urlscan.io logo urlscan.io
SecurityTrails logo

www.nito.no Open in urlscan Pro
137.221.25.173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ingeniorforsikringen.com/
Effective URL: https://www.nito.no/medlemsfordel/
Submission: On February 13 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 9 countries across 31 domains to perform 62 HTTP transactions. The main IP is 137.221.25.173, located in Oslo, Norway and belongs to ASN-INTILITY, NO. The main domain is www.nito.no.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 29th 2018. Valid for: 2 years.
This is the only time www.nito.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.249.226.243 199566 (INIC)
1 18 137.221.25.173 49586 (ASN-INTILITY)
1 152.199.19.160 15133 (EDGECAST)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.139.237.11 33438 (HIGHWINDS2)
7 95.100.67.47 16625 (AKAMAI-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 147.75.32.125 54825 (PACKET)
1 172.217.16.130 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.224.196.99 16509 (AMAZON-02)
1 4 213.155.156.188 1299 (TELIANET ...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.75.33.229 54825 (PACKET)
2 35.186.226.184 15169 (GOOGLE)
1 18.185.147.201 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 69.173.144.139 26667 (RUBICONPR...)
1 1 172.217.18.98 15169 (GOOGLE)
1 3 213.155.156.184 1299 (TELIANET ...)
2 2 185.33.223.100 29990 (ASN-APPNEX)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 18.195.103.23 16509 (AMAZON-02)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 35.158.17.58 16509 (AMAZON-02)
2 3 54.154.138.105 16509 (AMAZON-02)
1 2 35.156.139.187 16509 (AMAZON-02)
1 2 37.157.6.251 198622 (ADFORM)
1 52.215.39.229 16509 (AMAZON-02)
1 2 23.210.249.164 16625 (AKAMAI-AS)
62 32
1    5.249.226.243 (Norway)

ASN199566 (INIC, NO)
PTR: redirect.uniweb.no
ingeniorforsikringen.com
18    137.221.25.173 (Oslo, Norway)

ASN49586 (ASN-INTILITY, NO)
www.nito.no
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google.com
www.google-analytics.com
3    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:1276 (United States)

ASN13335 (CLOUDFLARENET, US)
dl.episerver.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
cdn.rawgit.com
7    95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com
use.typekit.net
p.typekit.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14
static.hotjar.com
vars.hotjar.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
1    2606:4700:20::6819:8976 (United States)

ASN13335 (CLOUDFLARENET, US)
siteimproveanalytics.com
1    13.224.196.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-99.fra2.r.cloudfront.net
sc-static.net
4    213.155.156.188 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com
tb.de17a.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    147.75.33.229 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11
script.hotjar.com
2    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    18.185.147.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-147-201.eu-central-1.compute.amazonaws.com
eu2.siteimprove.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
3    213.155.156.184 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
2    185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    18.195.103.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-103-23.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
sync.search.spotxchange.com
1    35.158.17.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-17-58.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    54.154.138.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-138-105.eu-west-1.compute.amazonaws.com
ad.sxp.smartclip.net
2    35.156.139.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-139-187.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
dmp.adform.net
1    52.215.39.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-39-229.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com
2    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
dsum.casalemedia.com
Apex Domain
Subdomains		 Transfer
18 nito.no
www.nito.no
721 KB
7 de17a.com
tb.de17a.com
d5p.de17a.com
10 KB
7 typekit.net
use.typekit.net
p.typekit.net
170 KB
4 google.com
google.com
www.google.com
7 KB
3 smartclip.net
ad.sxp.smartclip.net
2 KB
3 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
2 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
73 KB
2 casalemedia.com
dsum.casalemedia.com
2 KB
2 adform.net
dmp.adform.net
575 B
2 bidswitch.net
x.bidswitch.net
894 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 360yield.com
ad.360yield.com
828 B
2 adnxs.com
ib.adnxs.com
2 KB
2 facebook.com
www.facebook.com
417 B
2 snapchat.com
tr.snapchat.com
2 google.de
www.google.de
219 B
2 google-analytics.com
www.google-analytics.com
18 KB
2 facebook.net
connect.facebook.net
142 KB
1 unrulymedia.com
usermatch.targeting.unrulymedia.com
289 B
1 advertising.com
pixel.advertising.com
124 B
1 pubmatic.com
image2.pubmatic.com
973 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 siteimprove.com
eu2.siteimprove.com
406 B
1 sc-static.net
sc-static.net
5 KB
1 siteimproveanalytics.com
siteimproveanalytics.com
5 KB
1 googleadservices.com
www.googleadservices.com
10 KB
1 rawgit.com
cdn.rawgit.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
30 KB
1 episerver.net
dl.episerver.net
3 KB
1 aspnetcdn.com
ajax.aspnetcdn.com
37 KB
1 ingeniorforsikringen.com
ingeniorforsikringen.com
251 B
62 31
Domain Requested by
18 www.nito.no 1 redirects www.nito.no
6 use.typekit.net www.nito.no
use.typekit.net
4 tb.de17a.com 1 redirects www.nito.no
tb.de17a.com
3 ad.sxp.smartclip.net 2 redirects blank
3 d5p.de17a.com 1 redirects blank
3 www.google.com 1 redirects www.nito.no
2 dsum.casalemedia.com 1 redirects blank
2 dmp.adform.net 1 redirects blank
2 x.bidswitch.net 1 redirects blank
2 sync.search.spotxchange.com 1 redirects blank
2 ad.360yield.com 1 redirects blank
2 ib.adnxs.com 2 redirects
2 www.facebook.com www.nito.no
2 tr.snapchat.com www.googletagmanager.com
2 www.google.de www.nito.no
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 connect.facebook.net www.nito.no
connect.facebook.net
1 usermatch.targeting.unrulymedia.com blank
1 pixel.advertising.com blank
1 image2.pubmatic.com blank
1 cm.g.doubleclick.net 1 redirects
1 pixel.rubiconproject.com blank
1 p.typekit.net www.nito.no
1 vars.hotjar.com static.hotjar.com
1 eu2.siteimprove.com www.nito.no
1 script.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 sc-static.net www.nito.no
1 siteimproveanalytics.com www.nito.no
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 cdn.rawgit.com www.nito.no
1 www.googletagmanager.com www.nito.no
1 dl.episerver.net www.nito.no
1 google.com 1 redirects
1 ajax.aspnetcdn.com www.nito.no
1 ingeniorforsikringen.com 1 redirects
62 38
Subject Issuer Validity Valid
nito.no
DigiCert SHA2 Extended Validation Server CA		 2018-10-29 -
2020-11-02		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-15 -
2020-10-09		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
rawgit.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2022-01-12		 2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
ssl379359.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-16 -
2020-05-24		 6 months crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2019-12-03 -
2020-12-02		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
*.siteimprove.com
DigiCert SHA2 Secure Server CA		 2018-01-03 -
2020-03-11		 2 years crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.smartclip.net
Amazon		 2019-03-28 -
2020-04-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.targeting.unrulymedia.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh

This page contains 7 frames:

Primary Page: https://www.nito.no/medlemsfordel/
Frame ID: 96A7C5084AA309A98D3F74313438937B
Requests: 48 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i
Frame ID: 5632FB71ED9D9BAC28D209A41CAC6ACF
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: E5D08A7D7F4D47C613F0D44FB85D6F29
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 46EBF414EAAB8485FD480F0F631282B1
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: 1A8113C152A30BF4ED1B62D8E2F088B0
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F%22%2C%22title%22%3A%22Medlemsfordeler%20%7C%20NITO%22%2C%22trackingAccountId%22%3A%2216107%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 5D6DD4D98F93FB62D529DA3E08B41552
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=2896608677147992573&expires=30
Frame ID: 912C3C37BD6AC9A1A4491EABA6911AFE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ingeniorforsikringen.com/ HTTP 301
    https://www.nito.no/medlemsfordel/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

62
Requests

100 %
HTTPS

29 %
IPv6

31
Domains

38
Subdomains

32
IPs

9
Countries

1238 kB
Transfer

2613 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ingeniorforsikringen.com/ HTTP 301
    https://www.nito.no/medlemsfordel/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.nito.no/link/bfed19692c274017847db43dccd2f5d9.aspx HTTP 301
  • https://www.nito.no/globalassets/episerver-forms/knapp---kontakt-meg.jpg
Request Chain 10
  • https://google.com/jsapi HTTP 301
  • https://www.google.com/jsapi
Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=621280906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&dp=%2Fmedlemsfordel%2F&ul=en-us&de=UTF-8&dt=Medlemsfordeler%20%7C%20NITO&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=2146369412&gjid=1308050478&cid=1988684192.1581597778&tid=UA-38034439-1&_gid=383151638.1581597778&_r=1&gtm=2wg250PVTJQ4&z=192499018 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_gid=383151638.1581597778&gjid=1308050478&_v=j81&z=192499018 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018&slf_rd=1&random=949649421
Request Chain 49
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Request Chain 52
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGxj_SNZmHqOyidzKROrn6A&google_cver=1&google_ula=668382,0
Request Chain 53
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=7689323750889410499
Request Chain 55
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778
Request Chain 56
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=2896608677147992573&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=2896608677147992573&img=1&__user_check__=1&sync_id=5d5de571-4e5e-11ea-a39a-13b80d861006
Request Chain 58
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1 HTTP 302
  • https://d5p.de17a.com/getuid/smartclip?uuid=299c18e2-30db-4c72-83a8-43b4a276d378 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=2896608677147992573&uuid=299c18e2-30db-4c72-83a8-43b4a276d378
Request Chain 59
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=2896608677147992573&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=2896608677147992573&expires=30
Request Chain 60
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=2896608677147992573 HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=2896608677147992573
Request Chain 62
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778&C=1

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.nito.no/medlemsfordel/
Redirect Chain
  • http://ingeniorforsikringen.com/
  • https://www.nito.no/medlemsfordel/
45 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
15b99767f2cadf6fec107c762c06e967e00e6628db5a7d061ac68386f8eda894
Security Headers
Name Value
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Host
www.nito.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
public, no-cache="Set-Cookie", max-age=7200
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Thu, 13 Feb 2020 14:42:57 GMT
Last-Modified
Thu, 13 Feb 2020 12:42:57 GMT
Vary
*
Set-Cookie
NITO.Web=srovomb0fjdng2dc3mg1tlgq; path=/; secure; HttpOnly; SameSite=Lax EPi_NumberOfVisits=1,2020-02-13T12:42:57; expires=Sat, 13-Feb-2021 12:42:57 GMT; path=/; secure; HttpOnly NITO.Web=srovomb0fjdng2dc3mg1tlgq; path=/; secure; HttpOnly; SameSite=Lax EPi_NumberOfVisits=1,2020-02-13T12:42:57; expires=Sat, 13-Feb-2021 12:42:57 GMT; path=/; secure; HttpOnly .EPiForm_BID=1e401a30-bf48-496b-86ab-63c18e8aa691; expires=Wed, 13-May-2020 11:42:57 GMT; path=/; secure; HttpOnly .EPiForm_VisitorIdentifier=1e401a30-bf48-496b-86ab-63c18e8aa691:; expires=Wed, 13-May-2020 11:42:57 GMT; path=/; secure; HttpOnly __RequestVerificationToken=aFrUQ-sfmuUbK17NJNIpp7T-yP9tTaFzL4qKlFeickfcYV3WLgfFf7jsHXa3i_VSbK0jn1-AqJH8WIXOmfpLS8WPYRw1; path=/; secure; HttpOnly
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-UA-Compatible
IE=Edge
Date
Thu, 13 Feb 2020 12:42:56 GMT
Content-Length
17427

Redirect headers

Server
openresty
Date
Thu, 13 Feb 2020 12:42:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://www.nito.no/medlemsfordel/
Strict-Transport-Security
max-age=0
global
www.nito.no/bundles/css/ 		178 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/bundles/css/global?v=1wYQSb42iTW5LNaJdOjelnN2TWyi0W3hW0xn4FBcvpY1
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
0f52ed865045951d041dd225ddbe2ef628edfb47e3d72fb5f1380a1384673596
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Feb 2020 12:42:58 GMT
X-Frame-Options
SAMEORIGIN
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
X-UA-Compatible
IE=Edge
Content-Length
52465
Expires
Fri, 12 Feb 2021 12:42:58 GMT
WebResource.axd
www.nito.no/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/WebResource.axd?d=s-f6ie6T4Qaxga0Un_qm822NOl-l2usMyEvGS0jA-hGo7OawZ741rnt9KWLOsdPRgRXB18RY4fE-JpBo5CVh6B09l_3YillwS6isXgSkr0oACzRsQdR26IcIVUR8xnlXiyi9Wh0bW3nrBxq5pLCoRmHdPTk1&t=637151053480000000
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
0615c152fcf16df7c7996b666eabba5d9883522abe792e0643d4b06c0414a5c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jan 2020 07:22:28 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
X-UA-Compatible
IE=Edge
Content-Length
1055
Expires
Thu, 11 Feb 2021 15:27:57 GMT
WebResource.axd
www.nito.no/ 		95 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/WebResource.axd?d=rQapnFTl_pgMjn3yGS-nPqqqfYurGmKTunOxnyMIQbvmVocl7GDqSWL_V2a3e8v4wolTwCinEDTdi7RR6uuKjFewRJ_HbKXqgmXKmMRZfkDVUfyrrqnnulwVElznMaWUy1Hw9c4u3uzWqfYHSwcp-VZ1tbA1&t=637151053480000000
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jan 2020 07:22:28 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
X-UA-Compatible
IE=Edge
Content-Length
43290
Expires
Thu, 11 Feb 2021 15:27:57 GMT
nito-logo-responsive-new.svg
www.nito.no/contentassets/c18ee90172544560a836d778c032ddd7/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nito.no/contentassets/c18ee90172544560a836d778c032ddd7/nito-logo-responsive-new.svg
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
88631002de22ef14f69ae8fe9fee2aca7961ea3a5252061c90d1b91f7204ecb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Tue, 11 Feb 2020 11:54:33 GMT
ETag
"1D5E0D206416280"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public
X-UA-Compatible
IE=Edge
Accept-Ranges
bytes
Content-Length
1287
Expires
Fri, 14 Feb 2020 00:42:58 GMT
GetFormInitScript
www.nito.no/EPiServer.Forms/DataSubmit/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/EPiServer.Forms/DataSubmit/GetFormInitScript?formGuid=350988ff-b90f-4211-8a15-3eb25051a0a3&formLanguage=no
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
cd1720f7e0118c1d739e71a3118b686372e1f76b1760553feca5f1b8910e425b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Content-Length
1862
X-UA-Compatible
IE=Edge
knapp---kontakt-meg.jpg
www.nito.no/globalassets/episerver-forms/
Redirect Chain
  • https://www.nito.no/link/bfed19692c274017847db43dccd2f5d9.aspx
  • https://www.nito.no/globalassets/episerver-forms/knapp---kontakt-meg.jpg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nito.no/globalassets/episerver-forms/knapp---kontakt-meg.jpg
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
959f66f6e008e35a2ab1e0a71fbf7d18f6c176b6f21191f120f3110036687491
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Tue, 11 Feb 2020 11:23:37 GMT
ETag
"1D5E0CDB3FE4280"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge
Accept-Ranges
bytes
Content-Length
10756
Expires
Fri, 14 Feb 2020 00:42:58 GMT

Redirect headers

Location
/globalassets/episerver-forms/knapp---kontakt-meg.jpg
Date
Thu, 13 Feb 2020 12:42:58 GMT
X-UA-Compatible
IE=Edge
Content-Length
170
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
print
www.nito.no/bundles/css/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/bundles/css/print?v=fXtU4NShQtS8tWEU1gL5CtWTTlGUN_oDnDPVmOtuzgQ1
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
209e09dcfa63dddfe6afe5d0b3f7fb71efc7c69b0ebd40b373f2a7b6858f00a6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Feb 2020 12:42:58 GMT
X-Frame-Options
SAMEORIGIN
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
X-UA-Compatible
IE=Edge
Content-Length
7620
Expires
Fri, 12 Feb 2021 12:42:58 GMT
forsikringssenter_smalt.jpg
www.nito.no/contentassets/97e9a73a13e64d738d947e7335a21f24/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nito.no/contentassets/97e9a73a13e64d738d947e7335a21f24/forsikringssenter_smalt.jpg?width=780&height=216&quality=60&anchor=topleft&h=094001c88742576acdd7b6959d0fdeb428a64067
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
9d9ba5a6b309045593e83fc986e1e2005bd9a62801cfa53eeb9e11f7ffb01f41
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Tue, 11 Feb 2020 12:37:40 GMT
ETag
"48daa7cd8e0d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public
Accept-Ranges
bytes
Content-Length
21126
X-UA-Compatible
IE=Edge
jquery-2.1.3.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		82 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B0B) /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17750335
x-cache
HIT
status
200
content-length
37723
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:11:05 GMT
server
ECAcc (ama/8B0B)
etag
"b3b729ecc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
global
www.nito.no/bundles/js/ 		224 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/bundles/js/global?v=sMulDMrMZ4uC-cHURwWYXcJaugHoIFS3eUDKD8sDTSA1
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
5fa244915db525309e37d39ceee94ee3a293271521eb6a54ddbf9ce52016aa30
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Content-Encoding
gzip
Vary
User-Agent,Accept-Encoding
Last-Modified
Thu, 13 Feb 2020 12:42:58 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Expires
Fri, 12 Feb 2021 12:42:58 GMT
Cache-Control
public
Transfer-Encoding
chunked
X-UA-Compatible
IE=Edge
jsapi
www.google.com/
Redirect Chain
  • https://google.com/jsapi
  • https://www.google.com/jsapi
26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/jsapi
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f5aeae6c6ef3afa10681c4216eabc616547959e7808bfa32abeb6e4dc3f0641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
vary
Accept-Encoding
cache-control
private, max-age=3600, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6424
x-xss-protection
1; mode=block
expires
Thu, 13 Feb 2020 12:42:58 GMT

Redirect headers

date
Thu, 13 Feb 2020 07:16:55 GMT
x-content-type-options
nosniff
server
sffe
age
19563
location
https://www.google.com/jsapi
content-type
text/html; charset=UTF-8
status
301
cache-control
public, max-age=86400
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 14 Feb 2020 07:16:55 GMT
find.js
dl.episerver.net/13.2.5/epi-util/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.episerver.net/13.2.5/epi-util/find.js
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
50cd27879f03f1b1a0c173b14e4f30390362555145ecd8169d65d84e5fb6c055

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4417
x-powered-by
ASP.NET
status
200
content-length
2640
last-modified
Thu, 17 Oct 2019 12:43:43 GMT
server
cloudflare
etag
W/"6234-1571316223072"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
5646e2a0ef509ace-FRA
expires
Fri, 14 Feb 2020 12:42:58 GMT
WebResource.axd
www.nito.no/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/WebResource.axd?d=TzRGlCddaaqtz0Im2nSJhNv5NRPJPxh-1b9mxVOqIYYWeO_4xXKnUHzTOy5BsdY5LUq8puhEhvFb1QY7tA0iyN0jkNlBZbsuo6X7FkNK3aSeHj3GgMmrC2YuSth8b0MDI5Y07__5B01RZt2hZUGpGwWWGws1&t=637151053480000000
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
00a74242d765949521595766e36317ed8aeb7662cd9388e4a41e229b21346e49
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jan 2020 07:22:28 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
X-UA-Compatible
IE=Edge
Content-Length
12757
Expires
Thu, 11 Feb 2021 15:27:57 GMT
gtm.js
www.googletagmanager.com/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVTJQ4
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4bb036e74f572fccd8fd3aed6e22c0b6c94ddf5e89defbea17223a5dba65c3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30217
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Feb 2020 12:42:58 GMT
SourceSansPro-Regular.woff
www.nito.no/UI/fonts/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/UI/fonts/SourceSansPro-Regular.woff
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
34beb8307459d04719789002534a6749e1b7a40021de510bebcbc550d6507006
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/bundles/css/global?v=1wYQSb42iTW5LNaJdOjelnN2TWyi0W3hW0xn4FBcvpY1
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Mon, 20 Jan 2020 07:22:16 GMT
ETag
"0848e5762cfd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
121876
X-UA-Compatible
IE=Edge
truncated
/ 		710 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5587a9738a42e7fd16ba969bde78a2edefab3fa5a650342ec2a9b6dacfba34b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		234 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76b762449fb02021faa1d530ec3c8bac1eb68ca6e76354f93146195444a2a94

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
BlenderPro-BoldWeb.woff
www.nito.no/UI/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/UI/fonts/BlenderPro-BoldWeb.woff
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
194c08aa690e538ff7d9d7bf2d5dc31249b64f70e70080b2e2f1a7a044c260b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/bundles/css/global?v=1wYQSb42iTW5LNaJdOjelnN2TWyi0W3hW0xn4FBcvpY1
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Mon, 20 Jan 2020 07:22:16 GMT
ETag
"0848e5762cfd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
50148
X-UA-Compatible
IE=Edge
SourceSansPro-Light.woff
www.nito.no/UI/fonts/ 		116 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/UI/fonts/SourceSansPro-Light.woff
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
bad2e26702eceba676342679bcdd5a6ed966b10c29e82417ea6b6d5b77ec4006
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/bundles/css/global?v=1wYQSb42iTW5LNaJdOjelnN2TWyi0W3hW0xn4FBcvpY1
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Mon, 20 Jan 2020 07:22:16 GMT
ETag
"0848e5762cfd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
119280
X-UA-Compatible
IE=Edge
BlenderPro-ThinWeb.woff
www.nito.no/UI/fonts/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/UI/fonts/BlenderPro-ThinWeb.woff
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
2d7cc2c9c9fef717010fcfa8fa6518079eaec1e63975a74b4fb78afb14d6ee5e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/bundles/css/global?v=1wYQSb42iTW5LNaJdOjelnN2TWyi0W3hW0xn4FBcvpY1
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Mon, 20 Jan 2020 07:22:16 GMT
ETag
"0848e5762cfd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
49636
X-UA-Compatible
IE=Edge
SourceSansPro-Bold.woff
www.nito.no/UI/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/UI/fonts/SourceSansPro-Bold.woff
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
7de8582bfa70bfc9474928687649c6efb6dc990fab02a7820d0b9b522c7edea1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/bundles/css/global?v=1wYQSb42iTW5LNaJdOjelnN2TWyi0W3hW0xn4FBcvpY1
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Mon, 20 Jan 2020 07:22:16 GMT
ETag
"0848e5762cfd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
124508
X-UA-Compatible
IE=Edge
icomoon.woff
www.nito.no/UI/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nito.no/UI/fonts/icomoon.woff
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.221.25.173 Oslo, Norway, ASN49586 (ASN-INTILITY, NO),
Reverse DNS
Software
/
Resource Hash
6a7ae939e260af438d3575a1b5d7afff2c6b61158c41beffbe67aaa775190982
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/bundles/css/global?v=1wYQSb42iTW5LNaJdOjelnN2TWyi0W3hW0xn4FBcvpY1
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Last-Modified
Mon, 20 Jan 2020 07:22:16 GMT
ETag
"0848e5762cfd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
7832
X-UA-Compatible
IE=Edge
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc6d1d72f15e800c404e4cf5dd570c0c761bc2b8a3d9af802bbc367dfca58efc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prettify.css
cdn.rawgit.com/google/code-prettify/master/loader/ 		655 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rawgit.com/google/code-prettify/master/loader/prettify.css
Requested by
Host: www.nito.no
URL: https://www.nito.no/bundles/js/global?v=sMulDMrMZ4uC-cHURwWYXcJaugHoIFS3eUDKD8sDTSA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
564094137b8f1786-FRA
x-cache
HIT
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
sunset
Tue, 01 Oct 2019 00:00:00 GMT
rawgit-cache-status
HIT
server
NetDNA-cache/2.2
etag
W/"5842f98557e7787e109bdd666c770913847522bd780247fea210267b419c13c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
content-type
text/css;charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=86400
x-robots-tag
none
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
bak7vgz.js
use.typekit.net/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/bak7vgz.js
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
67009cbab87524f2aeeb300e203df865d516f51de59e348bd8ff8ffcf749c185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Thu, 13 Feb 2020 12:42:58 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7522
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
tJyq0pMlbjnk+V9znRL9PDoBfSjvneqHqrS1HeSGuY/1upxjv79GdTVcSCw2n5jVlBHbHdpZ+8Q3w3fpMSL+lQ==
x-fb-trip-id
1850256238
date
Thu, 13 Feb 2020 12:42:58 GMT, Thu, 13 Feb 2020 12:42:58 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVTJQ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
566
date
Thu, 13 Feb 2020 12:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Thu, 13 Feb 2020 14:33:32 GMT
hotjar-752291.js
static.hotjar.com/c/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-752291.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVTJQ4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress14
Software
/
Resource Hash
bf6c8a881f4bd7d9c5603d03bae689541c6dd16abfd800912f46422e575f6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
59
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
2679
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/996a1863b1f8c87accef833dea1f118d
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.089
accept-ranges
bytes
section-io-id
60302f08b7fbc1b4c0f76fb9ca0e74eb
section-origin-responded
true
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVTJQ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9931
x-xss-protection
0
server
cafe
etag
8273558640064030436
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Feb 2020 12:42:58 GMT
siteanalyze_6018408.js
siteimproveanalytics.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_6018408.js
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:8976 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec41d04f5214f930f6451d9f7ac31c21923206440e3cb81e95f3df4bc16df78b

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1656
status
200
content-type
application/javascript; charset=utf-8
content-length
4584
x-amz-id-2
+HedZadoJfvd66bDacw4y+x9gpCswGsLi/TBkq2Xo09y+wW5XU61SzoGBlQ1ztm3+zUgZhAiPfg=
last-modified
Tue, 07 Nov 2017 23:07:30 GMT
server
cloudflare
etag
"199909b3896b33dd65ac99e8871e9ec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
C11EB5E82E3DC3CB
cache-control
max-age=86400, no-transform
accept-ranges
bytes
cf-ray
5646e2a339f49716-FRA
scevent.min.js
sc-static.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-99.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 12 Feb 2020 23:06:28 GMT
content-encoding
gzip
last-modified
Mon, 11 Nov 2019 23:04:13 GMT
server
AmazonS3
age
48990
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
1Giz_-hee9NYBjy2pFBA9siBBdDvY8Zjz4KrBwV02VfYg9BjiRr-Zw==
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
d7.js
tb.de17a.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 12:26:49 GMT
server
nginx/1.4.6 (Ubuntu)
etag
W/"UyYs5NjvdRUUyYtiD4Yy6k--gzip"
vary
Accept-Encoding, User-Agent
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
status
200
cache-control
must-revalidate, private
content-type
application/javascript
content-length
6265
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=621280906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&dp=%2Fmedlemsfordel%2F&ul=en-us&de=UTF-8&dt=Medlemsfordeler%20%7C%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_gid=383151638.1581597778&gjid=1308050478&_v=j81&z=192499018
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018&slf_rd=1&random=949649421
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018&slf_rd=1&random=949649421
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018&slf_rd=1&random=949649421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1132819503425502
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1132819503425502?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2042da5301e21c18e852e6f9160bc27eef4b596c246c7d0c5338beec7b6d479f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
zm7Odgv8UF+ddiZbo8Sw18mD+LrlhfN+jcYW4Mog2dVT5+CNVSYktEHRfnvZai09JfTfDjPIyiayUI2q/AFcqg==
x-fb-trip-id
1850256238
date
Thu, 13 Feb 2020 12:42:58 GMT, Thu, 13 Feb 2020 12:42:58 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070061330/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070061330/?random=1581597778461&cv=9&fst=1581597778461&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg250&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&tiba=Medlemsfordeler%20%7C%20NITO&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b729c6ac5558f689ca28d900ae12a104541ebc5eda7137d0a51d1dce03a22bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
995
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bak7vgz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a85a057330bbc6272c3dd4c02a15317b08a92b4de7514d9fda7d8cbf82a3cac

Request headers

Referer
https://www.nito.no/medlemsfordel/
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
etag
"5b1424bf708a1baf048831772af7891cda52e1e0"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
32980
l
use.typekit.net/af/29352b/00000000000000003b9aefb9/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/29352b/00000000000000003b9aefb9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bak7vgz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
39492f3c9f87d34d4d53b7fa1fc66d5003f986552288bb55ac10e7507d4c69dd

