identity.carnegie.se Open in urlscan Pro
40.68.36.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://online.carnegie.se/
Effective URL:
https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&...
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 23 via api (October 23rd 2024, 9:56:54 pm UTC) from IT — Scanned from SE

Summary HTTP 55 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 6 domains to perform 55 HTTP transactions. The main IP is 40.68.36.24, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is identity.carnegie.se.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 2nd 2024. Valid for: a year.

This is the only time identity.carnegie.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.14.90.203 193.14.90.203	1257 (TELE2) (TELE2)
16	193.235.27.94 193.235.27.94	12552 (IPO-EU) (IPO-EU)
9	37.122.251.69 37.122.251.69	51945 (CONNETU) (CONNETU)
2	2606:4700::68... 2606:4700::6812:809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.108.188.9 65.108.188.9	24940 (HETZNER-AS) (HETZNER-AS)
4	20.50.88.238 20.50.88.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 15	40.68.36.24 40.68.36.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	193.235.27.95 193.235.27.95	12552 (IPO-EU) (IPO-EU)
2	20.50.88.232 20.50.88.232	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
55	10

1 193.14.90.203 (Stockholm, Sweden) 1 redirects

ASN1257 (TELE2, EU)
PTR: redirect.portsit.se

online.carnegie.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 193.235.27.94 (Sweden)

ASN12552 (IPO-EU, SE)

pb.carnegie.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.122.251.69 (Lambeth, United Kingdom)

ASN51945 (CONNETU, GB)
PTR: saml.infrontservices.com

wtk.infrontservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:809 (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.188.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.188.108.65.clients.your-server.de

consent.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.50.88.238 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 40.68.36.24 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

identity.carnegie.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.235.27.95 (Sweden)

ASN12552 (IPO-EU, SE)

pbonline-api.carnegie.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.232 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

westeurope-1.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	carnegie.se 2 redirects online.carnegie.se pb.carnegie.se identity.carnegie.se pbonline-api.carnegie.se	1 MB
9	infrontservices.com wtk.infrontservices.com	6 MB
6	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 591 westeurope-1.in.applicationinsights.azure.com — Cisco Umbrella Rank: 117956	69 KB
4	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 785	354 B
2	highcharts.com code.highcharts.com — Cisco Umbrella Rank: 14222	131 KB
1	cookie-script.com consent.cookie-script.com — Cisco Umbrella Rank: 39937
55	6

	Domain	Requested by
16	pb.carnegie.se	pb.carnegie.se identity.carnegie.se
15	identity.carnegie.se	1 redirects pb.carnegie.se identity.carnegie.se
9	wtk.infrontservices.com	pb.carnegie.se identity.carnegie.se
4	dc.services.visualstudio.com	pb.carnegie.se
4	js.monitor.azure.com	pb.carnegie.se identity.carnegie.se js.monitor.azure.com
2	westeurope-1.in.applicationinsights.azure.com	js.monitor.azure.com
2	code.highcharts.com	pb.carnegie.se identity.carnegie.se
1	pbonline-api.carnegie.se	identity.carnegie.se
1	consent.cookie-script.com	pb.carnegie.se
1	online.carnegie.se	1 redirects
55	10

This site contains links to these domains. Also see Links.

Domain
curity.io
pb.carnegie.se
support.bankid.com

Subject Issuer	Validity	Valid
pb.carnegie.se DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-19` - `2025-06-18`	a year	crt.sh
*.infrontservices.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-19` - `2025-05-20`	a year	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2024-08-20` - `2025-08-15`	a year	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-17` - `2025-08-17`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-08` - `2025-09-03`	a year	crt.sh
identity.carnegie.se GlobalSign RSA OV SSL CA 2018	`2024-04-02` - `2025-05-04`	a year	crt.sh
pbonline-api.carnegie.se DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-20` - `2025-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
Frame ID: 857B917B4CD57743BB0FD415E82B6EB9
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Logga in

Page URL History Show full URLs

http://online.carnegie.se/ HTTP 307
https://online.carnegie.se/ HTTP 301
https://pb.carnegie.se/ Page URL
https://identity.carnegie.se/oauth/v2/oauth-authorize?client_id=portal&redirect_uri=https%3a%2f%2fpb.carn... HTTP 302
https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv... Page URL

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

96 %
HTTPS

20 %
IPv6

6
Domains

10
Subdomains

10
IPs

5
Countries

7674 kB
Transfer

16802 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://curity.io/

Search URL Search Domain Scan URL

URL: https://pb.carnegie.se/login/support?lang=sv
Title: Kontakta support

Search URL Search Domain Scan URL

URL: https://support.bankid.com/sv
Title: Hjälp med BankID

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://online.carnegie.se/ HTTP 307
https://online.carnegie.se/ HTTP 301
https://pb.carnegie.se/ Page URL
https://identity.carnegie.se/oauth/v2/oauth-authorize?client_id=portal&redirect_uri=https%3a%2f%2fpb.carnegie.se&response_type=code&state=CeZeNGWulpJ1ZtHaVtTq8pDFIs7WJLeAugDKgWzt2EM&code_challenge=FlM2MtJfMYJVT4CkiktxV0KxnFoDllWnaoTq2GUz_Og&code_challenge_method=S256&scope=openid+profile+impersonation&ui_locales=sv HTTP 302
https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://online.carnegie.se/ HTTP 307
https://online.carnegie.se/ HTTP 301
https://pb.carnegie.se/

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
pb.carnegie.se/
Redirect Chain

http://online.carnegie.se/
https://online.carnegie.se/
https://pb.carnegie.se/

12 KB
4 KB

287ms
74ms

Document
text/html

193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

83171abd52e6ea4ba9f7201a0ae66e23f404e58fad6a859c15938618a7efc44e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://identity.carnegie.se
cache-control: no-cache
content-encoding: gzip
content-length: 3102
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
content-type: text/html
date: Wed, 23 Oct 2024 21:56:45 GMT
etag: "80be46fa9c24db1:0"
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: ASP.NET

Redirect headers

age: 5903
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Oct 2024 20:18:21 GMT
expires: Wed, 23 Oct 2024 22:56:41 GMT
location: https://pb.carnegie.se/
server: Apache/2.4.62 (Debian)
via: 1.1 varnish (Varnish/7.1) 1.1 varnish (Varnish/7.1) 1.1 varnish (Varnish/6.1)
x-forward-answer: ok
x-varnish: 257641608 279256954 12652340 4257343

GET
H2 200 cookie-script.js Show response
pb.carnegie.se/ 155 KB
27 KB 77ms
73ms Script
application/javascript 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/cookie-script.js

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

332b1b9e6b3ffae2c2e6fd83d0411ebd95b0816953a1da9ac3ddcedc0da08bad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
content-encoding: gzip
etag: "80be46fa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 27125
date: Wed, 23 Oct 2024 21:56:45 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 InfrontFramework-3.11.19.css
wtk.infrontservices.com/css/ 740 KB
741 KB 724ms
473ms Stylesheet
text/css 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/css/InfrontFramework-3.11.19.css
Requested by: Host: pb.carnegie.se
URL: https://pb.carnegie.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cfeb1921f27ec48116717eae4bda5c8b08fabad74ddca745f3adfa80712aea9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

etag: "0639eab3cfdda1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 757860
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: text/css
last-modified: Mon, 02 Sep 2024 13:33:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 theme.css
wtk.infrontservices.com/themes/light-3.11.19/ 352 KB
352 KB 1049ms
798ms Stylesheet
text/css 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/themes/light-3.11.19/theme.css
Requested by: Host: pb.carnegie.se
URL: https://pb.carnegie.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bfb0a3efc3fd16020a122d9a9c032c4e6880d003551d9294c338453ff6a63fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

etag: "09ef6b33cfdda1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 360052
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: text/css
last-modified: Mon, 02 Sep 2024 13:33:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CommonFramework-2.11.19.min.js Show response
wtk.infrontservices.com/js/ 2 MB
2 MB 157ms
156ms Script
application/javascript 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/js/CommonFramework-2.11.19.min.js
Requested by: Host: pb.carnegie.se
URL: https://pb.carnegie.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b447d7290608bb86931c99f661302046f1433eef242560d45af981fa8a29f29b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

etag: "0533170b410db1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1769308
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 08:08:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 InfrontUI-3.11.19.min.js Show response
wtk.infrontservices.com/js/ 3 MB
3 MB 280ms
280ms Script
application/javascript 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/js/InfrontUI-3.11.19.min.js
Requested by: Host: pb.carnegie.se
URL: https://pb.carnegie.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: daf94dc021e938a79e81342363351deb23f7fa99f278bf41850ac876921a902e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

etag: "07d2d19b810db1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3295171
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 08:34:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 sv.js Show response
wtk.infrontservices.com/languages/ 34 KB
34 KB 394ms
393ms Script
application/javascript 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/languages/sv.js
Requested by: Host: pb.carnegie.se
URL: https://pb.carnegie.se/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 73b94ff5b41e25f1cfa80b3ec2e0d503899acd83e1abe8f6f87f911eba99f061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

etag: "071c5b23cfdda1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34640
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: application/javascript
last-modified: Mon, 02 Sep 2024 13:33:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 highstock.js Show response
code.highcharts.com/stock/9.3.3/ 394 KB
131 KB 226ms
80ms Script
text/javascript 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/stock/9.3.3/highstock.js
Requested by: Host: pb.carnegie.se
URL: https://pb.carnegie.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7f7fd7ea8033391d5223c9c2c3a73800c549ffd0aaf44510a38323a9ad5a55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "9131436dee7fb8e31fb856ea46635191"
age: 653062
expires: Mon, 22 Oct 2029 21:56:47 GMT
date: Wed, 23 Oct 2024 21:56:47 GMT
content-type: text/javascript
last-modified: Tue, 01 Feb 2022 10:56:02 GMT
vary: Accept-Encoding
x-amz-id-2: 6IqQ+RFQwVzBVux5yDNaXpRpDYJ+YblRxJUhzHKfy3abiSuAHSPR8m0WlKKtf9qwKV4wLHFtrL4=
cache-control: public, max-age=157680000
cf-ray: 8d74faa3fc63b529-OSL
x-amz-request-id: 6JY3X54613A2ANGP
accept-ranges: bytes
content-length: 133881
server: cloudflare

GET
H2 200 index-DZTiEaWa.js Show response
pb.carnegie.se/assets/ 1 MB
466 KB 218ms
216ms Script
application/javascript 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/assets/index-DZTiEaWa.js

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

408ae215e82f90a3b82e34617da2cb237dadd897b38292a045cdf8ed64c2ae83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pb.carnegie.se
Referer: https://pb.carnegie.se/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
content-encoding: gzip
etag: "cec111fa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
date: Wed, 23 Oct 2024 21:56:45 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 16:10:56 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 index-DGI0IJNJ.css
pb.carnegie.se/assets/ 2 MB
245 KB 290ms
288ms Stylesheet
text/css 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/assets/index-DGI0IJNJ.css

