LeakIX - Host northcomsolutions.northcom.se

Domain northcomsolutions.northcom.se

United States

FASTLY

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 151.101.1.91
Domain: northcomsolutions.northcom.se
Port: 443
URL: https://northcomsolutions.northcom.se

First seen 2025-10-22 12:51
Last seen 2026-01-02 04:37
Open for 71 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa374c2942e74c2942e74c2942e74c2942e74c2942e
```
GraphQL introspection enabled at /graphql
Detected: Magento
```
Found on 2026-01-02 04:37
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2df9b2641df9b2641df9b2641df9b2641df9b2641
```
GraphQL introspection enabled at /graphql/api
Detected: Magento
```
Found on 2025-12-24 11:09

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa333b36a3b7d250db9c4db0f047388f381bff61869

GraphQL introspection enabled at /graphql
Types: 791 (by kind: ENUM: 76, INPUT_OBJECT: 198, INTERFACE: 34, OBJECT: 473, SCALAR: 5, UNION: 5)
Operations:
- Query: Query | fields: attributesForm, attributesList, availableStores, cart, categories
- Mutation: Mutation | fields: acceptCompanyInvitation, acceptNegotiableQuoteTemplate, addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-12-01 14:45

1.3 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e253bff11acd0cb08a7c3424fb629678a2f812a38c

GraphQL introspection enabled at /graphql/api
Types: 791 (by kind: ENUM: 76, INPUT_OBJECT: 198, INTERFACE: 34, OBJECT: 473, SCALAR: 5, UNION: 5)
Operations:
- Query: Query | fields: attributesForm, attributesList, availableStores, cart, categories
- Mutation: Mutation | fields: acceptCompanyInvitation, acceptNegotiableQuoteTemplate, addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-11-27 04:35

1.3 MBytes

Create report

Open service 151.101.1.91:443 · northcomsolutions.northcom.se

2026-01-09 01:20

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9fa24ac8f7a8b296b0df6f979ec3557f; expires=Sat, 10 Jan 2026 01:21:00 GMT; Max-Age=86400; path=/; domain=northcomsolutions.northcom.se; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Thu, 09 Jan 2025 01:21:00 GMT
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https://www.google.com/recaptcha/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.ftcdn.net *.behance.net *.paypal.com *.typekit.net *.gstatic.com *.googleapis.com www.northcom.se northcom.se www.google.lv www.google.se www.google.dk www.google.no www.google.fi *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com connect.facebook.net js-agent.newrelic.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com stats.g.doubleclick.net *.analytics.google.com bam.nr-data.net bam.eu01.nr-data.net www.google.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self' https://service.ariba.com https://service-2.ariba.com https://certservice.ariba.com https://certservice-2.ariba.com https://s1.ariba.com https://s2.ariba.com https://usertest.sciquest.com https://uitweb.sciquest.com https://neo.sciquest.com https://solutions.sciquest.com https://cloud.punchoutexpress.com https://dev.cloud.punchoutexpress.com https://cloud.pexlocal.com https://cloud.mpexlocal.com;
Accept-Ranges: bytes
Date: Fri, 09 Jan 2026 01:21:00 GMT
X-Served-By: cache-bma-essb1270047-BMA, cache-vie6362-VIE
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1767921660.228730,VS0,VE333
Vary: Accept-Encoding,Cookie
transfer-encoding: chunked

Found 2026-01-09 by HttpPlugin

Create report

Open service 151.101.1.91:443 · northcomsolutions.northcom.se

2026-01-02 04:37

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d70e4c28e24fd7e3840c8ec2d12e15c5; expires=Sat, 03 Jan 2026 04:37:07 GMT; Max-Age=86400; path=/; domain=northcomsolutions.northcom.se; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Thu, 02 Jan 2025 04:37:07 GMT
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https://www.google.com/recaptcha/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.ftcdn.net *.behance.net *.paypal.com *.typekit.net *.gstatic.com *.googleapis.com www.northcom.se northcom.se www.google.lv www.google.se www.google.dk www.google.no www.google.fi *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com connect.facebook.net js-agent.newrelic.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com stats.g.doubleclick.net *.analytics.google.com bam.nr-data.net bam.eu01.nr-data.net www.google.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self' https://service.ariba.com https://service-2.ariba.com https://certservice.ariba.com https://certservice-2.ariba.com https://s1.ariba.com https://s2.ariba.com https://usertest.sciquest.com https://uitweb.sciquest.com https://neo.sciquest.com https://solutions.sciquest.com https://cloud.punchoutexpress.com https://dev.cloud.punchoutexpress.com https://cloud.pexlocal.com https://cloud.mpexlocal.com;
Accept-Ranges: bytes
Date: Fri, 02 Jan 2026 04:37:07 GMT
X-Served-By: cache-bma-essb1270037-BMA, cache-vie6339-VIE
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1767328627.428551,VS0,VE353
Vary: Accept-Encoding,Cookie
transfer-encoding: chunked