Request headers

Referer
https://www.nito.no/medlemsfordel/
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
etag
"41bd63e072fcddb931e4f5c670a122a6ae75b1a8"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
34024
l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bak7vgz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf

Request headers

Referer
https://www.nito.no/medlemsfordel/
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
etag
"625d31c6ff36363142e14c9d9cf9f2747ce3803a"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
31984
l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bak7vgz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98

Request headers

Referer
https://www.nito.no/medlemsfordel/
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
etag
"0a37e0f13f84c73347be23130bb6d2063bc1d8a8"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33796
l
use.typekit.net/af/7f382d/00000000000000003b9aefbc/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7f382d/00000000000000003b9aefbc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bak7vgz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
41bb54c5e41bfff348c98ec5a29df6dff1b3f220e5b25284943907efaf7cd041

Request headers

Referer
https://www.nito.no/medlemsfordel/
Origin
https://www.nito.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
etag
"ea616992231df2d40c94b1b866fc6ab1d7531d99"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
31812
modules.4f655037b2a3518f16e4.js
script.hotjar.com/ 		401 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4f655037b2a3518f16e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-752291.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
content-encoding
br
content-type
application/javascript
age
154002
status
200
section-io-cache
Hit
content-length
71483
last-modified
Tue, 11 Feb 2020 17:53:18 GMT
etag
"a29cc766b3eae227e61b1b428741bb6c"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.027
accept-ranges
bytes
section-io-id
3eb6ca6f4539fc9395b406c88c8d60fd
section-origin-responded
true
i
tr.snapchat.com/cm/ Frame 5632 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVTJQ4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.nito.no/medlemsfordel/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.nito.no/medlemsfordel/

Response headers

status
200
server
nginx/1.17.3
date
Thu, 13 Feb 2020 12:42:58 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
www.google.com/pagead/1p-user-list/1070061330/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070061330/?random=1581597778461&cv=9&fst=1581595200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg250&sendb=1&frm=0&url=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&tiba=Medlemsfordeler%20%7C%20NITO&async=1&fmt=3&is_vtc=1&random=235756248&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1070061330/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1070061330/?random=1581597778461&cv=9&fst=1581595200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg250&sendb=1&frm=0&url=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&tiba=Medlemsfordeler%20%7C%20NITO&async=1&fmt=3&is_vtc=1&random=235756248&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/ Frame E5D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVTJQ4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
302
pragma
no-cache
cache-control
no-cache
origin
https://www.nito.no
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.nito.no/medlemsfordel/
accept-encoding
gzip, deflate, br
accept-language
en-US
Origin
https://www.nito.no
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.nito.no/medlemsfordel/

Response headers

status
200
server
nginx/1.17.3
date
Thu, 13 Feb 2020 12:42:58 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIJIiMc3ToFRxvOw3FtyiWSplkChZNbOzCPvC66FaHekYEenyyIOoFMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
image.aspx
eu2.siteimprove.com/ 		34 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu2.siteimprove.com/image.aspx?url=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&title=Medlemsfordeler%20%7C%20NITO&res=1600x1200&accountid=6018408&rt=1288&prev=1581597832203&luid=1f7f166c-ef3a-7b97-9af4-03b5f05ffb52&rnd=57700
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.147.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-147-201.eu-central-1.compute.amazonaws.com
Software
/ ASP.NET
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 12:43:00 GMT
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP="NOI OUR IND COM NAV INT"
Cache-Control
private
Connection
keep-alive
Content-Type
image/gif
Content-Length
34
Expires
Thu, 13 Feb 2020 12:42:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 46EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-752291.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress14
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.nito.no/medlemsfordel/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.nito.no/medlemsfordel/

Response headers

status
200
date
Thu, 13 Feb 2020 12:42:58 GMT
content-type
text/html
content-length
851
last-modified
Wed, 29 Jan 2020 12:33:12 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.030
section-origin-responded
true
age
1296586
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
1e1504232fc24075ce102eca11b319a2
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1132819503425502&ev=PageView&dl=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&rl=&if=false&ts=1581597778561&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581597778561.1893232068&it=1581597778455&coo=false&rqm=GET
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT, Thu, 13 Feb 2020 12:42:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 13 Feb 2020 12:42:58 GMT
p.gif
p.typekit.net/ 		35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=bak7vgz&ht=tk&h=www.nito.no&f=139.140.175.176.5474&a=2883258&js=1.19.2&app=typekit&e=js&_=1581597778639
Requested by
Host: www.nito.no
URL: https://www.nito.no/medlemsfordel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
last-modified
Mon, 04 Feb 2019 21:30:02 GMT
server
nginx
access-control-allow-origin
*
etag
"5c58aeda-23"
content-type
image/gif
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
35
expires
Fri, 16 Aug 2019 11:06:28 GMT
getUid;c
tb.de17a.com/api/ Frame 1A81
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
61 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
7e512e701c7161e382eb9527db3e1c98f8ebd95c63a007c5e0b3e7b59d8984dd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
61
content-type
application/json

Redirect headers

status
307
date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx/1.4.6 (Ubuntu)
content-length
0
location
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
pageView
tb.de17a.com/api/ Frame 5D6D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F%22%2C%22title%22%3A%22Medlemsfordeler%20%7C%20NITO%22%2C%22trackingAccountId%22%3A%2216107%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
911a14b76abc9a678ccc4631328c89f1f032e046057e06cd345204e0497e9aac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
2529
content-type
application/json
tap.php
pixel.rubiconproject.com/ Frame 912C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=2896608677147992573&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
google
d5p.de17a.com/cookies/ Frame 912C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGxj_SNZmHqOyidzKROrn6A&google_cver=1&google_ula=668382,0
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEGxj_SNZmHqOyidzKROrn6A&google_cver=1&google_ula=668382,0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.184 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-184.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
server
HTTP server (unknown)
location
https://d5p.de17a.com/cookies/google?google_gid=CAESEGxj_SNZmHqOyidzKROrn6A&google_cver=1&google_ula=668382,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
appnexus
d5p.de17a.com/setuid/ Frame 912C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=7689323750889410499
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/setuid/appnexus?anxs_uid=7689323750889410499
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.184 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-184.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 12:43:00 GMT
AN-X-Request-Uuid
60573428-0026-4a26-8ddd-6fc2a3614b8c
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://d5p.de17a.com/setuid/appnexus?anxs_uid=7689323750889410499
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
85.159.237.67; 85.159.237.67; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.133:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 912C 		42 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=2896608677147992573
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 12:42:58 GMT
X-lat
Pug23007:0:302
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
image/gif; charset=utf-8
Content-Length
42
match
ad.360yield.com/ul_cb/ Frame 912C
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.103.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-103-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 13 Feb 2020 12:42:58 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Thu, 13 Feb 2020 12:42:58 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778
content-type
text/plain
partner
sync.search.spotxchange.com/ Frame 912C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=2896608677147992573&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=2896608677147992573&img=1&__user_check__=1&sync_id=5d5de571-4e5e-11ea-a39a-13b80d861006
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=2896608677147992573&img=1&__user_check__=1&sync_id=5d5de571-4e5e-11ea-a39a-13b80d861006
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7326&uid=2896608677147992573&img=1&__user_check__=1&sync_id=5d5de571-4e5e-11ea-a39a-13b80d861006
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
115
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55955/ Frame 912C 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=2896608677147992573&_origin=1
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.17.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-17-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Thu, 13 Feb 2020 12:42:58 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ad.sxp.smartclip.net/ Frame 912C
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1
  • https://d5p.de17a.com/getuid/smartclip?uuid=299c18e2-30db-4c72-83a8-43b4a276d378
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=2896608677147992573&uuid=299c18e2-30db-4c72-83a8-43b4a276d378
42 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=2896608677147992573&uuid=299c18e2-30db-4c72-83a8-43b4a276d378
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.138.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-138-105.eu-west-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 12:42:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length
42
Content-Type
image/gif

Redirect headers

status
302
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=2896608677147992573&uuid=299c18e2-30db-4c72-83a8-43b4a276d378
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame 912C
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=2896608677147992573&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=2896608677147992573&expires=30
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=2896608677147992573&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.139.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-139-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 13 Feb 2020 12:42:58 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Thu, 13 Feb 2020 12:42:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=2896608677147992573&expires=30
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
dmp.adform.net/serving/cookie/ Frame 912C
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=2896608677147992573
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=2896608677147992573
35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=2896608677147992573
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
location
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=2896608677147992573
status
302
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
expires
-1
2896608677147992573
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame 912C 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/delta/2896608677147992573
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.39.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-39-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:42:58 GMT
server
nginx
access-control-allow-origin
*
allow
GET
p3p
CP="CUR IVDo OUR IND"
status
200
cache-control
no-store, no-transform
access-control-allow-credentials
true
content-type
text/html
content-length
0
rum
dsum.casalemedia.com/ Frame 912C
Redirect Chain
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778&C=1
43 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778&C=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 12:42:58 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 Feb 2020 12:42:58 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 12:42:58 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Thu, 13 Feb 2020 12:42:58 GMT
/
www.facebook.com/tr/ 		44 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1132819503425502&ev=Microdata&dl=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&rl=&if=false&ts=1581597779064&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Medlemsfordeler%20%7C%20NITO%22%2C%22meta%3Adescription%22%3A%22Meld%20deg%20inn%20i%20NITO%20og%20f%C3%A5%20fantastiske%20medlemsfordeler.%20Vi%20bidrar%20til%20at%20du%20lykkes%20i%20arbeidslivet!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Medlemsfordeler%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F%22%2C%22og%3Asite_name%22%3A%22NITO%22%2C%22og%3Alocale%22%3A%22nb_NO%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.nito.no%2F%2FUI%2Fnito-green.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%222008%22%2C%22og%3Aimage%3Aheight%22%3A%221181%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Adescription%22%3A%22Meld%20deg%20inn%20i%20NITO%20og%20f%C3%A5%20fantastiske%20medlemsfordeler.%20Vi%20bidrar%20til%20at%20du%20lykkes%20i%20arbeidslivet!%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A2693%2C%22w%22%3A1585%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A49%2C%22w%22%3A386%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2F%22%2C%22sameas%22%3A%22https%3A%2F%2Ftwitter.com%2FNITOnorge%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581597778561.1893232068&it=1581597778455&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nito.no/medlemsfordel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 12:42:59 GMT, Thu, 13 Feb 2020 12:42:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 13 Feb 2020 12:42:59 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| epi function| $ function| jQuery function| $$epiforms object| dataLayer object| nito number| ZIP_LENGTH object| addresses string| zipcode string| originalZip number| totalSavings function| onBegin function| onSuccess object| Modernizr function| yepnope boolean| PR_SHOULD_USE_CONTINUATION object| PR number| googleLT_ object| google object| ca function| google_exportSymbol function| google_exportProperty function| FindApi object| api object| google_tag_manager function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| snaptr object| _d7 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Typekit object| _sz object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| La boolean| K

13 Cookies

Domain/Path Name / Value
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIJIiMc3ToFRxvOw3FtyiWSplkChZNbOzCPvC66FaHekYEenyyIOoFMgAAAA==
.nito.no/ Name: _hjid
Value: 5231a9e9-e543-4047-82cb-fcb2b27febbc
.www.nito.no/ Name: nmstat
Value: 1581597832203
www.nito.no/ Name: .EPiForm_BID
Value: 1e401a30-bf48-496b-86ab-63c18e8aa691
www.nito.no/ Name: _scid
Value: 06f8b62c-4682-4cad-bf58-ab0ded1ecafb
.nito.no/ Name: _gat_UA-38034439-1
Value: 1
www.nito.no/ Name: .EPiForm_VisitorIdentifier
Value: 1e401a30-bf48-496b-86ab-63c18e8aa691:
.nito.no/ Name: _fbp
Value: fb.1.1581597778561.1893232068
.nito.no/ Name: _gid
Value: GA1.2.383151638.1581597778
.nito.no/ Name: _ga
Value: GA1.2.1988684192.1581597778
www.nito.no/ Name: __RequestVerificationToken
Value: aFrUQ-sfmuUbK17NJNIpp7T-yP9tTaFzL4qKlFeickfcYV3WLgfFf7jsHXa3i_VSbK0jn1-AqJH8WIXOmfpLS8WPYRw1
www.nito.no/ Name: NITO.Web
Value: srovomb0fjdng2dc3mg1tlgq
www.nito.no/ Name: EPi_NumberOfVisits
Value: 1,2020-02-13T12:42:57

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.sxp.smartclip.net
ajax.aspnetcdn.com
cdn.rawgit.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dl.episerver.net
dmp.adform.net
dsum.casalemedia.com
eu2.siteimprove.com
google.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
ingeniorforsikringen.com
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
sc-static.net
script.hotjar.com
siteimproveanalytics.com
static.hotjar.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tb.de17a.com
tr.snapchat.com
use.typekit.net
usermatch.targeting.unrulymedia.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nito.no
x.bidswitch.net
13.224.196.99
137.221.25.173
147.75.32.125
147.75.33.229
151.139.237.11
152.199.19.160
172.217.16.130
172.217.18.98
18.185.147.201
18.195.103.23
185.33.223.100
185.64.190.80
185.94.180.125
213.155.156.184
213.155.156.188
23.210.249.164
2606:4700:20::6819:8976
2606:4700::6812:1276
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.156.139.187
35.158.17.58
35.186.226.184
37.157.6.251
5.249.226.243
52.215.39.229
54.154.138.105
69.173.144.139
95.100.67.47
00a74242d765949521595766e36317ed8aeb7662cd9388e4a41e229b21346e49
0615c152fcf16df7c7996b666eabba5d9883522abe792e0643d4b06c0414a5c4
0f52ed865045951d041dd225ddbe2ef628edfb47e3d72fb5f1380a1384673596
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15b99767f2cadf6fec107c762c06e967e00e6628db5a7d061ac68386f8eda894
194c08aa690e538ff7d9d7bf2d5dc31249b64f70e70080b2e2f1a7a044c260b7
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2042da5301e21c18e852e6f9160bc27eef4b596c246c7d0c5338beec7b6d479f
209e09dcfa63dddfe6afe5d0b3f7fb71efc7c69b0ebd40b373f2a7b6858f00a6
2d7cc2c9c9fef717010fcfa8fa6518079eaec1e63975a74b4fb78afb14d6ee5e
34beb8307459d04719789002534a6749e1b7a40021de510bebcbc550d6507006
39492f3c9f87d34d4d53b7fa1fc66d5003f986552288bb55ac10e7507d4c69dd
3f5aeae6c6ef3afa10681c4216eabc616547959e7808bfa32abeb6e4dc3f0641
41bb54c5e41bfff348c98ec5a29df6dff1b3f220e5b25284943907efaf7cd041
4a85a057330bbc6272c3dd4c02a15317b08a92b4de7514d9fda7d8cbf82a3cac
4bb036e74f572fccd8fd3aed6e22c0b6c94ddf5e89defbea17223a5dba65c3f3
50cd27879f03f1b1a0c173b14e4f30390362555145ecd8169d65d84e5fb6c055
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fa244915db525309e37d39ceee94ee3a293271521eb6a54ddbf9ce52016aa30
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67009cbab87524f2aeeb300e203df865d516f51de59e348bd8ff8ffcf749c185
6a7ae939e260af438d3575a1b5d7afff2c6b61158c41beffbe67aaa775190982
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
7de8582bfa70bfc9474928687649c6efb6dc990fab02a7820d0b9b522c7edea1
7e512e701c7161e382eb9527db3e1c98f8ebd95c63a007c5e0b3e7b59d8984dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88631002de22ef14f69ae8fe9fee2aca7961ea3a5252061c90d1b91f7204ecb5
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
911a14b76abc9a678ccc4631328c89f1f032e046057e06cd345204e0497e9aac
959f66f6e008e35a2ab1e0a71fbf7d18f6c176b6f21191f120f3110036687491
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d9ba5a6b309045593e83fc986e1e2005bd9a62801cfa53eeb9e11f7ffb01f41
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b729c6ac5558f689ca28d900ae12a104541ebc5eda7137d0a51d1dce03a22bcf
b76b762449fb02021faa1d530ec3c8bac1eb68ca6e76354f93146195444a2a94
bad2e26702eceba676342679bcdd5a6ed966b10c29e82417ea6b6d5b77ec4006
bf6c8a881f4bd7d9c5603d03bae689541c6dd16abfd800912f46422e575f6902
c5587a9738a42e7fd16ba969bde78a2edefab3fa5a650342ec2a9b6dacfba34b
cd1720f7e0118c1d739e71a3118b686372e1f76b1760553feca5f1b8910e425b
ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec41d04f5214f930f6451d9f7ac31c21923206440e3cb81e95f3df4bc16df78b
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6d1d72f15e800c404e4cf5dd570c0c761bc2b8a3d9af802bbc367dfca58efc