urlscan.io logo urlscan.io
SecurityTrails logo

xn--strmsttta-n8ad.no Open in urlscan Pro Puny
strømstøtta.no IDN
2a05:d014:776:a63d:6339:2a28:fc90:eea  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--strmsttta-n8ad.no/
Effective URL: https://xn--strmsttta-n8ad.no/
Submission Tags: phishing
Submission: On July 06 via api from ES — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 29 HTTP transactions. The main IP is 2a05:d014:776:a63d:6339:2a28:fc90:eea, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is xn--strmsttta-n8ad.no.
TLS certificate: Issued by R3 on May 7th 2023. Valid for: 3 months.
This is the only time xn--strmsttta-n8ad.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a05:d014:776:a63f:551c:5660:31da:fe01 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
xn--strmsttta-n8ad.no
6    2a05:d014:776:a63d:6339:2a28:fc90:eea (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
xn--strmsttta-n8ad.no
2    2606:4700:3033::6815:1c30 (United States)

ASN13335 (CLOUDFLARENET, US)
privacy.gatekeeperconsent.com
the.gatekeeperconsent.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:e0::ac40:6113 (United States)

ASN13335 (CLOUDFLARENET, US)
ezodn.com
g.ezodn.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    2a02:2350:7:200::6825:2741 (Denmark)

ASN51468 (ONECOM, DK)
www.hvakosterstrommen.no
Apex Domain
Subdomains		 Transfer
7 hvakosterstrommen.no
www.hvakosterstrommen.no
24 KB
7 xn--strmsttta-n8ad.no
xn--strmsttta-n8ad.no
46 KB
3 ezodn.com
ezodn.com — Cisco Umbrella Rank: 9594
g.ezodn.com — Cisco Umbrella Rank: 12609
60 KB
2 gstatic.com
fonts.gstatic.com
25 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16040
c.statcounter.com — Cisco Umbrella Rank: 9503
15 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
166 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
1 KB
2 gatekeeperconsent.com
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 45848
the.gatekeeperconsent.com — Cisco Umbrella Rank: 49107
84 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1623
249 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
85 KB
29 11
Domain Requested by
7 www.hvakosterstrommen.no xn--strmsttta-n8ad.no
7 xn--strmsttta-n8ad.no 1 redirects xn--strmsttta-n8ad.no
2 fonts.gstatic.com fonts.googleapis.com
2 ezodn.com xn--strmsttta-n8ad.no
the.gatekeeperconsent.com
2 pagead2.googlesyndication.com xn--strmsttta-n8ad.no
pagead2.googlesyndication.com
2 fonts.googleapis.com xn--strmsttta-n8ad.no
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 c.statcounter.com www.statcounter.com
1 g.ezodn.com xn--strmsttta-n8ad.no
1 www.statcounter.com xn--strmsttta-n8ad.no
1 the.gatekeeperconsent.com xn--strmsttta-n8ad.no
1 www.googletagmanager.com xn--strmsttta-n8ad.no
1 privacy.gatekeeperconsent.com xn--strmsttta-n8ad.no
29 14

This site contains links to these domains. Also see Links.

Domain
www.aenett.no
www.hvakosterstrommen.no
Subject Issuer Validity Valid
xn--strmsttta-n8ad.no
R3		 2023-05-07 -
2023-08-05		 3 months crt.sh
gatekeeperconsent.com
GTS CA 1P5		 2023-07-05 -
2023-10-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
ezodn.com
E1		 2023-07-02 -
2023-09-30		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.hvakosterstrommen.no
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://xn--strmsttta-n8ad.no/
Frame ID: 3D59D5FE5E1B0D0F56E107817B00B5EE
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/zrt_lookup.html
Frame ID: EC8D7D748F1FF73B402A957EFDA7CD58
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Strømstøtta

Page URL History Show full URLs

  1. http://xn--strmsttta-n8ad.no/ HTTP 301
    https://xn--strmsttta-n8ad.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

29
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

14
Subdomains

11
IPs

4
Countries

511 kB
Transfer

1783 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--strmsttta-n8ad.no/ HTTP 301
    https://xn--strmsttta-n8ad.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--strmsttta-n8ad.no/
Redirect Chain
  • http://xn--strmsttta-n8ad.no/
  • https://xn--strmsttta-n8ad.no/
51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6cdd7ff8926e4f910228d6053533b4389c2384d7bed6045c029c18850396699a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Thu, 06 Jul 2023 17:23:05 UTC
display
orig_site_sol
etag
"198d-63b99fd4-9533dd4fbe1c9a68;gz-gzip"
expires
Wed, 05 Jul 2023 17:23:05 GMT
last-modified
Sat, 07 Jan 2023 16:37:40 GMT
pagespeed
off
platform
hostinger
response
200
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-ez-proxy-out
true 2.3
x-ezoic-cdn
Hit ds;mm;a8ffcf3fa2c9bfd8d295f5c2d629d6fb;2-420198-2;2cd278a6-885d-463a-57b6-3df51539a320
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
x-sol
orig
x-turbo-charged-by
LiteSpeed

Redirect headers

Cache-Control
public, max-age=2592000
Content-Length
707
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html
Date
Thu, 06 Jul 2023 17:23:05 UTC
Display
staticcontent_sol, orig_site_sol
Location
https://xn--strmsttta-n8ad.no/
Pagespeed
off
Platform
hostinger
Response
301
Server
LiteSpeed
Vary
Accept-Encoding,User-Agent,Origin
X-Ez-Proxy-Out
true 2.4
X-Ezoic-Cdn
Hit ds;mm;bf39c7454e7062a0fe2022820850c29b;2-420198-2;bad7718c-28fc-466e-5c1e-00240c2cb0d4
X-Middleton-Display
staticcontent_sol, orig_site_sol
X-Middleton-Response
301
X-Origin-Cache-Control
X-Sol
orig
X-Turbo-Charged-By
LiteSpeed
tcf2_stub.js
privacy.gatekeeperconsent.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/tcf2_stub.js
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FCLaETKLQBfpBHZPBwuxIJgjtgr18bmJWD825z2OF3T2z7zl46KXTCKzNYVN0oiyS2Xkv64edlrmwHsiPUuSYF3eu7Bu1Ke2v1o0svch7aixX1yWe8CBvfmMWmG3896hmOlVmgMwqcpznqLK3RtvhPtxp8sGZ8G797L3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15780000, public
cf-ray
7e29889b5f3a0b3d-OSL
alt-svc
h3=":443"; ma=86400
style12.css
xn--strmsttta-n8ad.no/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--strmsttta-n8ad.no/style12.css
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6fb4b86dee60edae61e5041d840a1eb0c74bcd44f2c227a5f77e7cff7499a0a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
date
Thu, 06 Jul 2023 17:23:06 UTC
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;ds;07bd17c0559d8bc0b51245dcb10b7abe;2-420198-2;c69b4c18-f383-4c5e-65a6-30381cb26d20
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Tue, 03 Jan 2023 13:27:16 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"2fc2-63b42d34-89141c4e89079958;gz-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
css2
fonts.googleapis.com/ 		723 B
451 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Heebo:wght@800&display=swap
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e31e68c186f1ddf409120a23af4dbe22efcd71668a58be2f6c274b5a9e2592c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 17:23:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jul 2023 17:23:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4639227442317284
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc7e6cc0b818a1683d8b1880772be28c13d449e249c1e30e84312289bab759bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--strmsttta-n8ad.no/
Origin
https://xn--strmsttta-n8ad.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48662
x-xss-protection
0
server
cafe
etag
16507194743736159324
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 06 Jul 2023 17:23:06 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4VK3XQ5EK5
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
778a5b19472176d8246917f4243161b3aad8aef71101034aee8192491ab8739a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86556
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 06 Jul 2023 17:23:06 GMT
css2
fonts.googleapis.com/ 		2 KB
997 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manrope:wght@600&display=swap
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cfb125d4d4bb31b8205dc29ed3f26eca990caecb76fc22ed173d23370edb6798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 17:22:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jul 2023 17:23:06 GMT
consentsettings.js
ezodn.com/detroitchicago/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ezodn.com/detroitchicago/consentsettings.js?cb=2
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 21:15:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11350337
etag
W/"5be-5f395d3676a80;5f395d3676a80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WngUHhdGhzsVoOtNrtTlfOSQ6loG9iIk2COufuTG%2FuYcZw3r4rOd5xhnF%2FkNDQ6kGOYj8%2B1fIGvh%2Fwv9H0zeaJn7giJXAXMHAZSm81e2zGC%2BdE4fSbjkrP0GBiLE3ViJChsH47AY70Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7e29889b7b500d4e-ARN
alt-svc
h3=":443"; ma=86400
cmp.js
the.gatekeeperconsent.com/v2/ 		343 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/v2/cmp.js?v=111
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc55cf2d55dc61ffb22cc43cc4c71b63a80528b584f4b161751aca59ddf0a5f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 27 Jun 2023 18:56:23 GMT
server
cloudflare
age
769795
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq2WkPhfsRcNCriBoEUVPG7aBenI6lNvN3%2BToMysSk4ah%2ByA%2FrSGwcohc8FkE4dS6Ug5xF%2Fy9pMft%2BEepf2vWPkIx8Z9PJzbDKwaeDsNhOvuRgUXs89JubU4IUC25%2FDIFwrYm26lUlgtLb%2BYEACloNHk2mkFsbp7"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7e29889c68d50b3d-OSL
alt-svc
h3=":443"; ma=86400
script5.js
xn--strmsttta-n8ad.no/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--strmsttta-n8ad.no/script5.js
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
695f0e8796fb891712bebe6683ea3d65fc0238323cb0b5289b4bc5e68782ac65
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
date
Thu, 06 Jul 2023 17:23:06 UTC
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 21 Apr 2023 20:16:40 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"5e35-6442ef28-f665b6005c1d5a;gz-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
expires
Thu, 13 Jul 2023 17:23:06 GMT
counter.js
www.statcounter.com/counter/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jul 2023 15:10:22 GMT
server
cloudflare
age
982
etag
W/"64a587de-ae4f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e29889cda04b50c-OSL
expires
Fri, 07 Jul 2023 05:06:44 GMT
v.js
g.ezodn.com/cmp/v2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 19:45:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11566939
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqArPKgc5s3EA2kPytn3V7ewjNDN80tqlwhpSsQ0TvhMYYaF6KrajvJLj3maP2X1iQ%2FX0G2h5la1Wq6vfhpsepZiYbt3pwXm7hT61dSDtFZd0RfEr5EilAl8%2BuHMM2Cz2CLFbJl8lxdm%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7e29889c6bd40d4e-ARN
alt-svc
h3=":443"; ma=86400
cmbv2.js
xn--strmsttta-n8ad.no/detroitchicago/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--strmsttta-n8ad.no/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4&cmbcb=151&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33&abt=AdInsertStatic
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
b153a3f8193227739a674872a2c179337a59e8928d798b6defa596c98755524e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSusdUmm.woff2
fonts.gstatic.com/s/heebo/v21/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
988c9bb3b84ce3ef6b23a9b71186b3e2e8f5cd04aae7b334a66f38bc00ea01b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--strmsttta-n8ad.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 20:08:23 GMT
x-content-type-options
nosniff
age
422083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10320
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:30:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 20:08:23 GMT
xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk4jE9_C-bk.woff2
fonts.gstatic.com/s/manrope/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/manrope/v14/xn7_YHE41ni1AdIRqAuZuw1Bx9mbZk4jE9_C-bk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b52f2bf3d110469312cbedd409316b145c19be8cb792a17fa6ba91a91ebb23e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--strmsttta-n8ad.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 02:13:41 GMT
x-content-type-options
nosniff
age
400165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14152
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:52:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Jul 2024 02:13:41 GMT
imp.gif
xn--strmsttta-n8ad.no/detroitchicago/ 		43 B
283 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://xn--strmsttta-n8ad.no/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod51%22%2C%22ad_cache_level%22%3A1%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22NO%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A420198%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%220ddbb21b-fde5-42f7-7702-13224f4c769a%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A6541%2C%22response_time_orig%22%3A3%2C%22serverid%22%3A%22i-05d689246e7d69f44%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1688664185%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fxn--strmsttta-n8ad.no%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A93%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4&cmbcb=151&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://xn--strmsttta-n8ad.no
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Wed, 05 Jul 2023 17:23:06 GMT
cmbdv2.js
xn--strmsttta-n8ad.no/detroitchicago/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--strmsttta-n8ad.no/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5&cmbcb=151&sj=x03x0cx1c&abt=AdInsertStatic
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63d:6339:2a28:fc90:eea Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
7de23c3011720b02c873dcc91c5df384b2b63b2638bf3002b6111bef2f95c4f5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
gvl.json
ezodn.com/cmp/ 		417 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ezodn.com/cmp/gvl.json?v=3&lang=en
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1867bf805dc843cfc12f92f7daf6e43735ee3ed13cf1f884924e829f194c82bc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Jul 2023 17:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fcV8zttgpPIyrBIA4VfhmXdpU3U%2Bgms%2Fse%2FAOgLsDID%2BHNjjWCJdQfSPVvMmygbyJHZDRnmFjSXCyBfw3MWCV%2BwNvgl5MMTArYOyLsgOE%2BoSvAsFI79dVv4xJJUAghPSv030x4Fgoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=345600, public
cf-ray
7e29889d9d580d46-ARN
alt-svc
h3=":443"; ma=86400
t.php
c.statcounter.com/ 		192 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12831077&u1=532FB6BB7A634F24E0592CFE64225947&java=1&security=b7c50e93&sc_snum=1&sess=c61bc8&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//xn--strmsttta-n8ad.no/&t=Str%C3%B8mst%C3%B8tta&invisible=1&sc_rum_e_s=759&sc_rum_e_e=777&sc_rum_f_s=0&sc_rum_f_e=757&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://xn--strmsttta-n8ad.no
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
7e29889d5adeb50c-OSL
expires
Mon, 26 Jul 1997 05:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/ 		344 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4639227442317284&plah=xn--strmsttta-n8ad.no
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4639227442317284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340fa5f4b64c63bb33c5abffc6c2fb07d9b9630506e5925b04f1b2da3ba86c4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121030
x-xss-protection
0
server
cafe
etag
9796214332560322456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 06 Jul 2023 17:23:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/ Frame EC8D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4639227442317284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--strmsttta-n8ad.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
39730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jul 2023 06:20:56 GMT
etag
12368291122986407432
expires
Thu, 20 Jul 2023 06:20:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4VK3XQ5EK5&gtm=45je36s0&_p=2080192191&cid=704942643.1688664187&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688664186&sct=1&seg=0&dl=https%3A%2F%2Fxn--strmsttta-n8ad.no%2F&dt=Str%C3%B8mst%C3%B8tta&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4VK3XQ5EK5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Jul 2023 17:23:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--strmsttta-n8ad.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
07-01_NO1.json
www.hvakosterstrommen.no/api/v1/prices/2023/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hvakosterstrommen.no/api/v1/prices/2023/07-01_NO1.json
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/script5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:7:200::6825:2741 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9cffd3f8adb73a055e4d1d7cd12670b94b48eb25b2735e783063413a3d52ea66

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:07 GMT
last-modified
Fri, 30 Jun 2023 11:04:09 GMT
server
LiteSpeed
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3356
07-02_NO1.json
www.hvakosterstrommen.no/api/v1/prices/2023/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hvakosterstrommen.no/api/v1/prices/2023/07-02_NO1.json
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/script5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:7:200::6825:2741 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3183820f4540144d7bd760ed4a12f746402eb827aeea3d58950971971b38d826

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:07 GMT
last-modified
Sat, 01 Jul 2023 12:06:37 GMT
server
LiteSpeed
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3333
07-03_NO1.json
www.hvakosterstrommen.no/api/v1/prices/2023/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hvakosterstrommen.no/api/v1/prices/2023/07-03_NO1.json
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/script5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:7:200::6825:2741 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bc53899354dc4cbfacc4f2c5ad96b9559fa9632e079547f0c2d7bd7a3b2fdebd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:07 GMT
last-modified
Sun, 02 Jul 2023 11:05:02 GMT
server
LiteSpeed
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3331
07-04_NO1.json
www.hvakosterstrommen.no/api/v1/prices/2023/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hvakosterstrommen.no/api/v1/prices/2023/07-04_NO1.json
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/script5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:7:200::6825:2741 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d969751affad1d331ba96924cddf05f3ceaa3a06afbcb3749583f29fa5404ee4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:07 GMT
last-modified
Mon, 03 Jul 2023 11:08:02 GMT
server
LiteSpeed
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3333
07-05_NO1.json
www.hvakosterstrommen.no/api/v1/prices/2023/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hvakosterstrommen.no/api/v1/prices/2023/07-05_NO1.json
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/script5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:7:200::6825:2741 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6f1f94b0a8339b1771b32be64b19ed14137e36eb083ee5e3cf592e5aa03f28d9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:07 GMT
last-modified
Tue, 04 Jul 2023 11:04:12 GMT
server
LiteSpeed
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3355
07-06_NO1.json
www.hvakosterstrommen.no/api/v1/prices/2023/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hvakosterstrommen.no/api/v1/prices/2023/07-06_NO1.json
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/script5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:7:200::6825:2741 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0784fe3068182c31d32dd832b3d87b7af58c3b02623f33e0f030a2bf912be674

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:07 GMT
last-modified
Wed, 05 Jul 2023 11:05:38 GMT
server
LiteSpeed
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3353
07-07_NO1.json
www.hvakosterstrommen.no/api/v1/prices/2023/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hvakosterstrommen.no/api/v1/prices/2023/07-07_NO1.json
Requested by
Host: xn--strmsttta-n8ad.no
URL: https://xn--strmsttta-n8ad.no/script5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2350:7:200::6825:2741 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5a749f039f8f5050dc55e7f187416433a924f86435f88cce8f2845c588932eb8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://xn--strmsttta-n8ad.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:23:07 GMT
last-modified
Thu, 06 Jul 2023 11:04:13 GMT
server
LiteSpeed
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3353

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend function| __tcfapi object| __ez function| gtag object| dataLayer string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable object| _ezaq string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl function| ezCmpLoading number| ezUserChoice function| handleAcceptAllClick function| handleShowDetailsClick function| handleDeclineClick function| handleShowVendorsClick object| __ezCmpConfig object| adsbygoogle boolean| cmpIsOn object| ezConsentCategories object| __ezconsent function| ezConsentSettings string| ezPreRenderCMP string| ezPreRenderCss function| hideEzCmp function| setEzCmpCookie function| handleEzAdBlock function| checkEzAdBlck number| totprismo number| prisavg number| avgprismomo number| offset string| monthget number| month number| date number| year undefined| loc undefined| kwh undefined| stromstotte undefined| stromstotte_kwh undefined| stromstotte_kwh_round function| getprice function| get function| get_stromstotte function| get_stromstotte2 number| sc_project number| sc_invisible string| sc_security function| __ez_vig_close_wrapper boolean| ezCanEngagePage object| cmpCookies function| newEzVignette function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux object| metricNameMap function| ezlogVital function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey object| webVitals function| setImmediate function| clearImmediate object| nunjucksPrecompiled number| indexKey object| ezCMP function| _statcounter object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ct object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| perf_vals

14 Cookies

Domain/Path Name / Value
.xn--strmsttta-n8ad.no/ Name: ezCMPCCS
Value: false
.xn--strmsttta-n8ad.no/ Name: ezoadgid_420198
Value: -1
.xn--strmsttta-n8ad.no/ Name: ezoref_420198
Value:
.xn--strmsttta-n8ad.no/ Name: ezosuibasgeneris-1
Value: f5553809-4663-4f7f-621e-462bea365a94
.xn--strmsttta-n8ad.no/ Name: ezoab_420198
Value: mod51
.xn--strmsttta-n8ad.no/ Name: lp_420198
Value: https://xn--strmsttta-n8ad.no/
.xn--strmsttta-n8ad.no/ Name: ezovuuidtime_420198
Value: 1688664185
.xn--strmsttta-n8ad.no/ Name: ezovuuid_420198
Value: 32359e3f-b2cc-44b6-68cf-7625ac5aa9a0
.xn--strmsttta-n8ad.no/ Name: ezopvc_420198
Value: 1
.xn--strmsttta-n8ad.no/ Name: sc_is_visitor_unique
Value: rx12831077.1688664186.532FB6BB7A634F24E0592CFE64225947.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12831077.1688664186.0
.statcounter.com/ Name: is_visitor_unique
Value: 1688664186206198542
.xn--strmsttta-n8ad.no/ Name: _ga_4VK3XQ5EK5
Value: GS1.1.1688664186.1.0.1688664186.0.0.0
.xn--strmsttta-n8ad.no/ Name: _ga
Value: GA1.1.704942643.1688664187

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
privacy.gatekeeperconsent.com
region1.google-analytics.com
the.gatekeeperconsent.com
www.googletagmanager.com
www.hvakosterstrommen.no
www.statcounter.com
xn--strmsttta-n8ad.no
104.20.218.77
2001:4860:4802:32::36
2606:4700:3033::6815:1c30
2606:4700:e0::ac40:6113
2a00:1450:4001:808::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a02:2350:7:200::6825:2741
2a05:d014:776:a63d:6339:2a28:fc90:eea
2a05:d014:776:a63f:551c:5660:31da:fe01
0784fe3068182c31d32dd832b3d87b7af58c3b02623f33e0f030a2bf912be674
1867bf805dc843cfc12f92f7daf6e43735ee3ed13cf1f884924e829f194c82bc
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
3183820f4540144d7bd760ed4a12f746402eb827aeea3d58950971971b38d826
340fa5f4b64c63bb33c5abffc6c2fb07d9b9630506e5925b04f1b2da3ba86c4e
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3e31e68c186f1ddf409120a23af4dbe22efcd71668a58be2f6c274b5a9e2592c
4b52f2bf3d110469312cbedd409316b145c19be8cb792a17fa6ba91a91ebb23e
5a749f039f8f5050dc55e7f187416433a924f86435f88cce8f2845c588932eb8
695f0e8796fb891712bebe6683ea3d65fc0238323cb0b5289b4bc5e68782ac65
6cdd7ff8926e4f910228d6053533b4389c2384d7bed6045c029c18850396699a
6f1f94b0a8339b1771b32be64b19ed14137e36eb083ee5e3cf592e5aa03f28d9
6fb4b86dee60edae61e5041d840a1eb0c74bcd44f2c227a5f77e7cff7499a0a6
778a5b19472176d8246917f4243161b3aad8aef71101034aee8192491ab8739a
7de23c3011720b02c873dcc91c5df384b2b63b2638bf3002b6111bef2f95c4f5
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be
988c9bb3b84ce3ef6b23a9b71186b3e2e8f5cd04aae7b334a66f38bc00ea01b6
9cffd3f8adb73a055e4d1d7cd12670b94b48eb25b2735e783063413a3d52ea66
9fc55cf2d55dc61ffb22cc43cc4c71b63a80528b584f4b161751aca59ddf0a5f
b153a3f8193227739a674872a2c179337a59e8928d798b6defa596c98755524e
bc53899354dc4cbfacc4f2c5ad96b9559fa9632e079547f0c2d7bd7a3b2fdebd
cfb125d4d4bb31b8205dc29ed3f26eca990caecb76fc22ed173d23370edb6798
d969751affad1d331ba96924cddf05f3ceaa3a06afbcb3749583f29fa5404ee4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
fc7e6cc0b818a1683d8b1880772be28c13d449e249c1e30e84312289bab759bc