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f825b50fc7d9ae8ba26d0b04ecefebb0a74492071a792f93c06868809b53f29c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pb.carnegie.se
Referer: https://pb.carnegie.se/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
content-encoding: gzip
etag: "595fffa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
date: Wed, 23 Oct 2024 21:56:45 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 16:10:56 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 chrome.png
pb.carnegie.se/images/ 20 KB
20 KB 147ms
145ms Image
image/png 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.carnegie.se/images/chrome.png

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

086d75d2d9f9c7f4430a5182f6c35efa5abc91535ac26677929877de2688acff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
etag: "235a8bfa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 20618
date: Wed, 23 Oct 2024 21:56:45 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 edge.png
pb.carnegie.se/images/ 28 KB
28 KB 216ms
215ms Image
image/png 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.carnegie.se/images/edge.png

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

637a493048d27e15038e8df492e9fddac7e71adda9b7b0cb9574a12d5092d537

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
etag: "235a8bfa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 28615
date: Wed, 23 Oct 2024 21:56:45 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 env.js Show response
pb.carnegie.se/ 0
73 B 73ms
73ms Script
application/javascript 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/env.js

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
etag: "283384fa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 0
date: Wed, 23 Oct 2024 21:56:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

OPTIONS
H2 200 ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 0
0 382ms
215ms Preflight 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: request-id,traceparent
Access-Control-Request-Method: GET
Origin: https://pb.carnegie.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: request-id,traceparent
access-control-allow-methods: GET
access-control-allow-origin: https://pb.carnegie.se
access-control-max-age: 86400
content-length: 0
date: Wed, 23 Oct 2024 21:56:48 GMT
x-azure-ref: 20241023T215648Z-17fcd6b6466kxm82pmqyq25ht000000008w0000000002221
x-cache: TCP_MISS
x-ms-request-id: fc0f057a-101e-0093-1296-251bd5000000
x-ms-version: 2014-02-14

GET
H2 200 ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 1 KB
903 B 45ms
45ms Fetch
application/json 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by: Host: pb.carnegie.se
URL: https://pb.carnegie.se/assets/index-DZTiEaWa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

request-id: |3b7f193508c645838039e011eb25c0ec.bd7fd88a2b744f81
traceparent: 00-3b7f193508c645838039e011eb25c0ec-bd7fd88a2b744f81-01
Referer: https://pb.carnegie.se/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

x-azure-ref: 20241023T215648Z-17fcd6b6466kxm82pmqyq25ht000000008w0000000002224
cache-control: public, max-age=1800, immutable, no-transform
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 4c444712-c01e-0049-72ed-1d6faa000000
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.config.1.0.0.cfg.json
access-control-allow-origin: *
x-cache: TCP_HIT
x-ms-meta-aijssdkver: 1.0.0
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 18:24:43 GMT

OPTIONS
H2 200 analytics
consent.cookie-script.com/ 0
0 336ms
190ms Preflight
application/json 65.108.188.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1729720608225&script=0416a8dd6c497cf283f6cd19f814a428&category=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.108.188.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.188.108.65.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: request-id,traceparent
Access-Control-Request-Method: GET
Origin: https://pb.carnegie.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://pb.carnegie.se
content-length: 1
content-type: application/json
date: Wed, 23 Oct 2024 21:56:48 GMT
server: nginx/1.18.0 (Ubuntu)
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-apigw-id: AH6dIEgcDoEESWw=
x-amz-cf-id: EE64kXdEN4ZLgWr5iM8Knlbgoff-G80IySJOEhWcaUt4Q-kKQAThaA==
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: dcf8b326-32b6-4bca-a953-69d4f174d32a
x-cache: Miss from cloudfront

GET analytics
consent.cookie-script.com/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f9597d4ccf2494d2fc65b67107620311558c5458cf7c048ad2b222f1853ec02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 favicon-32x32@1x.png
pb.carnegie.se/images/icons/ 2 KB
2 KB 74ms
74ms Other
image/png 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/images/icons/favicon-32x32@1x.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

54d67404dfcb4451712bd7ffc674c2e4ac6826a70cedd1bcdab5d5fb32d8a131

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pb.carnegie.se/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
etag: "fb1e90fa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 1694
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

POST
H2 401 refresh Show response
pb.carnegie.se/api/oauth-agent/ 88 B
592 B 79ms
79ms Fetch
application/json 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/api/oauth-agent/refresh

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/assets/index-DZTiEaWa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ARR/3.0, ASP.NET

Resource Hash

5b0381eb75f72c8f67ef043c3048ce249e6e603a44473153679ede2f2a290604

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';, default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

request-id: |3b7f193508c645838039e011eb25c0ec.41d6d4a044c049bc
traceparent: 00-3b7f193508c645838039e011eb25c0ec-41d6d4a044c049bc-01
Referer: https://pb.carnegie.se/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

access-control-expose-headers: Content-Disposition,environment-name
content-encoding: br
expect-ct: max-age=0, enforce, report-uri="https://example.report-uri.com/r/d/ct/enforce"
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';, default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
access-control-allow-credentials: true, true
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:b53af48c-8585-4810-a4c3-a509b71be9f2
access-control-allow-origin: https://pb.carnegie.se, https://identity.carnegie.se
content-length: 92
x-powered-by: ARR/3.0, ASP.NET
server: Microsoft-IIS/10.0

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 376ms
116ms Preflight 20.50.88.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://pb.carnegie.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 23 Oct 2024 21:56:48 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track
dc.services.visualstudio.com/v2/ 96 B
200 B 64ms
62ms XHR
application/json 20.50.88.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/assets/index-DZTiEaWa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pb.carnegie.se/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

POST
H2 200 end Show response
pb.carnegie.se/api/oauth-agent/login/ 46 B
281 B 78ms
77ms Fetch
application/json 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/api/oauth-agent/login/end