Found 2026-01-02 by HttpPlugin

Create report

Open service 151.101.1.91:443 · northcomsolutions.northcom.se

2025-12-30 06:52

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=30f1d1fd49b05e9ef95d9b5dfc88b17e; expires=Wed, 31 Dec 2025 06:52:44 GMT; Max-Age=86400; path=/; domain=northcomsolutions.northcom.se; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Mon, 30 Dec 2024 06:52:44 GMT
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https://www.google.com/recaptcha/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.ftcdn.net *.behance.net *.paypal.com *.typekit.net *.gstatic.com *.googleapis.com www.northcom.se northcom.se www.google.lv www.google.se www.google.dk www.google.no www.google.fi *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com connect.facebook.net js-agent.newrelic.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com stats.g.doubleclick.net *.analytics.google.com bam.nr-data.net bam.eu01.nr-data.net www.google.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self' https://service.ariba.com https://service-2.ariba.com https://certservice.ariba.com https://certservice-2.ariba.com https://s1.ariba.com https://s2.ariba.com https://usertest.sciquest.com https://uitweb.sciquest.com https://neo.sciquest.com https://solutions.sciquest.com https://cloud.punchoutexpress.com https://dev.cloud.punchoutexpress.com https://cloud.pexlocal.com https://cloud.mpexlocal.com;
Accept-Ranges: bytes
Date: Tue, 30 Dec 2025 06:52:44 GMT
X-Served-By: cache-bma-essb1270028-BMA, cache-fra-eddf8230080-FRA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1767077564.233389,VS0,VE307
Vary: Accept-Encoding,Cookie
transfer-encoding: chunked

Found 2025-12-30 by HttpPlugin

Create report

Open service 151.101.1.91:443 · northcomsolutions.northcom.se

2025-12-22 14:14

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=5a856b62974ce40ab9fc4d03d505a3d9; expires=Tue, 23 Dec 2025 14:14:26 GMT; Max-Age=86400; path=/; domain=northcomsolutions.northcom.se; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Sun, 22 Dec 2024 14:14:26 GMT
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https://www.google.com/recaptcha/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.ftcdn.net *.behance.net *.paypal.com *.typekit.net *.gstatic.com *.googleapis.com www.northcom.se northcom.se www.google.lv www.google.se www.google.dk www.google.no www.google.fi *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com connect.facebook.net js-agent.newrelic.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com stats.g.doubleclick.net *.analytics.google.com bam.nr-data.net bam.eu01.nr-data.net www.google.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self' https://service.ariba.com https://service-2.ariba.com https://certservice.ariba.com https://certservice-2.ariba.com https://s1.ariba.com https://s2.ariba.com https://usertest.sciquest.com https://uitweb.sciquest.com https://neo.sciquest.com https://solutions.sciquest.com https://cloud.punchoutexpress.com https://dev.cloud.punchoutexpress.com https://cloud.pexlocal.com https://cloud.mpexlocal.com;
Accept-Ranges: bytes
Date: Mon, 22 Dec 2025 14:14:26 GMT
X-Served-By: cache-bma-essb1270047-BMA, cache-vie6380-VIE
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1766412866.255773,VS0,VE574
Vary: Accept-Encoding,Cookie
transfer-encoding: chunked

Found 2025-12-22 by HttpPlugin

Create report

Open service 151.101.1.91:443 · northcomsolutions.northcom.se

2025-12-20 14:36

HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=59bef3401192a99b4d13684d7c0123bf; expires=Sun, 21 Dec 2025 14:36:30 GMT; Max-Age=86400; path=/; domain=northcomsolutions.northcom.se; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Fri, 20 Dec 2024 14:36:30 GMT
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com data: 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https://www.google.com/recaptcha/ www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.braintreegateway.com *.paypal.com google.com *.google.com www.facebook.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com validator.swagger.io *.ftcdn.net *.behance.net *.paypal.com *.typekit.net *.gstatic.com *.googleapis.com www.northcom.se northcom.se www.google.lv www.google.se www.google.dk www.google.no www.google.fi *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net *.commerce-payment-services.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.googleapis.com *.gstatic.com connect.facebook.net js-agent.newrelic.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.adobe.io performance.typekit.net *.sentry.io www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.googleapis.com stats.g.doubleclick.net *.analytics.google.com bam.nr-data.net bam.eu01.nr-data.net www.google.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self' https://service.ariba.com https://service-2.ariba.com https://certservice.ariba.com https://certservice-2.ariba.com https://s1.ariba.com https://s2.ariba.com https://usertest.sciquest.com https://uitweb.sciquest.com https://neo.sciquest.com https://solutions.sciquest.com https://cloud.punchoutexpress.com https://dev.cloud.punchoutexpress.com https://cloud.pexlocal.com https://cloud.mpexlocal.com;
Accept-Ranges: bytes
Date: Sat, 20 Dec 2025 14:36:30 GMT
X-Served-By: cache-bma-essb1270036-BMA, cache-lga21933-LGA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1766241390.144506,VS0,VE692
Vary: Accept-Encoding,Cookie
transfer-encoding: chunked

Found 2025-12-20 by HttpPlugin

Create report

northcomsolutions.northcom.se

Fingerprint:

1437a3cf0aa9548b0ce1b7ea04a86266d42b725697ce6532a87b255d8ad970bf

CN:

northcomsolutions.northcom.se

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-09 22:07

Not after:

2026-03-09 22:07

Domain summary

northcomsolutions.northcom.se 8

1 recorded

IP summary

1 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice