerommet.no/static/js/main.5b8bcdbd.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f458 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704fb4c5f71a372dd60696600988b0a023250cb7eadecd6f4a08463e1538476c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arkiv.styrerommet.no/

Response headers

date: Tue, 09 Nov 2021 13:35:38 GMT
content-type: text/html; charset=utf-8
cf-ray: 6ab76cea98303753-MXP
cache-control: no-store, max-age=0, no-transform
content-encoding: gzip
etag: W/"4b893-qY34aNW+WnsMdQ+KbszlHtk74sQ"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 6ab76cea98303753
ot-tracer-sampled: true
ot-tracer-spanid: 5cd0b3de7af8a3f7
ot-tracer-traceid: 6990a90725e3b52b
pragma: no-cache
referrer-policy: same-origin
x-auth0-requestid: 16fe23a32ab5671ab322
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1636464939
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 09 Nov 2021 13:35:38 GMT
content-type: text/html; charset=utf-8
content-length: 1184
location: /login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3RpZNkgd0RaRl9sc3ZndGctVEVnWl9rNDlmSWwtbjJCQzA5YlejY2lk2SBQZU5wQUY3bDEyVVdHN1loUllOd09WdVR3c21uUnJtdg&client=PeNpAF7l12UWG7YhRYNwOVuTwsmnRrmv&protocol=oauth2&scope=openid%20profile%20email%20phone%20roles%20owner%20boardmember%20employee%20app_metadata%20user_metadata%20projectMemberIn&response_type=code&redirect_uri=https%3A%2F%2Farkiv.styrerommet.no%2Fauth%2Frealms%2Fobos%2Fbroker%2Fobos%2Fendpoint&nonce=3IAxpi9IrVQwvao5aeNV&audience=https%3A%2F%2Fjottacloud.com
cf-ray: 6ab76ce87b6f3753-MXP
cache-control: no-store, max-age=0, no-transform
strict-transport-security: max-age=31536000
vary: Accept, Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 6ab76ce87b6f3753
ot-tracer-sampled: true
ot-tracer-spanid: 65e13b366755e3df
ot-tracer-traceid: 4c22951013888887
pragma: no-cache
x-auth0-requestid: 3e54af1f4df27470ee8d
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1636464939
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.6.2/ 51 KB
17 KB 56ms
16ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.6.2/bundle.min.js

Requested by

Host: innlogging.obos.no
URL: https://innlogging.obos.no/login?state=hKFo2SByRjgxNmpFY0FBYVQwdjQ2eFQzTW9rU3FpUXdVaktTSKFupWxvZ2luo3RpZNkgd0RaRl9sc3ZndGctVEVnWl9rNDlmSWwtbjJCQzA5YlejY2lk2SBQZU5wQUY3bDEyVVdHN1loUllOd09WdVR3c21uUnJtdg&client=PeNpAF7l12UWG7YhRYNwOVuTwsmnRrmv&protocol=oauth2&scope=openid%20profile%20email%20phone%20roles%20owner%20boardmember%20employee%20app_metadata%20user_metadata%20projectMemberIn&response_type=code&redirect_uri=https%3A%2F%2Farkiv.styrerommet.no%2Fauth%2Frealms%2Fobos%2Fbroker%2Fobos%2Fendpoint&nonce=3IAxpi9IrVQwvao5aeNV&audience=https%3A%2F%2Fjottacloud.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

42ff0034f253bd5cd92df63a8e2a81f2c02b04c0aa76dd713f73b99049ed062b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
Origin: https://innlogging.obos.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 13:35:38 GMT
content-encoding: gzip
last-modified: Mon, 19 Aug 2019 12:01:08 GMT
server: Fastly
age: 4687963
etag: "51704fb5938317d982527f1e96119efe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 16648
expires: Fri, 16 Sep 2022 07:22:55 GMT