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/assets/index-DZTiEaWa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ARR/3.0, ASP.NET

Resource Hash

9320748f268c7e78980542ccd36bf63b4ee6077bee092365760cdb471ff0aa50

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';, default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

request-id: |3b7f193508c645838039e011eb25c0ec.80282330314e48c8
traceparent: 00-3b7f193508c645838039e011eb25c0ec-80282330314e48c8-01
Referer: https://pb.carnegie.se/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

access-control-expose-headers: Content-Disposition,environment-name
content-encoding: br
expect-ct: max-age=0, enforce, report-uri="https://example.report-uri.com/r/d/ct/enforce"
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';, default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
access-control-allow-credentials: true, true
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:b53af48c-8585-4810-a4c3-a509b71be9f2
access-control-allow-origin: https://pb.carnegie.se, https://identity.carnegie.se
content-length: 50
x-powered-by: ARR/3.0, ASP.NET
server: Microsoft-IIS/10.0

POST
H2 200 start
pb.carnegie.se/api/oauth-agent/login/ 346 B
1 KB 79ms
77ms Fetch
application/json 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/api/oauth-agent/login/start

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/assets/index-DZTiEaWa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ARR/3.0, ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';, default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

request-id: |3b7f193508c645838039e011eb25c0ec.1511b04cc41c4aba
traceparent: 00-3b7f193508c645838039e011eb25c0ec-1511b04cc41c4aba-01
Referer: https://pb.carnegie.se/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

access-control-expose-headers: Content-Disposition,environment-name
content-encoding: br
expect-ct: max-age=0, enforce, report-uri="https://example.report-uri.com/r/d/ct/enforce"
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';, default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
access-control-allow-credentials: true, true
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:b53af48c-8585-4810-a4c3-a509b71be9f2
access-control-allow-origin: https://pb.carnegie.se, https://identity.carnegie.se
content-length: 294
x-powered-by: ARR/3.0, ASP.NET
server: Microsoft-IIS/10.0

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 136ms
117ms Preflight 20.50.88.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://pb.carnegie.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 23 Oct 2024 21:56:48 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

Primary Request authentication Show response
identity.carnegie.se/authn/
Redirect Chain

https://identity.carnegie.se/oauth/v2/oauth-authorize?client_id=portal&redirect_uri=https%3a%2f%2fpb.carnegie.se&response_type=code&state=CeZeNGWulpJ1ZtHaVtTq8pDFIs7WJLeAugDKgWzt2EM&code_challenge=...
https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

32 KB
33 KB

150ms
149ms

Document
text/html

40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/assets/index-DZTiEaWa.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

549b5b2f95a7cb18c47bb524485f1ec1f9c7ab513c2cd0d1f9bda94a56da0602

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.prod.services.carnegie.se
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pb.carnegie.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Language: sv
Content-Length: 32688
Content-Security-Policy: frame-ancestors https://*.prod.services.carnegie.se
Content-Type: text/html;charset=utf-8
Date: Wed, 23 Oct 2024 21:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Language
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Security-Policy: frame-ancestors https://*.prod.services.carnegie.se
Date: Wed, 23 Oct 2024 21:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

POST
H2 200 track
dc.services.visualstudio.com/v2/ 96 B
154 B 65ms
62ms Fetch
application/json 20.50.88.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: pb.carnegie.se
URL: https://pb.carnegie.se/assets/index-DZTiEaWa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pb.carnegie.se/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
sdk-context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

POST track
dc.services.visualstudio.com/v2/ 0
0

GET
H2 200 InfrontFramework-3.11.19.css
wtk.infrontservices.com/css/ 740 KB
0 1ms
1ms Stylesheet
text/css 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/css/InfrontFramework-3.11.19.css
Requested by: Host: identity.carnegie.se
URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cfeb1921f27ec48116717eae4bda5c8b08fabad74ddca745f3adfa80712aea9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

etag: "0639eab3cfdda1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 757860
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: text/css
last-modified: Mon, 02 Sep 2024 13:33:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 theme.css
wtk.infrontservices.com/themes/light-3.11.19/ 352 KB
0 3ms
3ms Stylesheet
text/css 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/themes/light-3.11.19/theme.css
Requested by: Host: identity.carnegie.se
URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bfb0a3efc3fd16020a122d9a9c032c4e6880d003551d9294c338453ff6a63fa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

etag: "09ef6b33cfdda1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 360052
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: text/css
last-modified: Mon, 02 Sep 2024 13:33:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 InfrontUI-3.11.19.min.js Show response
wtk.infrontservices.com/js/ 3 MB
0 3ms
3ms Script
application/javascript 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/js/InfrontUI-3.11.19.min.js
Requested by: Host: identity.carnegie.se
URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: daf94dc021e938a79e81342363351deb23f7fa99f278bf41850ac876921a902e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

etag: "07d2d19b810db1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3295171
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 08:34:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 highstock.js Show response
code.highcharts.com/stock/9.3.3/ 394 KB
0 4ms
4ms Script
text/javascript 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/stock/9.3.3/highstock.js
Requested by: Host: identity.carnegie.se
URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7f7fd7ea8033391d5223c9c2c3a73800c549ffd0aaf44510a38323a9ad5a55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "9131436dee7fb8e31fb856ea46635191"
age: 653062
expires: Mon, 22 Oct 2029 21:56:47 GMT
date: Wed, 23 Oct 2024 21:56:47 GMT
content-type: text/javascript
last-modified: Tue, 01 Feb 2022 10:56:02 GMT
vary: Accept-Encoding
x-amz-id-2: 6IqQ+RFQwVzBVux5yDNaXpRpDYJ+YblRxJUhzHKfy3abiSuAHSPR8m0WlKKtf9qwKV4wLHFtrL4=
cache-control: public, max-age=157680000
cf-ray: 8d74faa3fc63b529-OSL
x-amz-request-id: 6JY3X54613A2ANGP
accept-ranges: bytes
content-length: 133881
server: cloudflare