GET
H2 200 cc5a7055bb6b7be326de5240d6fda11776a6c61f-393x65.svg
cdn.sanity.io/images/5ir3s1uv/prod/ 3 KB
2 KB 33ms
9ms Image
image/svg+xml 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/5ir3s1uv/prod/cc5a7055bb6b7be326de5240d6fda11776a6c61f-393x65.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

fd62b0a3ae3345898c78c65fcce107599e1ec79d76dbb964f50af48367409356

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: script-src 'none'
content-encoding: br
x-content-type-options: nosniff
xkey: project-5ir3s1uv-prod
x-b3-traceid: 978a38b3a9e6b959
age: 1613484
x-varnish-age: 28865
alt-svc: clear
content-length: 1279
date: Thu, 21 Oct 2021 21:24:14 GMT
vary: origin, accept-encoding
content-type: image/svg+xml
via: 1.1 google
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 978a38b3a9e6b959
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 obos_liggende.svg
www.obos.no/Images/ 3 KB
2 KB 125ms
36ms Image
image/svg+xml 195.26.1.31
PORT80-GLOBALTRANSIT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obos.no/Images/obos_liggende.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.26.1.31 , Norway, ASN16150 (PORT80-GLOBALTRANSIT, SE),

Reverse DNS

31-1-26-195.webscape.no.1.26.195.in-addr.arpa

Software

Resource Hash

79053ec46d7f8d40608365b071de4821da4c4f60ea759a40a6104d2c4f26f4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: origin
last-modified: Fri, 22 Oct 2021 11:54:46 GMT
server
etag: "047b49b3bc7d71:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public,max-age=604800
date: Tue, 09 Nov 2021 13:35:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1430
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK gorditamedium-webfont.woff2
profil-innlogging.obos.no/fonts/gordita/ 39 KB
39 KB 131ms
34ms Font
font/woff2 213.172.203.149
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to

Full URL

https://profil-innlogging.obos.no/fonts/gordita/gorditamedium-webfont.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

213.172.203.149 Bergen, Norway, ASN2116 (ASN-CATCHCOM, NO),

Reverse DNS

Software

nginx / Express

Resource Hash

c908c3a2dffa238990a90b6b7e6192e213995a26002bc3b256c75a4be773852c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://innlogging.obos.no/
Origin: https://innlogging.obos.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 13:35:39 GMT
Referrer-Policy: origin
Last-Modified: Mon, 31 May 2021 11:06:25 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"9bdc-179c21a7768"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39900
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK gorditaregular-webfont.woff2
profil-innlogging.obos.no/fonts/gordita/ 39 KB
40 KB 132ms
34ms Font
font/woff2 213.172.203.149
ASN-CATCHCOM

General

Check archive.org

Show headers Download Go to

Full URL

https://profil-innlogging.obos.no/fonts/gordita/gorditaregular-webfont.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

213.172.203.149 Bergen, Norway, ASN2116 (ASN-CATCHCOM, NO),

Reverse DNS

Software

nginx / Express

Resource Hash

5ec2a8353ca1a270fea68cee8ab9bb65944088d3632b83b1a32d034109b7ee5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://innlogging.obos.no/
Origin: https://innlogging.obos.no
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 13:35:39 GMT
Referrer-Policy: origin
Last-Modified: Mon, 31 May 2021 11:06:25 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"9df4-179c21a7768"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40436
X-Content-Type-Options: nosniff