GET
H2 200 cookie-script.js Show response
pb.carnegie.se/ 155 KB
0 4ms
4ms Script
application/javascript 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/cookie-script.js

Requested by

Host: identity.carnegie.se
URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

332b1b9e6b3ffae2c2e6fd83d0411ebd95b0816953a1da9ac3ddcedc0da08bad

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;

X-Content-Type-Options

nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
content-encoding: gzip
etag: "80be46fa9c24db1:0"
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 27125
date: Wed, 23 Oct 2024 21:56:45 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 sv.js Show response
wtk.infrontservices.com/languages/ 34 KB
0 4ms
4ms Script
application/javascript 37.122.251.69
CONNETU

General

Check archive.org

Show headers Download Go to

Full URL: https://wtk.infrontservices.com/languages/sv.js
Requested by: Host: identity.carnegie.se
URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.122.251.69 Lambeth, United Kingdom, ASN51945 (CONNETU, GB),
Reverse DNS: saml.infrontservices.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 73b94ff5b41e25f1cfa80b3ec2e0d503899acd83e1abe8f6f87f911eba99f061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

etag: "071c5b23cfdda1:0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34640
date: Wed, 23 Oct 2024 21:56:46 GMT
content-type: application/javascript
last-modified: Mon, 02 Sep 2024 13:33:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 Roboto-Medium.woff2
pb.carnegie.se/fonts/ 12 KB
4 KB 227ms
73ms Font
text/html 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/fonts/Roboto-Medium.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

908215a820c99f68c6fe6caf8cbfa5e6379101d6950603fec8729e14fe505c64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/

Response headers

content-encoding: gzip
etag: "80be46fa9c24db1:0"
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: text/html
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 3102
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H2 200 Roboto-Regular.woff2
pb.carnegie.se/fonts/ 12 KB
3 KB 228ms
74ms Font
text/html 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/fonts/Roboto-Regular.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

908215a820c99f68c6fe6caf8cbfa5e6379101d6950603fec8729e14fe505c64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/

Response headers

content-encoding: gzip
etag: "80be46fa9c24db1:0"
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: text/html
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 3102
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H2 200 CarnegieSans.woff2
pb.carnegie.se/fonts/ 12 KB
3 KB 228ms
74ms Font
text/html 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/fonts/CarnegieSans.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

908215a820c99f68c6fe6caf8cbfa5e6379101d6950603fec8729e14fe505c64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/

Response headers

content-encoding: gzip
etag: "80be46fa9c24db1:0"
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: text/html
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 3102
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H2 200 CarnegieSans-Book.woff2
pb.carnegie.se/fonts/ 12 KB
3 KB 229ms
76ms Font
text/html 193.235.27.94
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.carnegie.se/fonts/CarnegieSans-Book.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.94 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

908215a820c99f68c6fe6caf8cbfa5e6379101d6950603fec8729e14fe505c64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/

Response headers

content-encoding: gzip
etag: "80be46fa9c24db1:0"
x-content-type-options: nosniff
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: text/html
last-modified: Tue, 22 Oct 2024 16:10:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' *.carnegie.se *.direkt.se *.dynamics.com *.vimeocdn.com data:; font-src 'self'; frame-src 'self' *.vimeo.com *.soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' *.carnegie.se; connect-src 'self' https://*.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://identity.carnegie.se
content-length: 3102
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H/1.1 200
OK main.css
identity.carnegie.se/assets/css/ 129 KB
22 KB 77ms
75ms Stylesheet
text/css 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/css/main.css?v=9.5.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

896de108f959accd84854640895fe2a615a764d740a2c2094ec2c333fc145520

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=2628000
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Wed, 23 Oct 2024 21:56:48 GMT
Content-Type: text/css;charset=utf-8
Vary: Accept-Encoding

GET
H/1.1 200
OK curity-custom-theme.css
identity.carnegie.se/theme/ 188 B
451 B 145ms
65ms Stylesheet
text/css 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/theme/curity-custom-theme.css?v=E4E09D4FDF54D9868E4E049B262DAE17

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0be4a29c579d9aac4e323c6a3c8196d726f5e6bcf188a51f03d65b5fc9691bff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Content-Security-Policy: frame-ancestors 'none'
Connection: keep-alive
X-Content-Type-Options: nosniff
Content-Length: 188
Date: Wed, 23 Oct 2024 21:56:49 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
X-Frame-Options: DENY

GET
H/1.1 200
OK duplo.css
identity.carnegie.se/assets/css/ 2 MB
152 KB 265ms
146ms Stylesheet
text/css 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/css/duplo.css?v=9.5.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7723f164176f31915e1fa394b882e4bed2a8dcaac853f2730ddb5e243a7f2883

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=2628000
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: text/css;charset=utf-8
Vary: Accept-Encoding

GET
H/1.1 200
OK duplo-vanilla.css
identity.carnegie.se/assets/css/ 7 KB
2 KB 185ms
66ms Stylesheet
text/css 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/css/duplo-vanilla.css?v=9.5.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5dd237100e77180f226c766b8c3ea67c89daa6e490822f832c869eb2c18256a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=2628000
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: text/css;charset=utf-8
Vary: Accept-Encoding

GET
H/1.1 200
OK carnegie.css
identity.carnegie.se/assets/css/ 9 KB
3 KB 217ms
97ms Stylesheet
text/css 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/css/carnegie.css?v=9.5.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9a524af7812e7da8a65bdc315e0401f8cc172c0bcb66738d3ee019c8a17aeb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=2628000
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: text/css;charset=utf-8
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
identity.carnegie.se/assets/js/lib/ 87 KB
31 KB 86ms
86ms Script
application/javascript 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/js/lib/jquery-3.5.1.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=2628000
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: application/javascript;charset=utf-8
Vary: Accept-Encoding

GET
H2 200 ai.3.gbl.min.js Show response
js.monitor.azure.com/scripts/b/ 143 KB
68 KB 85ms
85ms Script
text/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js
Requested by: Host: identity.carnegie.se
URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 600d578752ad2581b1b8576ce45d75b7e2517c7ff146900e65aa416eb6da14f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/

Response headers

x-azure-ref: 20241023T215649Z-17fcd6b6466kxm82pmqyq25ht000000008w000000000222d
cache-control: no-transform, public, max-age=1800, immutable
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: fbd22d40-901e-0069-39d6-1df993000000
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.3.3.3.gbl.min.js
access-control-allow-origin: *
x-cache: TCP_HIT
x-ms-meta-aijssdkver: 3.3.3
date: Wed, 23 Oct 2024 21:56:49 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 07 Oct 2024 17:22:51 GMT

GET
H/1.1 200
OK carnegie-logotype.svg
identity.carnegie.se/assets/images/ 7 KB
4 KB 70ms
69ms Image
image/svg+xml 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.carnegie.se/assets/images/carnegie-logotype.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ffead2d8f1115d88009faeda5d425bf0e73c6faae8be3fa2d6b2082aaec2263d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=2628000
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding

GET
H/1.1 200
OK login-symbol-computer.svg
identity.carnegie.se/assets/images/ 9 KB
4 KB 68ms
67ms Image
image/svg+xml 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.carnegie.se/assets/images/login-symbol-computer.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e673507e5f23adb50047aeec2fd7b7f80db781e3240904c718a73a7c31c57906

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=2628000
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding

GET
H/1.1 200
OK CarnegieSans-Book-subset.woff2
identity.carnegie.se/assets/fonts/ 12 KB
12 KB 73ms
72ms Font
font/woff2 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/fonts/CarnegieSans-Book-subset.woff2

Requested by

Host: identity.carnegie.se
URL: https://identity.carnegie.se/assets/css/carnegie.css?v=9.5.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1895e76bf143ace49f5baebebe381a2b3693a227c3e8c7208e1314457c0579c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/assets/css/carnegie.css?v=9.5.1

Response headers

Cache-Control: public, max-age=2628000
Content-Length: 12400
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: font/woff2
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Roboto-Regular-subset.woff2
identity.carnegie.se/assets/fonts/ 12 KB
12 KB 67ms
66ms Font
font/woff2 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/fonts/Roboto-Regular-subset.woff2

Requested by

Host: identity.carnegie.se
URL: https://identity.carnegie.se/assets/css/carnegie.css?v=9.5.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ab4b3239931ff0680ed24078520d43c7424d92823035102cb0b31c10952f18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/assets/css/carnegie.css?v=9.5.1

Response headers

Cache-Control: public, max-age=2628000
Content-Length: 12200
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: font/woff2
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Roboto-Medium-subset.woff2
identity.carnegie.se/assets/fonts/ 12 KB
12 KB 71ms
71ms Font
font/woff2 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/fonts/Roboto-Medium-subset.woff2

Requested by

Host: identity.carnegie.se
URL: https://identity.carnegie.se/assets/css/carnegie.css?v=9.5.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

283caa1a545eca39d6c7f021a4d48f2d72a5397c075c05db33aa79cbde0ec152

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://identity.carnegie.se
Referer: https://identity.carnegie.se/assets/css/carnegie.css?v=9.5.1

Response headers

Cache-Control: public, max-age=2628000
Content-Length: 12016
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: font/woff2
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H2 200 system-messages Show response
pbonline-api.carnegie.se/notification/ 80 B
691 B 315ms
113ms Fetch
application/json 193.235.27.95
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://pbonline-api.carnegie.se/notification/system-messages?languageCode=sv&routes=/login

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.235.27.95 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a92592d28c8ace20bf1e76f05cd57402f42471e776b7c1355cbc5ed76878f728

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

strict-transport-security: max-age=5184000; includeSubDomains; preload
content-security-policy: base-uri 'self';object-src 'none';block-all-mixed-content;font-src 'self';form-action 'self';frame-ancestors 'none';frame-src 'none';img-src 'self' data: https:;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';
access-control-expose-headers: Content-Disposition,environment-name
content-encoding: br
expect-ct: max-age=0, enforce, report-uri="https://example.report-uri.com/r/d/ct/enforce"
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:b53af48c-8585-4810-a4c3-a509b71be9f2
access-control-allow-origin: https://identity.carnegie.se
date: Wed, 23 Oct 2024 21:56:49 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
server: Microsoft-IIS/10.0

GET
H/1.1 200
OK image-003.jpg
identity.carnegie.se/assets/images/login/ 303 KB
303 KB 164ms
128ms Image
image/jpeg 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.carnegie.se/assets/images/login/image-003.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

096f9e236dff993b62a6186e787eb4fa400b6bf53af68a90e88a57fd6641e267

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Cache-Control: public, max-age=2628000
Content-Length: 310225
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: image/jpeg
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H2 200 ai.config.1.cfg.json Show response
js.monitor.azure.com/scripts/b/ 1 KB
0 0ms
0ms Fetch
application/json 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/

Response headers

x-azure-ref: 20241023T215648Z-17fcd6b6466kxm82pmqyq25ht000000008w0000000002224
cache-control: public, max-age=1800, immutable, no-transform
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 4c444712-c01e-0049-72ed-1d6faa000000
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.config.1.0.0.cfg.json
access-control-allow-origin: *
x-cache: TCP_HIT
x-ms-meta-aijssdkver: 1.0.0
date: Wed, 23 Oct 2024 21:56:48 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 18:24:43 GMT

GET
H/1.1 200
OK favicon.png
identity.carnegie.se/assets/images/ 429 B
628 B 68ms
68ms Other
image/png 40.68.36.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.carnegie.se/assets/images/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.68.36.24 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

017088c67ebe4faaeb2f234bff2fd2ea7bdc8a14ef62d665211a4d60f20c3d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal

Response headers

Cache-Control: public, max-age=2628000
Content-Length: 429
Date: Wed, 23 Oct 2024 21:56:49 GMT
Content-Type: image/png
Connection: keep-alive
X-Content-Type-Options: nosniff

OPTIONS
H2 204 track
westeurope-1.in.applicationinsights.azure.com/v2/ 0
0 349ms
117ms Preflight 20.50.88.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://westeurope-1.in.applicationinsights.azure.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.232 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://identity.carnegie.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 23 Oct 2024 21:56:49 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
westeurope-1.in.applicationinsights.azure.com/v2/ 62 B
166 B 63ms
61ms XHR
application/json 20.50.88.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://westeurope-1.in.applicationinsights.azure.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.232 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://identity.carnegie.se/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Wed, 23 Oct 2024 21:56:49 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: consent.cookie-script.com
URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1729720608225&script=0416a8dd6c497cf283f6cd19f814a428&category=

Domain: dc.services.visualstudio.com
URL: https://dc.services.visualstudio.com/v2/track

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
identity.carnegie.se/authn/authentication	1969-12-31 23:59:59	Name: _oq Value: ###61b2ec1c7d45ca6990d70fed06c1e776ed5ab72540adba0d04df2bdac30ebf0a
.highcharts.com/	1969-12-31 23:59:59	Name: _cfuvid Value: OTIrB20BLZ5hLkA.hP6CS8pMxVJj2O5k4pbKxHPLiBk-1729720607372-0.0.1.1-604800000
pb.carnegie.se/	1970-01-21 01:11:52	Name: CookieScriptConsent Value: %7B%22bannershown%22%3A1%7D
pb.carnegie.se/	1969-12-31 23:59:59	Name: portal-login Value: AWficP7s01RWJP51pjazsS1QtGEO4Mi1S2NlhJtkdOzMmJyj7yPvz7uIASvXd09PZoL7fA-pXAZnSioYopqetcz9XICr6fmEEcP-HTaAMgkb6la8CFQCof0KK_zdWdjcbilw85kfIN6nMGWQyj293IRtM7ne5BC6jxEhXdHaflKzlX_7Oas-zXzdcXVW3BtNBw
identity.carnegie.se/	1970-01-21 10:04:40	Name: username Value: eyJsb2MiOiJzdiJ9###85a9f4d6f8b662430297ab1bfcd74dcefadb1917e356bca0765ae266f5e7c4a9
identity.carnegie.se/	1970-01-21 10:04:40	Name: _username Value: eyJsb2MiOiJzdiJ9###85a9f4d6f8b662430297ab1bfcd74dcefadb1917e356bca0765ae266f5e7c4a9
identity.carnegie.se/	1969-12-31 23:59:59	Name: ssm Value: ssm
identity.carnegie.se/	1970-01-21 00:28:42	Name: sessionid Value: 67197120-9e72c673-5008-4d0b-9977-e2c429309c2f###768b50be363166e65bf8dbad7b3a0c5de20ca7e05db9a8644441dfddb9752ea7
identity.carnegie.se/	1970-01-21 00:28:42	Name: _sessionid Value: 67197120-9e72c673-5008-4d0b-9977-e2c429309c2f###768b50be363166e65bf8dbad7b3a0c5de20ca7e05db9a8644441dfddb9752ea7
identity.carnegie.se/	1970-01-21 09:14:16	Name: ai_user Value: cEMNKVT6DV1JE9yevYNZ6X\|2024-10-23T21:56:49.558Z
identity.carnegie.se/	1970-01-21 00:28:42	Name: ai_session Value: prK0El7yUuEbhWSPpE8d3R\|1729720609576\|1729720609576

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pb.carnegie.se/api/oauth-agent/refresh Message: Failed to load resource: the server responded with a status of 401 ()
javascript	error	URL: https://pb.carnegie.se/ Message: Access to XMLHttpRequest at 'https://consent.cookie-script.com/analytics?action=firstshown&time=1729720608225&script=0416a8dd6c497cf283f6cd19f814a428&category=' from origin 'https://pb.carnegie.se' has been blocked by CORS policy: Request header field request-id is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1729720608225&script=0416a8dd6c497cf283f6cd19f814a428&category= Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://wtk.infrontservices.com/css/InfrontFramework-3.11.19.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://pb.carnegie.se/fonts/Roboto-Medium.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://pb.carnegie.se/fonts/CarnegieSans.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://pb.carnegie.se/fonts/CarnegieSans-Book.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://pb.carnegie.se/cookie-script.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://pb.carnegie.se/fonts/Roboto-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://wtk.infrontservices.com/js/InfrontUI-3.11.19.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://code.highcharts.com/stock/9.3.3/highstock.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://wtk.infrontservices.com/languages/sv.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.carnegie.se/authn/authentication?serviceProviderId=token-service&resumePath=%2Foauth%2Fv2%2Foauth-authorize&state=R_zXnvus9MMlp4PAjIlkpcmt10nWsOiE9t&client_id=portal Message: The resource https://wtk.infrontservices.com/themes/light-3.11.19/theme.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data:; script-src 'self' 'unsafe-inline' https://cdn.cookie-script.com https://wtk.infrontservices.com https://code.highcharts.com; style-src 'self' 'unsafe-inline' https://wtk.infrontservices.com; img-src 'self' .carnegie.se .direkt.se .dynamics.com .vimeocdn.com data:; font-src 'self'; frame-src 'self' .vimeo.com .soundcloud.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self' .carnegie.se; connect-src 'self' https://.infrontservices.com https://carnegie.cloud.eu.infrontservices.com https://dc.services.visualstudio.com/v2/track https://dc.applicationinsights.azure.com/v2/track https://dc.applicationinsights.microsoft.com/v2/track https://consent.cookie-script.com https://cdn.cookie-script.com https://wtk.infrontservices.com https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json wss://*.infrontservices.com wss://login.infrontservices.com wss://login1.infrontservices.com wss://login2.infrontservices.com wss://login3.infrontservices.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.highcharts.com
consent.cookie-script.com
dc.services.visualstudio.com
identity.carnegie.se
js.monitor.azure.com
online.carnegie.se
pb.carnegie.se
pbonline-api.carnegie.se
westeurope-1.in.applicationinsights.azure.com
wtk.infrontservices.com
consent.cookie-script.com
dc.services.visualstudio.com
193.14.90.203
193.235.27.94
193.235.27.95
20.50.88.232
20.50.88.238
2606:4700::6812:809
2620:1ec:bdf::64
37.122.251.69
40.68.36.24
65.108.188.9
017088c67ebe4faaeb2f234bff2fd2ea7bdc8a14ef62d665211a4d60f20c3d07
086d75d2d9f9c7f4430a5182f6c35efa5abc91535ac26677929877de2688acff
096f9e236dff993b62a6186e787eb4fa400b6bf53af68a90e88a57fd6641e267
0be4a29c579d9aac4e323c6a3c8196d726f5e6bcf188a51f03d65b5fc9691bff
1895e76bf143ace49f5baebebe381a2b3693a227c3e8c7208e1314457c0579c6
283caa1a545eca39d6c7f021a4d48f2d72a5397c075c05db33aa79cbde0ec152
332b1b9e6b3ffae2c2e6fd83d0411ebd95b0816953a1da9ac3ddcedc0da08bad
3f9597d4ccf2494d2fc65b67107620311558c5458cf7c048ad2b222f1853ec02
408ae215e82f90a3b82e34617da2cb237dadd897b38292a045cdf8ed64c2ae83
549b5b2f95a7cb18c47bb524485f1ec1f9c7ab513c2cd0d1f9bda94a56da0602
54d67404dfcb4451712bd7ffc674c2e4ac6826a70cedd1bcdab5d5fb32d8a131
5b0381eb75f72c8f67ef043c3048ce249e6e603a44473153679ede2f2a290604
5dd237100e77180f226c766b8c3ea67c89daa6e490822f832c869eb2c18256a7
5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637
600d578752ad2581b1b8576ce45d75b7e2517c7ff146900e65aa416eb6da14f1
637a493048d27e15038e8df492e9fddac7e71adda9b7b0cb9574a12d5092d537
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f
6d7f7fd7ea8033391d5223c9c2c3a73800c549ffd0aaf44510a38323a9ad5a55
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de
73b94ff5b41e25f1cfa80b3ec2e0d503899acd83e1abe8f6f87f911eba99f061
7723f164176f31915e1fa394b882e4bed2a8dcaac853f2730ddb5e243a7f2883
7ab4b3239931ff0680ed24078520d43c7424d92823035102cb0b31c10952f18a
83171abd52e6ea4ba9f7201a0ae66e23f404e58fad6a859c15938618a7efc44e
896de108f959accd84854640895fe2a615a764d740a2c2094ec2c333fc145520
908215a820c99f68c6fe6caf8cbfa5e6379101d6950603fec8729e14fe505c64
9320748f268c7e78980542ccd36bf63b4ee6077bee092365760cdb471ff0aa50
9a524af7812e7da8a65bdc315e0401f8cc172c0bcb66738d3ee019c8a17aeb12
a92592d28c8ace20bf1e76f05cd57402f42471e776b7c1355cbc5ed76878f728
b447d7290608bb86931c99f661302046f1433eef242560d45af981fa8a29f29b
bfb0a3efc3fd16020a122d9a9c032c4e6880d003551d9294c338453ff6a63fa1
cfeb1921f27ec48116717eae4bda5c8b08fabad74ddca745f3adfa80712aea9e
daf94dc021e938a79e81342363351deb23f7fa99f278bf41850ac876921a902e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e673507e5f23adb50047aeec2fd7b7f80db781e3240904c718a73a7c31c57906
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f825b50fc7d9ae8ba26d0b04ecefebb0a74492071a792f93c06868809b53f29c
ffead2d8f1115d88009faeda5d425bf0e73c6faae8be3fa2d6b2082aaec2263d

identity.carnegie.se Open in urlscan Pro 40.68.36.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

20 %IPv6

6 Domains

10 Subdomains

10 IPs

5 Countries

7674 kBTransfer

16802 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

identity.carnegie.se Open in urlscan Pro
40.68.36.24 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

20 %
IPv6

6
Domains

10
Subdomains

10
IPs

5
Countries

7674 kB
Transfer

16802 kB
Size

11
Cookies

55 HTTP transactions
2 data transactions