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
innlogging.obos.no/usernamepassword/login	1970-01-19 22:48:48	Name: _csrf Value: 0zORxqQo3cgXNu4KLGrujc4_
arkiv.styrerommet.no/auth/realms/obos/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: e920428e-be6b-42ab-8d21-ad8e8a231bb3.keycloak-0
arkiv.styrerommet.no/auth/realms/obos/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3OWU1MzQ4MC1kODNkLTQ1YTctYmE3Zi1mZmE0ODA5NWMxZmYifQ.eyJjaWQiOiJ3ZWIiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2Fya2l2LnN0eXJlcm9tbWV0Lm5vL2FwaS9sb2dpbiIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7ImNsaWVudF9yZXF1ZXN0X3BhcmFtX2F1ZGllbmNlIjoiaHR0cHM6Ly9qb3R0YWNsb3VkLmNvbSIsInNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9hcmtpdi5zdHlyZXJvbW1ldC5uby9hdXRoL3JlYWxtcy9vYm9zIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJwbGFpbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYXJraXYuc3R5cmVyb21tZXQubm8vYXBpL2xvZ2luIiwic3RhdGUiOiJmQVh6SzRwVkhaSkJJSUV5UW9iYyIsIm5vbmNlIjoiM0lBeHBpOUlyVlF3dmFvNWFlTlYiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0In19.gdaJeHMtqqdLkRhMwO2cfkVS7MEYB4yoMPdCnqF0408
arkiv.styrerommet.no/	1970-01-19 23:17:36	Name: fAXzK4pVHZJBIIEyQobc Value: 3IAxpi9IrVQwvao5aeNVhttps://arkiv.styrerommet.no/
innlogging.obos.no/	1970-01-20 07:20:22	Name: did Value: s%3Av0%3Aed0650d0-4161-11ec-8d77-9baa5e9aaabd.pucieqYm1aHurw9axpMVvAIW3rC3zIWc0R6XLrHohuo
innlogging.obos.no/	1970-01-19 22:38:44	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMSTDBWkwKgX9H8ZtdEYBf4O4Y0hnBDVgUAthLJNkMHqk4hKjQSEkGv4_pqioAq1vM01Uwh_JJw2aOSrjCF-YN2mY29va2llg6dleHBpcmVz1_-SY5YAYY5tqq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.lHUK%2BJYONBx2SLKa7%2FSJaMu3tFy%2B42mZM07b5vcn7ak
innlogging.obos.no/	1970-01-20 07:20:22	Name: did_compat Value: s%3Av0%3Aed0650d0-4161-11ec-8d77-9baa5e9aaabd.pucieqYm1aHurw9axpMVvAIW3rC3zIWc0R6XLrHohuo
innlogging.obos.no/	1970-01-19 22:38:44	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMSTDBWkwKgX9H8ZtdEYBf4O4Y0hnBDVgUAthLJNkMHqk4hKjQSEkGv4_pqioAq1vM01Uwh_JJw2aOSrjCF-YN2mY29va2llg6dleHBpcmVz1_-SY5YAYY5tqq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.lHUK%2BJYONBx2SLKa7%2FSJaMu3tFy%2B42mZM07b5vcn7ak
.innlogging.obos.no/	1970-01-19 22:34:26	Name: __cf_bm Value: tyTKjFeILcxEmgIeH4IKC9ZaDKvKJQMGPjtv4ZqPzu4-1636464938-0-AYdaYseSf9hS50bIPdLvULJUXGwHPgvuW7CKd0V1Oni6mHNWdLXLcnP4q5KhmA4E+5Ii2hGzwBRUz8JlgZqmV5o=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://arkiv.styrerommet.no/api/refresh Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arkiv.styrerommet.no
browser.sentry-cdn.com
cdn.sanity.io
innlogging.obos.no
profil-innlogging.obos.no
www.obos.no
195.26.1.31
213.172.203.149
2606:4700::6812:f458
2a04:4e42:600::729
2a0a:cc80:1::21
35.244.128.15
074cd8a43b9612f034cbf5856cd66670d14765f1c2ebcb1d91c22c663075d199
42ff0034f253bd5cd92df63a8e2a81f2c02b04c0aa76dd713f73b99049ed062b
5ec2a8353ca1a270fea68cee8ab9bb65944088d3632b83b1a32d034109b7ee5a
704fb4c5f71a372dd60696600988b0a023250cb7eadecd6f4a08463e1538476c
79053ec46d7f8d40608365b071de4821da4c4f60ea759a40a6104d2c4f26f4ff
b83ad51b82ca239d28f7e98188fc1cd1735c1ad768ea4a2e70b5f690ed3032b1
c22fdcd2eb4a5c9a8e4d800873a7dc033170b974642cb87d3db948316174b89b
c908c3a2dffa238990a90b6b7e6192e213995a26002bc3b256c75a4be773852c
ceb566dadd733cbc1c8f45e4a189274bc05cc357578b956f20fc147698850b03
fd62b0a3ae3345898c78c65fcce107599e1ec79d76dbb964f50af48367409356

innlogging.obos.no Open in urlscan Pro 2606:4700::6812:f458 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

6 IPs

2 Countries

501 kBTransfer

1784 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

9 Cookies

1 Console Messages

Security Headers

Indicators

innlogging.obos.no Open in urlscan Pro
2606:4700::6812:f458 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

501 kB
Transfer

1784 kB
Size

9
Cookies

12 HTTP transactions
0 data transactions